www.1mg.com Open in urlscan Pro
2606:4700:10::6814:d632 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://ltvsnl2.ltncapp01.com/vtrack?clientid=16128&ul=AlFWA1ELUlVPUUhYVFlDDx0HWRJRWkVVcVkCXAEKUgReDktWDlUdDVIKQVobVlcQWwxKAHl...
Effective URL:
https://www.1mg.com/categories/winter-care-65?referrer=singular_click_id%3Dec044b40-c901-4909-81a0-c483b7382d27&utm_...
Submission: On November 29 via api (November 29th 2024, 4:31:36 am UTC) from IN — Scanned from DE

Summary HTTP 171 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 64 IPs in 10 countries across 51 domains to perform 171 HTTP transactions. The main IP is 2606:4700:10::6814:d632, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.1mg.com. The Cisco Umbrella rank of the primary domain is 389025.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on April 25th 2024. Valid for: a year.

This is the only time www.1mg.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	35.154.156.157 35.154.156.157	16509 (AMAZON-02) (AMAZON-02)
1 1	184.24.77.69 184.24.77.69	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
14	2606:4700:10:... 2606:4700:10::6814:d632	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:10:... 2606:4700:10::ac43:127a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	2a02:26f0:480... 2a02:26f0:480:d::210:f157	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
1	2a04:4e42:600... 2a04:4e42:600::729	54113 (FASTLY) (FASTLY)
2	2600:9000:275... 2600:9000:275d:2200:16:a497:9700:93a1	16509 (AMAZON-02) (AMAZON-02)
2	157.240.0.6 157.240.0.6	32934 (FACEBOOK) (FACEBOOK)
42	104.18.27.62 104.18.27.62	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:1022	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	157.240.253.35 157.240.253.35	32934 (FACEBOOK) (FACEBOOK)
2	18.245.31.30 18.245.31.30	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:400... 2a04:4e42:400::729	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6810:5049	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	15.207.65.151 15.207.65.151	16509 (AMAZON-02) (AMAZON-02)
2	35.201.112.186 35.201.112.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:33:1... 2620:1ec:33:1::10	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	172.217.18.4 172.217.18.4	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:278... 2a02:26f0:2780:6::214:f58b	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
1 6	2600:9000:264... 2600:9000:2644:5e00:6:9280:1080:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a02:6ea0:c70... 2a02:6ea0:c700::112	60068 (CDN77 Dat...) (CDN77 Datacamp Limited)
2	143.204.98.95 143.204.98.95	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE Criteo Technology SAS)
1	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	142.250.186.166 142.250.186.166	15169 (GOOGLE) (GOOGLE)
1	142.250.185.70 142.250.185.70	15169 (GOOGLE) (GOOGLE)
1 6	103.132.192.30 103.132.192.30	138552 (RTBHOUSE-...) (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD.)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
1	142.250.186.67 142.250.186.67	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
1 2	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE Criteo Technology SAS)
1	2a05:d018:cc3... 2a05:d018:cc3:fe05:6a2c:6133:165d:73e6	16509 (AMAZON-02) (AMAZON-02)
2	2.16.10.154 2.16.10.154	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
1	142.250.186.78 142.250.186.78	15169 (GOOGLE) (GOOGLE)
2	2600:9000:206... 2600:9000:206f:c200:1e:6c7e:cb00:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE Criteo Technology SAS)
1	182.161.74.16 182.161.74.16	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
1	35.214.136.108 35.214.136.108	19527 (GOOGLE-2) (GOOGLE-2)
2 4	185.89.210.122 185.89.210.122	29990 (ASN-APPNEX) (ASN-APPNEX)
1	217.182.178.233 217.182.178.233	16276 (OVH OVH SAS) (OVH OVH SAS)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-A...) (TABOOLA-AS Taboola.com ltd)
1 2	104.18.26.193 104.18.26.193	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	99.80.224.190 99.80.224.190	16509 (AMAZON-02) (AMAZON-02)
1	162.19.138.82 162.19.138.82	16276 (OVH OVH SAS) (OVH OVH SAS)
1	54.194.57.148 54.194.57.148	16509 (AMAZON-02) (AMAZON-02)
1	34.117.157.22 34.117.157.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	184.30.20.22 184.30.20.22	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.157.199.229 18.157.199.229	16509 (AMAZON-02) (AMAZON-02)
1	100.21.100.53 100.21.100.53	16509 (AMAZON-02) (AMAZON-02)
1	64.202.112.31 64.202.112.31	23352 (SERVERCEN...) (SERVERCENTRAL)
1	185.64.191.210 185.64.191.210	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	18.184.206.66 18.184.206.66	16509 (AMAZON-02) (AMAZON-02)
1	104.75.89.75 104.75.89.75	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:1f18:612... 2600:1f18:612b:4280:1608:aadf:86e5:f14f	14618 (AMAZON-AES) (AMAZON-AES)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1	85.215.5.31 85.215.5.31	6786 (CRONON-BE...) (CRONON-BERLIN-AS Cronon GmbH)
1	52.214.170.42 52.214.170.42	16509 (AMAZON-02) (AMAZON-02)
1	3.127.101.141 3.127.101.141	16509 (AMAZON-02) (AMAZON-02)
2 3	46.228.174.117 46.228.174.117	56396 (Amobee NE...) (Amobee NEXXEN GROUP LTD)
1	35.186.194.58 35.186.194.58	15169 (GOOGLE) (GOOGLE)
171	64

1 35.154.156.157 (Mumbai, India) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-154-156-157.ap-south-1.compute.amazonaws.com

ltvsnl2.ltncapp01.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.24.77.69 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a184-24-77-69.deploy.static.akamaitechnologies.com

onemg.sng.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700:10::6814:d632 (United States)

ASN13335 (CLOUDFLARENET, US)

www.1mg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.1mg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:10::ac43:127a (United States)

ASN13335 (CLOUDFLARENET, US)

assets.1mg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a02:26f0:480:d::210:f157 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)

accounts.tatadigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.tatadigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::729 (United States)

ASN54113 (FASTLY, US)

browser.sentry-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:275d:2200:16:a497:9700:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.rudderlabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

42 104.18.27.62 (None, )

ASN13335 (CLOUDFLARENET, US)

onemg.gumlet.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1022 (United States)

ASN13335 (CLOUDFLARENET, US)

static.legitscript.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 157.240.253.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-fra5.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.245.31.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-31-30.fra56.r.cloudfront.net

api.rudderstack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::729 (United States)

ASN54113 (FASTLY, US)

cdn.ravenjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5049 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 15.207.65.151 (Mumbai, India)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-207-65-151.ap-south-1.compute.amazonaws.com

rudderapi.1mg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.112.186 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.112.201.35.bc.googleusercontent.com

edge.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:33:1::10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.4 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:2780:6::214:f58b (Netherlands)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)

web-sdk-cdn.singular.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:2644:5e00:6:9280:1080:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::112 (Frankfurt am Main, Germany)

ASN60068 (CDN77 Datacamp Limited, GB)

tags.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.98.95 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-95.fra50.r.cloudfront.net

www.notifyvisitors.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.166 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net

14719398.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 103.132.192.30 (Singapore) 1 redirects

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net

asia.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:cc3:fe05:6a2c:6133:165d:73e6 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.16.10.154 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a2-16-10-154.deploy.static.akamaitechnologies.com

sdk-api-v1.singular.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.78 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:206f:c200:1e:6c7e:cb00:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.notifyvisitors.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.9 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 182.161.74.16 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

widget.as.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.214.136.108 (Groningen, Netherlands)

ASN19527 (GOOGLE-2, US)
PTR: 108.136.214.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.89.210.122 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.182.178.233 (France)

ASN16276 (OVH OVH SAS, FR)
PTR: ip233.ip-217-182-178.eu

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS Taboola.com ltd, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.26.193 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.80.224.190 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-224-190.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.82 (Frankfurt am Main, Germany)

ASN16276 (OVH OVH SAS, FR)
PTR: ns31532337.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.194.57.148 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-57-148.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com

matching.ivitrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.20.22 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-22.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.157.199.229 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-199-229.eu-central-1.compute.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 100.21.100.53 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-100-21-100-53.us-west-2.compute.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.202.112.31 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.184.206.66 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-206-66.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.75.89.75 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-89-75.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4280:1608:aadf:86e5:f14f (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

criteo-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.215.5.31 (Germany)

ASN6786 (CRONON-BERLIN-AS Cronon GmbH, DE)

a.twiago.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.214.170.42 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-170-42.eu-west-1.compute.amazonaws.com

sync-criteo.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.127.101.141 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-101-141.eu-central-1.compute.amazonaws.com

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 46.228.174.117 (United Kingdom) 2 redirects

ASN56396 (Amobee NEXXEN GROUP LTD, GB)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.194.58 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 58.194.186.35.bc.googleusercontent.com

rs.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
42	gumlet.io onemg.gumlet.io — Cisco Umbrella Rank: 519796	421 KB
22	1mg.com www.1mg.com — Cisco Umbrella Rank: 389025 assets.1mg.com — Cisco Umbrella Rank: 582177 rudderapi.1mg.com — Cisco Umbrella Rank: 589529	1 MB
19	tatadigital.com accounts.tatadigital.com — Cisco Umbrella Rank: 341111 api.tatadigital.com — Cisco Umbrella Rank: 359913	34 KB
7	creativecdn.com 1 redirects tags.creativecdn.com — Cisco Umbrella Rank: 6061 asia.creativecdn.com — Cisco Umbrella Rank: 24543	4 KB
7	adroll.com 1 redirects s.adroll.com — Cisco Umbrella Rank: 3645 d.adroll.com — Cisco Umbrella Rank: 1673	121 KB
6	doubleclick.net 1 redirects 14719398.fls.doubleclick.net — Cisco Umbrella Rank: 587988 ad.doubleclick.net — Cisco Umbrella Rank: 145 stats.g.doubleclick.net — Cisco Umbrella Rank: 135 cm.g.doubleclick.net — Cisco Umbrella Rank: 284	2 KB
5	criteo.com 2 redirects gum.criteo.com — Cisco Umbrella Rank: 450 sslwidget.criteo.com — Cisco Umbrella Rank: 2375 widget.as.criteo.com — Cisco Umbrella Rank: 52900 dis.criteo.com — Cisco Umbrella Rank: 702	6 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	452 KB
4	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 281	4 KB
4	notifyvisitors.com www.notifyvisitors.com — Cisco Umbrella Rank: 194902 cdn.notifyvisitors.com — Cisco Umbrella Rank: 200174	52 KB
4	singular.net web-sdk-cdn.singular.net — Cisco Umbrella Rank: 13548 sdk-api-v1.singular.net — Cisco Umbrella Rank: 4609	48 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36 region1.google-analytics.com — Cisco Umbrella Rank: 3353	22 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 120	422 B
3	google.com www.google.com — Cisco Umbrella Rank: 3 ampcid.google.com — Cisco Umbrella Rank: 6635 region1.analytics.google.com — Cisco Umbrella Rank: 4108	987 B
3	fullstory.com edge.fullstory.com — Cisco Umbrella Rank: 2093 rs.fullstory.com — Cisco Umbrella Rank: 2203	92 KB
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 513	739 B
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 262	1 KB
2	casalemedia.com 1 redirects r.casalemedia.com — Cisco Umbrella Rank: 1967	2 KB
2	google.de www.google.de — Cisco Umbrella Rank: 10745 ampcid.google.de — Cisco Umbrella Rank: 205858	428 B
2	bing.net bat.bing.net — Cisco Umbrella Rank: 8327	466 B
2	bing.com bat.bing.com — Cisco Umbrella Rank: 359	15 KB
2	rudderstack.com api.rudderstack.com — Cisco Umbrella Rank: 8301	2 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 192	80 KB
2	rudderlabs.com cdn.rudderlabs.com — Cisco Umbrella Rank: 9872	42 KB
1	unrulymedia.com sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1246	378 B
1	emxdgt.com e1.emxdgt.com — Cisco Umbrella Rank: 2034	44 B
1	yieldmo.com sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 3004	38 B
1	twiago.com a.twiago.com — Cisco Umbrella Rank: 56696	153 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 429	140 B
1	tremorhub.com criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2884	397 B
1	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 2996	163 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 530	58 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 419	239 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 920	225 B
1	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 897	218 B
1	postrelease.com jadserve.postrelease.com — Cisco Umbrella Rank: 1040	423 B
1	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1697	878 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 724	834 B
1	ivitrack.com matching.ivitrack.com — Cisco Umbrella Rank: 15557	265 B
1	360yield.com ad.360yield.com — Cisco Umbrella Rank: 800	199 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 533	1 KB
1	taboola.com sync-t1.taboola.com — Cisco Umbrella Rank: 1988	99 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 739	114 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 393	183 B
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 793	16 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 617	7 KB
1	ravenjs.com cdn.ravenjs.com — Cisco Umbrella Rank: 10932	8 KB
1	legitscript.com static.legitscript.com — Cisco Umbrella Rank: 30790	14 KB
1	sentry-cdn.com browser.sentry-cdn.com — Cisco Umbrella Rank: 4270	27 KB
1	sng.link 1 redirects onemg.sng.link	506 B
1	ltncapp01.com 1 redirects ltvsnl2.ltncapp01.com	398 B
171	51

	Domain	Requested by
42	onemg.gumlet.io	www.1mg.com
18	api.tatadigital.com	accounts.tatadigital.com
11	assets.1mg.com	www.1mg.com
7	www.1mg.com	www.1mg.com assets.1mg.com accounts.tatadigital.com
6	asia.creativecdn.com	1 redirects www.1mg.com tags.creativecdn.com
6	s.adroll.com	1 redirects www.googletagmanager.com www.1mg.com s.adroll.com
5	www.googletagmanager.com	www.1mg.com www.googletagmanager.com
4	ib.adnxs.com	2 redirects
4	rudderapi.1mg.com	accounts.tatadigital.com
4	www.facebook.com	www.1mg.com
3	www.google-analytics.com	www.googletagmanager.com accounts.tatadigital.com www.1mg.com
2	sync.1rx.io	2 redirects
2	dpm.demdex.net	1 redirects
2	r.casalemedia.com	1 redirects
2	cdn.notifyvisitors.com	www.notifyvisitors.com cdn.notifyvisitors.com
2	sdk-api-v1.singular.net	accounts.tatadigital.com
2	gum.criteo.com	1 redirects static.criteo.net
2	stats.g.doubleclick.net	www.googletagmanager.com accounts.tatadigital.com
2	14719398.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	bat.bing.net	bat.bing.com www.1mg.com
2	www.notifyvisitors.com	www.1mg.com cdn.notifyvisitors.com
2	web-sdk-cdn.singular.net	www.googletagmanager.com web-sdk-cdn.singular.net
2	bat.bing.com	www.1mg.com bat.bing.com
2	edge.fullstory.com	cdn.rudderlabs.com accounts.tatadigital.com
2	api.rudderstack.com	accounts.tatadigital.com
2	connect.facebook.net	www.1mg.com connect.facebook.net
2	cdn.rudderlabs.com	www.1mg.com cdn.rudderlabs.com
1	rs.fullstory.com	accounts.tatadigital.com
1	sync.targeting.unrulymedia.com
1	e1.emxdgt.com
1	sync-criteo.ads.yieldmo.com
1	a.twiago.com
1	eb2.3lift.com
1	criteo-partners.tremorhub.com
1	criteo-sync.teads.tv
1	match.sharethrough.com
1	pixel.rubiconproject.com
1	simage2.pubmatic.com
1	sync.outbrain.com
1	jadserve.postrelease.com
1	exchange.mediavine.com
1	contextual.media.net
1	matching.ivitrack.com
1	ad.360yield.com
1	id5-sync.com
1	sync-t1.taboola.com
1	rtb-csync.smartadserver.com
1	dis.criteo.com
1	x.bidswitch.net
1	cm.g.doubleclick.net
1	widget.as.criteo.com	www.1mg.com
1	sslwidget.criteo.com	1 redirects
1	d.adroll.com	s.adroll.com
1	ampcid.google.de	accounts.tatadigital.com
1	www.google.de	www.1mg.com
1	region1.analytics.google.com	accounts.tatadigital.com
1	region1.google-analytics.com	accounts.tatadigital.com
1	ad.doubleclick.net	www.1mg.com
1	ampcid.google.com	accounts.tatadigital.com
1	static.criteo.net	www.googletagmanager.com
1	tags.creativecdn.com	www.googletagmanager.com
1	www.google.com	www.googletagmanager.com
1	static.cloudflareinsights.com	www.1mg.com
1	cdn.ravenjs.com	www.1mg.com
1	static.legitscript.com	www.1mg.com
1	browser.sentry-cdn.com	www.1mg.com
1	accounts.tatadigital.com	www.1mg.com
1	onemg.sng.link	1 redirects
1	ltvsnl2.ltncapp01.com	1 redirects
171	69

This site contains links to these domains. Also see Links.

Domain
partners.1mg.com
www.facebook.com
www.instagram.com
twitter.com
www.youtube.com
www.linkedin.com
medium.com
play.google.com
itunes.apple.com
legitscript.com

Subject Issuer	Validity	Valid
*.1mg.com Go Daddy Secure Certificate Authority - G2	`2024-04-25` - `2025-04-25`	a year	crt.sh
api.tatadigital.com R11	`2024-11-06` - `2025-02-04`	3 months	crt.sh
*.sentry-cdn.com GlobalSign Atlas R3 DV TLS CA 2024 Q2	`2024-06-04` - `2025-07-06`	a year	crt.sh
*.rudderlabs.com Amazon RSA 2048 M03	`2024-05-14` - `2025-06-12`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-09-07` - `2024-12-06`	3 months	crt.sh
gumlet.io WE1	`2024-10-23` - `2025-01-21`	3 months	crt.sh
legitscript.com WE1	`2024-10-08` - `2025-01-06`	3 months	crt.sh
*.rudderstack.com Amazon RSA 2048 M02	`2024-09-21` - `2025-10-18`	a year	crt.sh
cdn.ravenjs.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-03-06` - `2025-04-07`	a year	crt.sh
cloudflareinsights.com WE1	`2024-11-01` - `2025-01-30`	3 months	crt.sh
edge.fullstory.com WR3	`2024-10-20` - `2025-01-18`	3 months	crt.sh
*.google-analytics.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
www.bing.com Microsoft Azure RSA TLS Issuing CA 03	`2024-09-16` - `2025-03-15`	6 months	crt.sh
*.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.singular.net DigiCert TLS RSA SHA256 2020 CA1	`2024-03-06` - `2025-03-06`	a year	crt.sh
s.adroll.com Amazon RSA 2048 M02	`2024-05-03` - `2025-06-01`	a year	crt.sh
1589314308.rsc.cdn77.org E5	`2024-10-16` - `2025-01-14`	3 months	crt.sh
notifyvisitors.com Amazon RSA 2048 M03	`2024-05-14` - `2025-06-12`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-09-24` - `2024-12-21`	3 months	crt.sh
bat.bing.net Microsoft Azure RSA TLS Issuing CA 07	`2024-10-27` - `2025-04-25`	6 months	crt.sh
*.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.creativecdn.com RapidSSL TLS RSA CA G1	`2024-04-05` - `2025-04-30`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.google.de WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-09-24` - `2024-12-25`	3 months	crt.sh
d.adroll.com Amazon RSA 2048 M02	`2024-09-09` - `2025-10-09`	a year	crt.sh
*.bidswitch.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-09-23` - `2024-12-21`	3 months	crt.sh
*.smartadserver.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-01-17` - `2025-01-16`	a year	crt.sh
*.taboola.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-07-30` - `2024-12-31`	5 months	crt.sh
id5-sync.com E6	`2024-11-11` - `2025-02-09`	3 months	crt.sh
*.360yield.com Amazon RSA 2048 M02	`2024-04-28` - `2025-05-27`	a year	crt.sh
itm.ivitrack.com R10	`2024-10-09` - `2025-01-07`	3 months	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2024-10-23` - `2025-10-22`	a year	crt.sh
exchange.mediavine.com Amazon RSA 2048 M02	`2024-05-06` - `2025-06-04`	a year	crt.sh
*.postrelease.com Amazon RSA 2048 M03	`2024-07-31` - `2025-08-30`	a year	crt.sh
*.outbrain.com Thawte TLS RSA CA G1	`2024-11-13` - `2025-12-02`	a year	crt.sh
*.pubmatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-03-19` - `2025-04-19`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2024-07-30` - `2025-04-03`	8 months	crt.sh
*.sharethrough.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-07-15` - `2025-08-15`	a year	crt.sh
teads.tv R10	`2024-11-25` - `2025-02-23`	3 months	crt.sh
*.tremorhub.com Amazon RSA 2048 M03	`2024-01-24` - `2025-02-21`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2024-03-13` - `2025-04-11`	a year	crt.sh
*.twiago.com Sectigo RSA Domain Validation Secure Server CA	`2023-12-07` - `2025-01-06`	a year	crt.sh
*.ads.yieldmo.com Amazon RSA 2048 M03	`2024-03-04` - `2025-04-03`	a year	crt.sh
*.emxdgt.com Amazon RSA 2048 M03	`2024-04-02` - `2025-05-01`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2024-02-14` - `2025-03-16`	a year	crt.sh
rs.fullstory.com WR3	`2024-10-22` - `2025-01-20`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://www.1mg.com/categories/winter-care-65?referrer=singular_click_id%3Dec044b40-c901-4909-81a0-c483b7382d27&utm_campaign=winter_care_dweb&utm_medium=emailer_NC&utm_source=emailer_NC
Frame ID: 75FD21FBCE16B5C3A28FF26AB105D6AB
Requests: 125 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4bj0/sw_iframe.html?origin=https%3A%2F%2Fwww.1mg.com
Frame ID: D8F2CB1A69E6C2E8982D1D24DE5E0430
Requests: 1 HTTP requests in this frame

Frame: https://14719398.fls.doubleclick.net/activityi;dc_pre=CJ3zpuLagIoDFUOPgwcd558Yrg;src=14719398;type=invmedia;cat=tata100;ord=0feb20bd-bf91-4838-931f-9ea1ad4c1fb9_kqppYYIUAS_2934_1732854688824;npa=1;auiddc=844245749.1732854691;ps=1;pcor=1451025031;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bk0v9191331500z86472178za201zb6472178;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=101925629~102067555~102067808~102077855~102081485;epver=2;~oref=https%3A%2F%2Fwww.1mg.com%2Fcategories%2Fwinter-care-65%3Freferrer%3Dsingular_click_id%253Dec044b40-c901-4909-81a0-c483b7382d27%26utm_campaign%3Dwinter_care_dweb%26utm_medium%3Demailer_NC%26utm_source%3Demailer_NC
Frame ID: EAD5E9F9852126584A1541551E0E7AC9
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.1mg.com&origin=onetag
Frame ID: 416180096D23FEF85F027BC47211D680
Requests: 1 HTTP requests in this frame

Frame: https://cdn.notifyvisitors.com/js/chosen/jquery_v3.js
Frame ID: 058CBB2152E2ED0A333354E2E7267BD1
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-uiHyplQ6gDmreUTeO8vnfyaJin7OqFjPMp5jGg&google_cm&google_hm=ay11aUh5cGxRNmdEbXJlVVRlTzh2bmZ5YUppbjdPcUZqUE1wNWpHZw
Frame ID: D339B875CD876AE284F361763CD79150
Requests: 25 HTTP requests in this frame

Frame: https://asia.creativecdn.com/ig-membership?ntk=wIrhrfLtP1P6tooDxw_ZvCN3wNF278cBg_q8UqJMqCUPxM4sv5VzEi_g2C9LIsb44KOBkzTmvFt98BndL7hF3MtY4X3Lrc4uHMvgixkieoo
Frame ID: EDF1381059F321306818696514485421
Requests: 1 HTTP requests in this frame

Frame: https://asia.creativecdn.com/topics-membership?ntk=XO60xwt55n_WcjicvjUSHmfN7JzwYJn8HtIvIEnJ9NPkiH4c4qqahVlaGWWMFNOjjZHDVeGOuwzmgYnwi1hNCPf0H-CJ5U01_yLhpIXS8q8
Frame ID: ABCA685D646009F183828852AD2C90FF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Winter Care : Buy Winter Care Products Online in India | 1mg

Page URL History Show full URLs

https://ltvsnl2.ltncapp01.com/vtrack?clientid=16128&ul=AlFWA1ELUlVPUUhYVFlDDx0HWRJRWkVVcVkCXAEKUgReDktWDlU... HTTP 302
https://onemg.sng.link/Axji9/e7u1?_ios_dl=onemg%3A%2F%2Fwww.1mg.com%2Fcategories%2Fwinter-care-65%3... HTTP 302
https://www.1mg.com/categories/winter-care-65?referrer=singular_click_id%3Dec044b40-c901-4909-81... Page URL

Detected technologies

Sentry (Issue Trackers) Expand

Overall confidence: 100%
Detected patterns

browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:a|s)\.adroll\.com

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Criteo (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

//static\.criteo\.net/js/ld/ld\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

171
Requests

96 %
HTTPS

36 %
IPv6

51
Domains

69
Subdomains

64
IPs

10
Countries

2725 kB
Transfer

9459 kB
Size

78
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://partners.1mg.com/
Title: Business Partnership

Search URL Search Domain Scan URL

URL: https://www.facebook.com/1mgOfficial

Search URL Search Domain Scan URL

URL: https://www.instagram.com/1mgofficialpage/

Search URL Search Domain Scan URL

URL: https://twitter.com/1mgofficial

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/1mgofficial

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/1mg

Search URL Search Domain Scan URL

URL: https://medium.com/1mgofficial

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.aranoah.healthkart.plus

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/in/app/1mg/id554578419?mt=8

Search URL Search Domain Scan URL

URL: https://legitscript.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://ltvsnl2.ltncapp01.com/vtrack?clientid=16128&ul=AlFWA1ELUlVPUUhYVFlDDx0HWRJRWkVVcVkCXAEKUgReDktWDlUdDVIKQVobVlcQWwxKAHlcVF1SWQNUDAgeBl8IGQ==&ml=AVJTDVkIUVJPUUgHBgQDWwof&sl=chkmSTRrHTB+NUhaQURFDV9RFg1NW1RVQUBRBEwAXwhMVQ==&pp=0&fl=WBERRRICTkxcD1FbUhxFDVRNVAhXXhh1SVoIDE0GBxAB&ext=X2lvc19kbD1vbmVtZyUzQSUyRiUyRnd3dy4xbWcuY29tJTJGY2F0ZWdvcmllcyUyRndpbnRlci1jYXJlLTY1JTNGdXRtX3NvdXJjZSUzRGVtYWlsZXJfTkMlMjZ1dG1fbWVkaXVtJTNEZW1haWxlcl9OQyUyNnV0bV9jYW1wYWlnbiUzRHdpbnRlcl9jYXJlX213ZWImX2FuZHJvaWRfZGw9b25lbWclM0ElMkYlMkZ3d3cuMW1nLmNvbSUyRmNhdGVnb3JpZXMlMkZ3aW50ZXItY2FyZS02NSUzRnV0bV9zb3VyY2UlM0RlbWFpbGVyX05DJTI2dXRtX21lZGl1bSUzRGVtYWlsZXJfTkMlMjZ1dG1fY2FtcGFpZ24lM0R3aW50ZXJfY2FyZV9hcHAmX3NtdHlwZT0z HTTP 302
https://onemg.sng.link/Axji9/e7u1?_ios_dl=onemg%3A%2F%2Fwww.1mg.com%2Fcategories%2Fwinter-care-65%3Futm_source%3Demailer_NC%26utm_medium%3Demailer_NC%26utm_campaign%3Dwinter_care_mweb&_android_dl=onemg%3A%2F%2Fwww.1mg.com%2Fcategories%2Fwinter-care-65%3Futm_source%3Demailer_NC%26utm_medium%3Demailer_NC%26utm_campaign%3Dwinter_care_app&_smtype=3&__sta=vhg.fjswogogoxsbhkqsz.unfsj%7CIFFQQYTI&__stm_medium=email&__stm_source=smartech HTTP 302
https://www.1mg.com/categories/winter-care-65?referrer=singular_click_id%3Dec044b40-c901-4909-81a0-c483b7382d27&utm_campaign=winter_care_dweb&utm_medium=emailer_NC&utm_source=emailer_NC Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 106

https://14719398.fls.doubleclick.net/activityi;src=14719398;type=invmedia;cat=tata100;ord=0feb20bd-bf91-4838-931f-9ea1ad4c1fb9_kqppYYIUAS_2934_1732854688824;npa=1;auiddc=844245749.1732854691;ps=1;pcor=1451025031;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bk0v9191331500z86472178za201zb6472178;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=101925629~102067555~102067808~102077855~102081485;epver=2;~oref=https%3A%2F%2Fwww.1mg.com%2Fcategories%2Fwinter-care-65%3Freferrer%3Dsingular_click_id%253Dec044b40-c901-4909-81a0-c483b7382d27%26utm_campaign%3Dwinter_care_dweb%26utm_medium%3Demailer_NC%26utm_source%3Demailer_NC HTTP 302
https://14719398.fls.doubleclick.net/activityi;dc_pre=CJ3zpuLagIoDFUOPgwcd558Yrg;src=14719398;type=invmedia;cat=tata100;ord=0feb20bd-bf91-4838-931f-9ea1ad4c1fb9_kqppYYIUAS_2934_1732854688824;npa=1;auiddc=844245749.1732854691;ps=1;pcor=1451025031;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bk0v9191331500z86472178za201zb6472178;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=101925629~102067555~102067808~102077855~102081485;epver=2;~oref=https%3A%2F%2Fwww.1mg.com%2Fcategories%2Fwinter-care-65%3Freferrer%3Dsingular_click_id%253Dec044b40-c901-4909-81a0-c483b7382d27%26utm_campaign%3Dwinter_care_dweb%26utm_medium%3Demailer_NC%26utm_source%3Demailer_NC

Request Chain 109

https://asia.creativecdn.com/tags/v2?type=json HTTP 307
https://asia.creativecdn.com/tags/v2?type=json&tc=1

Request Chain 110

https://s.adroll.com/j/pre/U4ZFS2QH4VB65A54O43AEQ/6PFMKMAZXFGFLMSXPCJHFF/fpconsent.js HTTP 302
https://s.adroll.com/j/pre/index.js

Request Chain 129

https://sslwidget.criteo.com/event?a=51601&v=5.29.0&otl=1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvl%26p%3D%255B910894%252C842751%252C470527%255D&p3=e%3Ddis&adce=1&bundle=nwZUWV84aE5rNkFlbEhDWmhMaHVwVm53bUFxTXdZajVhVGhvbiUyQkdNMVprM1MlMkZHaE4zUkZSWFFZTUtTc2xjUXl0QWQyblVOUk9iaFFXeUxTWHNDdTZET2NaVzdNa1Qyb0g5dERReGtTTG02SmlObzZGSjBtVHFYWndLaDNBSGl1RERyWEZHSDJ6V0g5RjFHZVRjdmMlMkJydzZDeXclM0QlM0Q&sc=%7B%22fbp%22%3A%22fb.1.1732854689902.950985894828236430%22%7D&tld=1mg.com&fu=https%253A%252F%252Fwww.1mg.com%252Fcategories%252Fwinter-care-65%253Freferrer%253Dsingular_click_id%25253Dec044b40-c901-4909-81a0-c483b7382d27%2526utm_campaign%253Dwinter_care_dweb%2526utm_medium%253Demailer_NC%2526utm_source%253Demailer_NC&ceid=f304e01c-ae60-4d14-98e5-ae70c35b5970 HTTP 302
https://widget.as.criteo.com/event?a=51601&v=5.29.0&otl=1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvl%26p%3D%255B910894%252C842751%252C470527%255D&p3=e%3Ddis&adce=1&bundle=nwZUWV84aE5rNkFlbEhDWmhMaHVwVm53bUFxTXdZajVhVGhvbiUyQkdNMVprM1MlMkZHaE4zUkZSWFFZTUtTc2xjUXl0QWQyblVOUk9iaFFXeUxTWHNDdTZET2NaVzdNa1Qyb0g5dERReGtTTG02SmlObzZGSjBtVHFYWndLaDNBSGl1RERyWEZHSDJ6V0g5RjFHZVRjdmMlMkJydzZDeXclM0QlM0Q&sc=%7B%22fbp%22%3A%22fb.1.1732854689902.950985894828236430%22%7D&tld=1mg.com&fu=https%253A%252F%252Fwww.1mg.com%252Fcategories%252Fwinter-care-65%253Freferrer%253Dsingular_click_id%25253Dec044b40-c901-4909-81a0-c483b7382d27%2526utm_campaign%253Dwinter_care_dweb%2526utm_medium%253Demailer_NC%2526utm_source%253Demailer_NC&ceid=f304e01c-ae60-4d14-98e5-ae70c35b5970

Request Chain 137

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=55440800775007504

Request Chain 140

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-ksVMmlQ6gDmreUTeO8vnfyaJin5cwqu43yb6OA HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-ksVMmlQ6gDmreUTeO8vnfyaJin5cwqu43yb6OA&C=1

Request Chain 141

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=uKKaVkV4ZZdsmlcEi1l1udqPqaRJyXwY HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=uKKaVkV4ZZdsmlcEi1l1udqPqaRJyXwY

Request Chain 158

https://sync.1rx.io/usersync/criteodsp/k-EFJKYFQ6gDmreUTeO8vnfyaJin6IxjXL0rsdMA HTTP 302
https://sync.1rx.io/usersync/criteodsp/k-EFJKYFQ6gDmreUTeO8vnfyaJin6IxjXL0rsdMA?zcc=1&cb=1732854692107 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-62a0486d-aec1-49cc-9e92-4d2d629a49b9-003

171 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request winter-care-65 Show response
www.1mg.com/categories/
Redirect Chain

https://ltvsnl2.ltncapp01.com/vtrack?clientid=16128&ul=AlFWA1ELUlVPUUhYVFlDDx0HWRJRWkVVcVkCXAEKUgReDktWDlUdDVIKQVobVlcQWwxKAHlcVF1SWQNUDAgeBl8IGQ==&ml=AVJTDVkIUVJPUUgHBgQDWwof&sl=chkmSTRrHTB+NUhaQU...
https://onemg.sng.link/Axji9/e7u1?_ios_dl=onemg%3A%2F%2Fwww.1mg.com%2Fcategories%2Fwinter-care-65%3Futm_source%3Demailer_NC%26utm_medium%3Demailer_NC%26utm_campaign%3Dwinter_care_mweb&_android_dl=o...
https://www.1mg.com/categories/winter-care-65?referrer=singular_click_id%3Dec044b40-c901-4909-81a0-c483b7382d27&utm_campaign=winter_care_dweb&utm_medium=emailer_NC&utm_source=emailer_NC

1 MB
189 KB

1171ms
1143ms

Document
text/html

2606:4700:10::6814:d632
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.1mg.com/categories/winter-care-65?referrer=singular_click_id%3Dec044b40-c901-4909-81a0-c483b7382d27&utm_campaign=winter_care_dweb&utm_medium=emailer_NC&utm_source=emailer_NC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:d632 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41c162cba678e7bba12764193043b8479932900e9e9d6b8e2d207c99248c8aa7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-expose-headers: TMP_HKP_USER_ID
cache-control: public
cf-cache-status: DYNAMIC
cf-ray: 8e9fde4aeea2dcaa-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 29 Nov 2024 04:31:29 GMT
pragma: public
server: cloudflare
server-timing: cfCacheStatus;desc="DYNAMIC"
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
visitor-id: 0feb20bd-bf91-4838-931f-9ea1ad4c1fb9_kqppYYIUAS_2934_1732854688824
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-visitor-id: 0feb20bd-bf91-4838-931f-9ea1ad4c1fb9_kqppYYIUAS_2934_1732854688824
x-xss-protection: 1; mode=block

Redirect headers

cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
content-length: 196
content-type: text/html; charset=utf-8
date: Fri, 29 Nov 2024 04:31:28 GMT
expires: Fri, 29 Nov 2024 04:31:28 GMT
location: https://www.1mg.com/categories/winter-care-65?referrer=singular_click_id%3Dec044b40-c901-4909-81a0-c483b7382d27&utm_campaign=winter_care_dweb&utm_medium=emailer_NC&utm_source=emailer_NC
pragma: no-cache
strict-transport-security: max-age=31536000;
vary: Accept-Encoding

GET
H2 200 ClearSans-Regular.woff2
assets.1mg.com/hkp/1.0.0/static/css/fonts/clearsans-1.00/WOFF2/ 44 KB
44 KB 66ms
27ms Font
application/octet-stream 2606:4700:10::ac43:127a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.1mg.com/hkp/1.0.0/static/css/fonts/clearsans-1.00/WOFF2/ClearSans-Regular.woff2
Requested by: Host: www.1mg.com
URL: https://www.1mg.com/categories/winter-care-65?referrer=singular_click_id%3Dec044b40-c901-4909-81a0-c483b7382d27&utm_campaign=winter_care_dweb&utm_medium=emailer_NC&utm_source=emailer_NC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:127a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 602358d68544ed2d54986ebd6ae716461cd6d68433e99f2e1ca63d2a284034c3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.1mg.com
Referer: https://www.1mg.com/

Response headers

access-control-max-age: 3000
content-encoding: br
cf-cache-status: HIT
etag: W/"4dd5d02bf54ad96ae7d03bf6cef6a966"
age: 267882
access-control-allow-methods: GET, HEAD
date: Fri, 29 Nov 2024 04:31:29 GMT
content-type: text/plain
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Tue, 19 Nov 2024 12:35:39 GMT
x-amz-id-2: LCoO1g7p/PD8bQ625nvVKoEc3/18ll9h0ePPseLdamSo/SeshVaVZ+liQAXFvQzO4gizdwjU6ITEfo5UpWKMAw==
cache-control: max-age=31536000
x-amz-request-id: SHB8AYNRRD4CQ1YH
cf-ray: 8e9fde5269255d66-FRA
access-control-allow-origin: *
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 tdl-sso-auth.js Show response
accounts.tatadigital.com/v2/ 74 KB
18 KB 96ms
26ms Script
application/javascript 2a02:26f0:480:d::210:f157
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.tatadigital.com/v2/tdl-sso-auth.js

Requested by

Host: www.1mg.com
URL: https://www.1mg.com/categories/winter-care-65?referrer=singular_click_id%3Dec044b40-c901-4909-81a0-c483b7382d27&utm_campaign=winter_care_dweb&utm_medium=emailer_NC&utm_source=emailer_NC

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:d::210:f157 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

0647850f13776adb50fe49d901c132604fe57986d537dc3f1669fcf34bcae0b1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.tatadigital.com https://tatadigital.com; connect-src 'self' https://.tatadigital.com https://tatadigital.com https://.google.com https://google.com tatadigitallimited.sc.omtrdc.net .go-mpulse.net https://.g.doubleclick.net analytics.google.com www.google-analytics.com dpm.demdex.net .clarity.ms .branch.io .linkedin.com .qualtrics.com .hotjar.io hotjar.com .akstat.io .facebook.com .bing.com; script-src 'self' 'unsafe-eval' https://.tatadigital.com https://tatadigital.com www.google.com .adobecqms.net assets.adobedtm.com s.go-mpulse.net www.gstatic.com .hotjar.com connect.facebook.net cdn.branch.io www.clarity.ms snap.licdn.com .siteintercept.qualtrics.com siteintercept.qualtrics.com www.googletagmanager.com .googleadservices.com https://.g.doubleclick.net app.link 'unsafe-inline'; style-src 'unsafe-inline'; img-src data: 'self' https://.tatadigital.com https://tatadigital.com https://.google.com https://.google.co.in .g.doubleclick.net .facebook.com .linkedin.com .everesttech.net .clarity.ms .googletagmanager.com *.bing.com; frame-src https://www.googletagmanager.com https://tatadigital.demdex.net https://td.doubleclick.net https://www.google.com https://www.facebook.com; report-to csp-endpoint
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1mg.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
reporting-endpoints: csp-endpoint="https://api.tatadigital.com/api/v1/sso-func/csp-report"
content-security-policy: default-src 'self' https://*.tatadigital.com https://tatadigital.com; connect-src 'self' https://*.tatadigital.com https://tatadigital.com https://*.google.com https://google.com tatadigitallimited.sc.omtrdc.net *.go-mpulse.net https://*.g.doubleclick.net analytics.google.com www.google-analytics.com dpm.demdex.net *.clarity.ms *.branch.io *.linkedin.com *.qualtrics.com *.hotjar.io hotjar.com *.akstat.io *.facebook.com *.bing.com; script-src 'self' 'unsafe-eval' https://*.tatadigital.com https://tatadigital.com www.google.com *.adobecqms.net assets.adobedtm.com s.go-mpulse.net www.gstatic.com *.hotjar.com connect.facebook.net cdn.branch.io www.clarity.ms snap.licdn.com *.siteintercept.qualtrics.com siteintercept.qualtrics.com www.googletagmanager.com *.googleadservices.com https://*.g.doubleclick.net app.link 'unsafe-inline'; style-src 'unsafe-inline'; img-src data: 'self' https://*.tatadigital.com https://tatadigital.com https://*.google.com https://*.google.co.in *.g.doubleclick.net *.facebook.com *.linkedin.com *.everesttech.net *.clarity.ms *.googletagmanager.com *.bing.com; frame-src https://www.googletagmanager.com https://tatadigital.demdex.net https://td.doubleclick.net https://www.google.com https://www.facebook.com; report-to csp-endpoint
cache-control: must-revalidate, max-age=600
content-encoding: br
etag: "672a0b9a-126ac"
x-content-type-options: nosniff
accept-ranges: bytes
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1732854689666_34664471_782217200_45_9845_9_26_146";dur=1
content-length: 16563
x-xss-protection: 1; mode=block
date: Fri, 29 Nov 2024 04:31:29 GMT
content-type: application/javascript
last-modified: Tue, 05 Nov 2024 17:53:29 GMT
server: Akamai Resource Optimizer

GET
H2 200 bundle.tracing.min.js Show response
browser.sentry-cdn.com/6.19.4/ 85 KB
27 KB 78ms
12ms Script
application/javascript 2a04:4e42:600::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.sentry-cdn.com/6.19.4/bundle.tracing.min.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

50f7b2d0b1f638bf9f70585de4d84165c069d490ad864f414363801c97e8451f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.1mg.com
Referer: https://www.1mg.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public, max-age=31536000
content-encoding: gzip
etag: "a627b527204d1e25ce8fe2e630b6054d"
age: 2651208
expires: Tue, 20 Aug 2024 13:10:45 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 26908
date: Fri, 29 Nov 2024 04:31:29 GMT
last-modified: Tue, 05 Apr 2022 07:19:38 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
server: Fastly

GET
H2 200 rudder-analytics.min.js Show response
cdn.rudderlabs.com/v1.1/ 124 KB
39 KB 168ms
114ms Script
application/javascript 2600:9000:275d:2200:16:a497:9700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rudderlabs.com/v1.1/rudder-analytics.min.js
Requested by: Host: www.1mg.com
URL: https://www.1mg.com/categories/winter-care-65?referrer=singular_click_id%3Dec044b40-c901-4909-81a0-c483b7382d27&utm_campaign=winter_care_dweb&utm_medium=emailer_NC&utm_source=emailer_NC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:2200:16:a497:9700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 30d3b6f18bd35158d72f39105a33567c183dfbd750b815320fa042b21439ca00

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1mg.com/

Response headers

vary: accept-encoding
cache-control: no-store
content-encoding: br
etag: W/"093a3a3c6732eff88c0ba137228aecfe"
via: 1.1 0b761d2a74b283528cf840bf9ce44b20.cloudfront.net (CloudFront)
alt-svc: h3=":443"; ma=86400
x-cache: RefreshHit from cloudfront
x-amz-cf-id: lBIaScdSDJ0OYHaDygtFL5JRYQ1picMIq6uaduzS9a7OLRo30Fl_Wg==
date: Fri, 29 Nov 2024 04:31:30 GMT
content-type: application/javascript
last-modified: Fri, 22 Nov 2024 16:43:47 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
x-amz-server-side-encryption: AES256

OPTIONS
H2 200 v2
api.tatadigital.com/analytics-engine/config/ Frame 0
0 273ms
185ms Preflight 2a02:26f0:480:d::210:f157
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.tatadigital.com/analytics-engine/config/v2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:d::210:f157 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: client-id,client_id,content-type,site-origin
Access-Control-Request-Method: GET
Origin: https://www.1mg.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: client-id,client_id,content-type,site-origin
access-control-allow-methods: GET
access-control-allow-origin: https://www.1mg.com
access-control-max-age: 3600
content-length: 0
date: Fri, 29 Nov 2024 04:31:29 GMT
server-timing: ak_p; desc="1732854689795_34664471_782217223_16852_9538_7_20_219";dur=1

GET
H2 200 v2 Show response
api.tatadigital.com/analytics-engine/config/ 2 KB
3 KB 149ms
148ms Fetch
application/json 2a02:26f0:480:d::210:f157
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.tatadigital.com/analytics-engine/config/v2

Requested by

Host: accounts.tatadigital.com
URL: https://accounts.tatadigital.com/v2/tdl-sso-auth.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:d::210:f157 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Resource Hash

94c4dfecaefaf4fa6bbcf9e1b7fb14269c115a77821d3a5007475dee1048aec5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Client-Id: ONEMG-WEB-APP
Referer: https://www.1mg.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json
client_id: ONEMG-WEB-APP
Content-Type: application/json
Site-Origin: https://www.1mg.com

Response headers

access-control-expose-headers: Transfer-Encoding,Connection,x-frame-options,x-xss-protection,Vary,Content-Encoding,Date,ETag
content-encoding: gzip
etag: W/"862-Xrh7ehiVSkiGW4hcelG8y5axcL4"
access-control-allow-credentials: true
server-timing: cdn-cache; desc=MISS, edge; dur=118, origin; dur=9, ak_p; desc="1732854690002_34664471_782217250_12680_10819_7_0_219";dur=1
access-control-allow-origin: https://www.1mg.com
content-length: 971
x-xss-protection: 1; mode=block
date: Fri, 29 Nov 2024 04:31:30 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
61 KB 28ms
8ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-3alyxgYK' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1mg.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 29 Nov 2024 04:31:29 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-3alyxgYK' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=8, rtx=0, c=23, mss=1232, tbw=4426, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: wZqTTdIGmXguZIhfngsEVyYhVTXn9l3FTTneNr1wZMNdO4NuHOM2htahNHFKPn3DaRlrrAlD92MEdSY8X+F3NQ==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 62107
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 tata_1mg_logo.svg
www.1mg.com/images/ 7 KB
3 KB 471ms
471ms Image
image/svg+xml 2606:4700:10::6814:d632
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.1mg.com/images/tata_1mg_logo.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:d632 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddb459f341fe3717372b613db375fc1e2886da52acd6fc8eb06a4228ae60de54

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1mg.com/categories/winter-care-65?referrer=singular_click_id%3Dec044b40-c901-4909-81a0-c483b7382d27&utm_campaign=winter_care_dweb&utm_medium=emailer_NC&utm_source=emailer_NC

Response headers

content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=0
content-encoding: br
cf-cache-status: BYPASS
etag: W/"1c92-19372b92e98"
cf-ray: 8e9fde530ecedcaa-FRA
access-control-allow-origin: https://www.1mglabs.com
date: Fri, 29 Nov 2024 04:31:30 GMT
cache-status: HIT
content-type: image/svg+xml
vary: Accept-Encoding
server: cloudflare
last-modified: Thu, 28 Nov 2024 12:22:39 GMT

GET
H3 200 cart-icon-rebrand_vp4k0f.svg
onemg.gumlet.io/ 879 B
1 KB 47ms
25ms Image
image/svg+xml 104.18.27.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onemg.gumlet.io/cart-icon-rebrand_vp4k0f.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.62 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7c9512d5a288ebf5518a9ab67df63eec539c210c15e08b7b13e569f3f068f34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1mg.com/

Response headers

x-gumlet-oc: HIT
access-control-max-age: 3600
surrogate-key: onemg.gumlet.io 2024-07-08
x-gumlet-reqid: ZouXw36ooFX0XjZt
etag: W/"lquce9fxr2k1"
age: 12430300
cf-cache-status: HIT
content-encoding: br
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
x-gumlet-pc: MISS
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 29 Nov 2024 04:31:29 GMT
content-type: image/svg+xml
vary: accept, Accept-Encoding
priority: u=1,i
access-control-allow-headers: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
reporting-endpoints: gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
cross-origin-resource-policy: cross-origin
x-gumlet-runtime: 2.133
cf-ray: 8e9fde532a189740-FRA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 ul9tzxcgrm3cfzclhi36.png
onemg.gumlet.io/ 6 KB
6 KB 50ms
28ms Image
image/avif 104.18.27.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onemg.gumlet.io/ul9tzxcgrm3cfzclhi36.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.62 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1cf4425f7f6be90071a3e8016590d3c7d7e9afb78e9b67c80f55f406446f8c3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1mg.com/

Response headers

x-gumlet-oc: HIT
access-control-max-age: 3600
x-gumlet-reqid: ZyCLF+ghfDqG4LvO
etag: "gmsixgxmlz5l"
age: 2668682
cf-cache-status: HIT
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
x-gumlet-pc: MISS
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 29 Nov 2024 04:31:29 GMT
content-type: image/avif
vary: accept, Accept-Encoding
priority: u=1,i
access-control-allow-headers: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
reporting-endpoints: gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
cross-origin-resource-policy: cross-origin
x-gumlet-runtime: 0.199
cf-ray: 8e9fde532a1a9740-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5663
server: cloudflare

GET
H2 200 fontawesome-webfont.woff2
assets.1mg.com/hkp/1.0.0/static/fonts/ 55 KB
56 KB 42ms
41ms Font
application/octet-stream 2606:4700:10::ac43:127a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.1mg.com/hkp/1.0.0/static/fonts/fontawesome-webfont.woff2?v=4.3.0
Requested by: Host: www.1mg.com
URL: https://www.1mg.com/categories/winter-care-65?referrer=singular_click_id%3Dec044b40-c901-4909-81a0-c483b7382d27&utm_campaign=winter_care_dweb&utm_medium=emailer_NC&utm_source=emailer_NC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:127a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.1mg.com
Referer: https://www.1mg.com/

Response headers

access-control-max-age: 3000
content-encoding: br
cf-cache-status: HIT
etag: W/"97493d3f11c0a3bd5cbd959f5d19b699"
age: 303737
access-control-allow-methods: GET, HEAD
date: Fri, 29 Nov 2024 04:31:29 GMT
content-type: text/plain
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Tue, 19 Nov 2024 12:35:41 GMT
x-amz-id-2: l6uZZ0NzTXO4zZ9jNXGJZUJaavXmtSoHBPwrD4Jq63SY+K3Ga5RPfnK8wijLtlR4+yhSPag6hhckTh0W5GUdMA==
cache-control: max-age=31536000
x-amz-request-id: WXRPR772JY8GTVGD
cf-ray: 8e9fde53196d5d66-FRA
access-control-allow-origin: *
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 6644d23a-ae60-4b75-b4b5-4a6e6f75ee90.webp
onemg.gumlet.io/ 1 KB
2 KB 35ms
23ms Image
image/avif 104.18.27.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onemg.gumlet.io/6644d23a-ae60-4b75-b4b5-4a6e6f75ee90.webp?blur=80&format=auto

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.62 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cdcbfe15fb180ea37774bd925583c1f51fa630f13eae5581d050671f86ec5484

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1mg.com/

Response headers

access-control-max-age: 3600
x-gumlet-reqid: 674833920628884270c73e42
etag: "2ez15pm8p7zyi"
age: 69647
cf-cache-status: HIT
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
x-gumlet-pc: HIT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 29 Nov 2024 04:31:29 GMT
content-type: image/avif
vary: accept, Accept-Encoding
priority: u=3,i
access-control-allow-headers: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
reporting-endpoints: gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
cross-origin-resource-policy: cross-origin
x-gumlet-runtime: 0.182
cf-ray: 8e9fde532a1b9740-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1486
server: cloudflare

GET
H3 200 15a9567a-7a4e-4d53-974a-a81add66d8d6.png
onemg.gumlet.io/ 1 KB
2 KB 32ms
20ms Image
image/avif 104.18.27.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onemg.gumlet.io/15a9567a-7a4e-4d53-974a-a81add66d8d6.png?blur=80&format=auto

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.62 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e70bbc655c6946bbee07576395e4a817eb7841a6a03d4edaefa7c9121e3250dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1mg.com/

Response headers

access-control-max-age: 3600
surrogate-key: onemg.gumlet.io 2024-10-09
x-gumlet-reqid: 674833910628884270c73e1f
etag: "3cfdhjy5dd3ed"
age: 69647
cf-cache-status: HIT
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
x-gumlet-pc: HIT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 29 Nov 2024 04:31:29 GMT
content-type: image/avif
vary: accept, Accept-Encoding
priority: u=3,i
access-control-allow-headers: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
reporting-endpoints: gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
cross-origin-resource-policy: cross-origin
x-gumlet-runtime: 0.215
cf-ray: 8e9fde532a1c9740-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1455
server: cloudflare

GET
H2 200 bestSeller.png
assets.1mg.com/hkp/1.0.0/static/images/ 5 KB
5 KB 28ms
26ms Image
image/& 2606:4700:10::6814:d632
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.1mg.com/hkp/1.0.0/static/images/bestSeller.png
Requested by: Host: www.1mg.com
URL: https://www.1mg.com/categories/winter-care-65?referrer=singular_click_id%3Dec044b40-c901-4909-81a0-c483b7382d27&utm_campaign=winter_care_dweb&utm_medium=emailer_NC&utm_source=emailer_NC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:d632 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ebe871432b6d84f8ad91d399d60898fa1176e4c2a80aa79db69907f5bcff41e2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1mg.com/

Response headers

x-amz-id-2: lk8FnuIpw0LQQYwbtnhFd/Ba9Osir0I5Xg9urFfRF29ybu/AFTKe7DjsqsY1ZfupLGsT/PTVSEo=
cache-control: max-age=31536000
cf-cache-status: HIT
etag: "58ba34a9e45d4f1c03a9061e6e4969ea"
age: 311161
x-amz-request-id: 79K2VPSATS21R7YW
cf-ray: 8e9fde531ee5dcaa-FRA
accept-ranges: bytes
content-length: 4840
date: Fri, 29 Nov 2024 04:31:29 GMT
content-type: image/&
last-modified: Tue, 19 Nov 2024 12:35:42 GMT
vary: Accept-Encoding
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 71b7dbba-c64b-45bb-9de1-066525dbda2c.png
onemg.gumlet.io/ 1 KB
2 KB 35ms
25ms Image
image/webp 104.18.27.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onemg.gumlet.io/71b7dbba-c64b-45bb-9de1-066525dbda2c.png?blur=80&format=auto

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.62 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

900acf3b996debf18ac1d86c0d7036481ed30360ffeac9e34dc9502ff30dc1e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1mg.com/

Response headers

access-control-max-age: 3600
surrogate-key: onemg.gumlet.io 2024-07-10
x-gumlet-reqid: 66fe253b34dea241965b49d8
etag: "2epiryxip1u88"
age: 4922981
cf-cache-status: HIT
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
x-gumlet-pc: HIT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 29 Nov 2024 04:31:29 GMT
content-type: image/webp
vary: accept, Accept-Encoding
priority: u=3,i
access-control-allow-headers: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
reporting-endpoints: gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
cross-origin-resource-policy: cross-origin
x-gumlet-runtime: 0.193
cf-ray: 8e9fde532a1e9740-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1178
server: cloudflare

GET
H3 200 ed5c120d-5a7a-45ef-aeab-7ad967cc4092.jpg
onemg.gumlet.io/ 1003 B
2 KB 36ms
25ms Image
image/avif 104.18.27.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onemg.gumlet.io/ed5c120d-5a7a-45ef-aeab-7ad967cc4092.jpg?blur=80&format=auto

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.62 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7d80f4005ce0e8a8bcb78d84c84b3ed5ab6d7af2aac291c711316fda128a2df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1mg.com/

Response headers

access-control-max-age: 3600
surrogate-key: onemg.gumlet.io 2024-10-10
x-gumlet-reqid: 674833910628884270c73e21
etag: "2ji264xixeep5"
age: 69647
cf-cache-status: HIT
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
x-gumlet-pc: HIT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 29 Nov 2024 04:31:29 GMT
content-type: image/avif
vary: accept, Accept-Encoding
priority: u=3,i
access-control-allow-headers: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
reporting-endpoints: gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
cross-origin-resource-policy: cross-origin
x-gumlet-runtime: 0.231
cf-ray: 8e9fde532a1f9740-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1003
server: cloudflare

GET
H3 200 2966bdec-5eea-47d6-adc1-5d1b1c7c0166.jpg
onemg.gumlet.io/ 1010 B
2 KB 22ms
19ms Image
image/avif 104.18.27.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onemg.gumlet.io/2966bdec-5eea-47d6-adc1-5d1b1c7c0166.jpg?blur=80&format=auto

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.62 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d2113760b59d2edc20172b6d91c3c4a7539c95e6e5cad13d34a08a9e3b2a8e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1mg.com/

Response headers

access-control-max-age: 3600
x-gumlet-reqid: 674833910628884270c73e20
etag: "2gimwf2dqtupk"
age: 69647
cf-cache-status: HIT
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
x-gumlet-pc: HIT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 29 Nov 2024 04:31:29 GMT
content-type: image/avif
vary: accept, Accept-Encoding
priority: u=3,i
access-control-allow-headers: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
reporting-endpoints: gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
cross-origin-resource-policy: cross-origin
x-gumlet-runtime: 0.206
cf-ray: 8e9fde535a499740-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1010
server: cloudflare

GET
H3 200 f72c1374-596b-4ff8-b7a4-246a9abe2e4f.jpg
onemg.gumlet.io/ 4 KB
5 KB 32ms
30ms Image
image/avif 104.18.27.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onemg.gumlet.io/f72c1374-596b-4ff8-b7a4-246a9abe2e4f.jpg?blur=80&format=auto

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.62 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eea76f37e6421d524273f7466091068fcea0dc37b66daa4a596f450a1098850b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1mg.com/

Response headers

access-control-max-age: 3600
x-gumlet-reqid: 674833910628884270c73e1e
etag: "27bb4o9wq1m7z"
age: 69647
cf-cache-status: HIT
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
x-gumlet-pc: HIT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 29 Nov 2024 04:31:29 GMT
content-type: image/avif
vary: accept, Accept-Encoding
priority: u=3,i
access-control-allow-headers: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
reporting-endpoints: gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
cross-origin-resource-policy: cross-origin
x-gumlet-runtime: 0.26
cf-ray: 8e9fde535a4a9740-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4380
server: cloudflare

GET
H3 200 qubet60eokwth4ki5btj.png
onemg.gumlet.io/marketing/ 8 KB
8 KB 23ms
21ms Image
image/avif 104.18.27.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onemg.gumlet.io/marketing/qubet60eokwth4ki5btj.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.62 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e569cd0396544776ed94a7bb2ea2822af1d4a13df4baa8d59bb3bc564f9db698

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1mg.com/

Response headers

x-gumlet-oc: HIT
access-control-max-age: 3600
surrogate-key: onemg.gumlet.io 2024-10-01
x-gumlet-reqid: Zvu2fhWa3FGxsMy1
etag: "1crkf3odm4aoj"
age: 5082403
cf-cache-status: HIT
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
x-gumlet-pc: MISS
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 29 Nov 2024 04:31:29 GMT
content-type: image/avif
vary: accept, Accept-Encoding
priority: u=3,i
access-control-allow-headers: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
reporting-endpoints: gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
cross-origin-resource-policy: cross-origin
x-gumlet-runtime: 0.297
cf-ray: 8e9fde535a4b9740-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7796
server: cloudflare

GET
H2 200 729605.png
static.legitscript.com/seals/ 13 KB
14 KB 67ms
22ms Image
image/png 2606:4700::6812:1022
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.legitscript.com/seals/729605.png
Requested by: Host: www.1mg.com
URL: https://www.1mg.com/categories/winter-care-65?referrer=singular_click_id%3Dec044b40-c901-4909-81a0-c483b7382d27&utm_campaign=winter_care_dweb&utm_medium=emailer_NC&utm_source=emailer_NC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1022 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eafdc1561e9daf70c23b0a060ded87223c58c0366e85ff9eb798c57432b6b1bc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1mg.com/

Response headers

cf-cache-status: HIT
etag: "67492073-356d"
age: 6974
cf-ray: 8e9fde5368fb049f-FRA
accept-ranges: bytes
content-length: 13677
date: Fri, 29 Nov 2024 04:31:29 GMT
content-type: image/png
last-modified: Fri, 29 Nov 2024 02:01:23 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 down-arrowRebrand.svg
assets.1mg.com/hkp/1.0.0/static/images/ 692 B
584 B 28ms
27ms Image
image/svg+xml 2606:4700:10::6814:d632
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.1mg.com/hkp/1.0.0/static/images/down-arrowRebrand.svg
Requested by: Host: www.1mg.com
URL: https://www.1mg.com/categories/winter-care-65?referrer=singular_click_id%3Dec044b40-c901-4909-81a0-c483b7382d27&utm_campaign=winter_care_dweb&utm_medium=emailer_NC&utm_source=emailer_NC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:d632 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dab2aa2011b95b66975909e036c3b397192901249b5183cd46975485e9a4b4a6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1mg.com/

Response headers

x-amz-id-2: mjD/mvuxK/RvCTJVB8V6vmTlz7E2Q82eGNAMraJyppM0qsDKDqaXRMTM2QEe6O1tjECMiuqZfPlL1yCakqxgGA==
cache-control: max-age=31536000
content-encoding: br
cf-cache-status: HIT
etag: W/"fd197c225966101463780da9b5678a3e"
age: 312880
x-amz-request-id: EXVD5EA8F38TWYSZ
cf-ray: 8e9fde531ee0dcaa-FRA
date: Fri, 29 Nov 2024 04:31:29 GMT
content-type: image/svg+xml
last-modified: Tue, 19 Nov 2024 12:35:44 GMT
vary: Accept-Encoding
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 quick_buy_rebrand_lqpnce.svg
onemg.gumlet.io/ 575 B
1 KB 33ms
30ms Image
image/svg+xml 104.18.27.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onemg.gumlet.io/quick_buy_rebrand_lqpnce.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.62 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

174b0e6831825fdfe89595b9175a78e0f36dca606ca6dd8970fd2e3081def1c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1mg.com/

Response headers

x-gumlet-oc: HIT
access-control-max-age: 3600
surrogate-key: onemg.gumlet.io 2024-08-26
x-gumlet-reqid: ZswYOeoz3TqCkLLN
etag: W/"1dbipx9jldnd2"
age: 8203112
cf-cache-status: HIT
content-encoding: br
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
x-gumlet-pc: MISS
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 29 Nov 2024 04:31:29 GMT
content-type: image/svg+xml
vary: accept, Accept-Encoding
priority: u=3,i
access-control-allow-headers: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
reporting-endpoints: gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
cross-origin-resource-policy: cross-origin
x-gumlet-runtime: 0.124
cf-ray: 8e9fde535a4c9740-FRA
access-control-allow-origin: *
server: cloudflare

GET
H2 200 next-round.svg
assets.1mg.com/hkp/1.0.0/static/images/ 995 B
729 B 27ms
26ms Image
image/svg+xml 2606:4700:10::6814:d632
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.1mg.com/hkp/1.0.0/static/images/next-round.svg
Requested by: Host: www.1mg.com
URL: https://www.1mg.com/categories/winter-care-65?referrer=singular_click_id%3Dec044b40-c901-4909-81a0-c483b7382d27&utm_campaign=winter_care_dweb&utm_medium=emailer_NC&utm_source=emailer_NC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:d632 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02eee1baa62e5dfb787d85763f1b9893f082683a294b44fda6e572aeabca8392

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1mg.com/

Response headers

x-amz-id-2: intJVB/u/4rb1mo45GE46EU+B9n+3Hz+UmwiMJvuDoglv0pAtAi9+lmtkJ1VxA03XGGIaBoGCXE1dvUwfhKzHg==
cache-control: max-age=31536000
content-encoding: br
cf-cache-status: HIT
etag: W/"75aa10679318dcc8b1dc8b6c99da1f69"
age: 312872
x-amz-request-id: A3TRN3DBA8QR4EC2
cf-ray: 8e9fde532ee6dcaa-FRA
date: Fri, 29 Nov 2024 04:31:29 GMT
content-type: image/svg+xml
last-modified: Tue, 19 Nov 2024 12:35:49 GMT
vary: Accept-Encoding
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 vqpr5zx9ofpsyafjwwin.svg
onemg.gumlet.io/ 814 B
1 KB 24ms
21ms Image
image/svg+xml 104.18.27.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onemg.gumlet.io/vqpr5zx9ofpsyafjwwin.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.62 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb9e4aa0f74c32adf3ac46f12444303e3ffd9b40a15ee6cb2661d60d18a8606f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1mg.com/

Response headers

x-gumlet-oc: HIT
access-control-max-age: 3600
surrogate-key: onemg.gumlet.io 2024-10-01
x-gumlet-reqid: ZvuRROJlM3ghc7SG
etag: W/"34kxw9qbmskc8"
age: 5091932
cf-cache-status: HIT
content-encoding: br
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
x-gumlet-pc: MISS
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 29 Nov 2024 04:31:29 GMT
content-type: image/svg+xml
vary: accept, Accept-Encoding
priority: u=3,i
access-control-allow-headers: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
reporting-endpoints: gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
cross-origin-resource-policy: cross-origin
x-gumlet-runtime: 0.271
cf-ray: 8e9fde535a4d9740-FRA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 wwynoy59i3iakt8te5xl.svg
onemg.gumlet.io/ 1 KB
1 KB 27ms
24ms Image
image/svg+xml 104.18.27.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onemg.gumlet.io/wwynoy59i3iakt8te5xl.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.62 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fccb5b4f6109f7c49d87a035ba3f1c3a03791d0d2e599e27d1bae64923c105e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1mg.com/

Response headers

x-gumlet-oc: HIT
access-control-max-age: 3600
surrogate-key: onemg.gumlet.io 2024-07-08
x-gumlet-reqid: ZouXw9ixxZcPgvEO
etag: W/"1fzy7z4o5ay27"
age: 12430302
cf-cache-status: HIT
content-encoding: br
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
x-gumlet-pc: MISS
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 29 Nov 2024 04:31:29 GMT
content-type: image/svg+xml
vary: accept, Accept-Encoding
priority: u=3,i
access-control-allow-headers: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
reporting-endpoints: gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
cross-origin-resource-policy: cross-origin
x-gumlet-runtime: 0.688
cf-ray: 8e9fde535a4e9740-FRA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 cwrpdmlzckwzvv9e1gjv.svg
onemg.gumlet.io/ 748 B
1 KB 27ms
24ms Image
image/svg+xml 104.18.27.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onemg.gumlet.io/cwrpdmlzckwzvv9e1gjv.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.62 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

921ae5a4f56184647f714d6064679eaee7df76d091c1bbc3b17c0e524b388d1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1mg.com/

Response headers

x-gumlet-oc: HIT
access-control-max-age: 3600
content-encoding: br
x-gumlet-reqid: ZyBQ8+ghfDqG3o52
etag: W/"3dqbs4a6xbfa6"
age: 2683566
cf-cache-status: HIT
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
x-gumlet-pc: MISS
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 29 Nov 2024 04:31:29 GMT
content-type: image/svg+xml
vary: accept, Accept-Encoding
priority: u=3,i
access-control-allow-headers: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
reporting-endpoints: gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
cross-origin-resource-policy: cross-origin
x-gumlet-runtime: 0.217
cf-ray: 8e9fde535a4f9740-FRA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 tywtfwyzxb8ujnqmbuau.svg
onemg.gumlet.io/ 813 B
1 KB 24ms
22ms Image
image/svg+xml 104.18.27.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onemg.gumlet.io/tywtfwyzxb8ujnqmbuau.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.62 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

85cc25936bc028b85fad880aad3b3c119a92f8d997e82634f816670334eae393

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1mg.com/

Response headers

x-gumlet-oc: HIT
access-control-max-age: 3600
content-encoding: br
x-gumlet-reqid: Z0Vz0w5Hgx9+D/U1
etag: W/"1nfkx8dfd9k98"
age: 249806
cf-cache-status: HIT
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
x-gumlet-pc: MISS
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 29 Nov 2024 04:31:29 GMT
content-type: image/svg+xml
vary: accept, Accept-Encoding
priority: u=3,i
access-control-allow-headers: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
reporting-endpoints: gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
cross-origin-resource-policy: cross-origin
x-gumlet-runtime: 0.237
cf-ray: 8e9fde535a509740-FRA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 hqfglkzkfxaxaypniixn.svg
onemg.gumlet.io/ 572 B
1 KB 26ms
24ms Image
image/svg+xml 104.18.27.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onemg.gumlet.io/hqfglkzkfxaxaypniixn.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.62 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ee6dcabca7195a0d0bb5d9072870414f4e059c417265cc788c0cffe8d87eb79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1mg.com/

Response headers

x-gumlet-oc: HIT
access-control-max-age: 3600
surrogate-key: onemg.gumlet.io 2024-07-08
x-gumlet-reqid: ZouXw36ooFX0XjZy
etag: W/"3f8bev23fyy88"
age: 12430301
cf-cache-status: HIT
content-encoding: br
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
x-gumlet-pc: MISS
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 29 Nov 2024 04:31:29 GMT
content-type: image/svg+xml
vary: accept, Accept-Encoding
priority: u=3,i
access-control-allow-headers: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
reporting-endpoints: gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
cross-origin-resource-policy: cross-origin
x-gumlet-runtime: 1.363
cf-ray: 8e9fde535a529740-FRA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 ny7nk9wxxlcxpeh1jbgg.svg
onemg.gumlet.io/ 1 KB
1 KB 33ms
30ms Image
image/svg+xml 104.18.27.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onemg.gumlet.io/ny7nk9wxxlcxpeh1jbgg.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.62 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8473f5333d9019df0cac6c5afff3211812aa42867ff602ebe0a4dc13c312d7a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1mg.com/

Response headers

x-gumlet-oc: HIT
access-control-max-age: 3600
surrogate-key: onemg.gumlet.io 2024-08-26
x-gumlet-reqid: ZswSC+oz3TqCkHk8
etag: W/"10jyhnqycme0y"
age: 8204694
cf-cache-status: HIT
content-encoding: br
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
x-gumlet-pc: MISS
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 29 Nov 2024 04:31:29 GMT
content-type: image/svg+xml
vary: accept, Accept-Encoding
priority: u=3,i
access-control-allow-headers: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
reporting-endpoints: gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
cross-origin-resource-policy: cross-origin
x-gumlet-runtime: 0.117
cf-ray: 8e9fde535a539740-FRA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 jmjg62xhpbmgrxugqgwx.png
onemg.gumlet.io/ 32 KB
32 KB 33ms
30ms Image
image/avif 104.18.27.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onemg.gumlet.io/jmjg62xhpbmgrxugqgwx.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.62 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9fabef46411cf097208622219071a2537b0efade8e598c4342b20a1f4428d68b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1mg.com/

Response headers

x-gumlet-oc: HIT
access-control-max-age: 3600
x-gumlet-reqid: Z0VnHDCz4hc5pau/
etag: "vr8xy0dyhj1j"
age: 253060
cf-cache-status: HIT
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
x-gumlet-pc: MISS
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 29 Nov 2024 04:31:29 GMT
content-type: image/avif
vary: accept, Accept-Encoding
priority: u=3,i
access-control-allow-headers: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
reporting-endpoints: gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
cross-origin-resource-policy: cross-origin
x-gumlet-runtime: 0.408
cf-ray: 8e9fde535a549740-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 32362
server: cloudflare

GET
H3 200 secure-rebrand_x6f8yq.svg
onemg.gumlet.io/ 3 KB
2 KB 27ms
24ms Image
image/svg+xml 104.18.27.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onemg.gumlet.io/secure-rebrand_x6f8yq.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.62 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f21f3bb287a66dc048072a2650960f3d3e3056744baef71fe9255afecfe5c41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1mg.com/

Response headers

x-gumlet-oc: HIT
access-control-max-age: 3600
content-encoding: br
x-gumlet-reqid: ZyCCi3TRLpOSY6ZR
etag: W/"2l9j6wqbh487q"
age: 2670869
cf-cache-status: HIT
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
x-gumlet-pc: MISS
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 29 Nov 2024 04:31:29 GMT
content-type: image/svg+xml
vary: accept, Accept-Encoding
priority: u=3,i
access-control-allow-headers: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
reporting-endpoints: gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
cross-origin-resource-policy: cross-origin
x-gumlet-runtime: 0.186
cf-ray: 8e9fde535a559740-FRA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 reliable-rebrand_rcpof3.svg
onemg.gumlet.io/ 3 KB
2 KB 34ms
31ms Image
image/svg+xml 104.18.27.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onemg.gumlet.io/reliable-rebrand_rcpof3.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.62 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7287b45d0e8430371798da834c8087bed31a443dc8ea5b8919bc815e00b4e03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1mg.com/

Response headers

x-gumlet-oc: HIT
access-control-max-age: 3600
content-encoding: br
x-gumlet-reqid: Z0VBSQ5Hgx9+DYWQ
etag: W/"3u25u8jitdo9b"
age: 262744
cf-cache-status: HIT
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
x-gumlet-pc: MISS
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 29 Nov 2024 04:31:29 GMT
content-type: image/svg+xml
vary: accept, Accept-Encoding
priority: u=3,i
access-control-allow-headers: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
reporting-endpoints: gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
cross-origin-resource-policy: cross-origin
x-gumlet-runtime: 0.217
cf-ray: 8e9fde535a569740-FRA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 affordable-rebrand_ivgidq.svg
onemg.gumlet.io/ 1 KB
1 KB 27ms
24ms Image
image/svg+xml 104.18.27.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onemg.gumlet.io/affordable-rebrand_ivgidq.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.62 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

300286ed6ff5fb15daa619a72f76b44b5bf24a71b0361fc4a5e071a54074b3ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1mg.com/

Response headers

x-gumlet-oc: HIT
access-control-max-age: 3600
surrogate-key: onemg.gumlet.io 2024-07-08
x-gumlet-reqid: ZouXwtixxZcPgvEH
etag: W/"2ndmjmzx3ojbk"
age: 12430302
cf-cache-status: HIT
content-encoding: br
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
x-gumlet-pc: MISS
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 29 Nov 2024 04:31:29 GMT
content-type: image/svg+xml
vary: accept, Accept-Encoding
priority: u=3,i
access-control-allow-headers: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
reporting-endpoints: gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
cross-origin-resource-policy: cross-origin
x-gumlet-runtime: 0.774
cf-ray: 8e9fde535a599740-FRA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 1533315340292439 Show response
connect.facebook.net/signals/config/ 90 KB
19 KB 11ms
10ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1533315340292439?v=2.9.176&r=stable&domain=www.1mg.com&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

437e6b19d780724862fbd3fa492ea6b4a25ad4587cfaaba5a6fb964247026435

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-fQtb39CY' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1mg.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 29 Nov 2024 04:31:29 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-fQtb39CY' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=77, mss=1232, tbw=70878, tp=67, tpl=0, uplat=3, ullat=-1
pragma: public
x-fb-debug: Nfq7e0wcl85VfhOFf4m3KDv8jyha8OJwntATQcZ4jEVCi+Pu0nX3BzTMIh5hLG5pxPQbDJhCXWbjE9wtUVkaEA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
cross-origin-opener-policy-report-only: restrict-properties;report-to="coop_report"
content-length: 19240
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 25ms
8ms Image
text/plain 157.240.253.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1533315340292439&ev=PageView&dl=https%3A%2F%2Fwww.1mg.com&rl=&if=false&ts=1732854689905&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12316&fbp=fb.1.1732854689902.950985894828236430&pm=1&hrl=ed19f2&ler=empty&cdl=API_unavailable&it=1732854689874&coo=false&cs_cc=1&cas=1332311013456368%2C7951321408221087%2C7550385478333066%2C6356198277764857%2C5565497676895272%2C6144472272230806%2C8705157822835137%2C4410832612298206%2C5567879149981237%2C4326805070696266%2C2594319933950882%2C2738152292886017%2C2414853131965762%2C2268650139852816%2C2371037966301581%2C2473827572662118%2C1869756436428197%2C1690952850949294&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1mg.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=4474, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Fri, 29 Nov 2024 04:31:29 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
197 B 291ms
274ms Image
image/png 157.240.253.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1533315340292439&ev=PageView&dl=https%3A%2F%2Fwww.1mg.com&rl=&if=false&ts=1732854689905&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12316&fbp=fb.1.1732854689902.950985894828236430&pm=1&hrl=ed19f2&ler=empty&cdl=API_unavailable&it=1732854689874&coo=false&cs_cc=1&cas=1332311013456368%2C7951321408221087%2C7550385478333066%2C6356198277764857%2C5565497676895272%2C6144472272230806%2C8705157822835137%2C4410832612298206%2C5567879149981237%2C4326805070696266%2C2594319933950882%2C2738152292886017%2C2414853131965762%2C2268650139852816%2C2371037966301581%2C2473827572662118%2C1869756436428197%2C1690952850949294&rqm=FGET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1mg.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7442554220065208204"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 29 Nov 2024 04:31:30 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: ypSwk9rhm2RVR7O0S+zG/0X2E6YRLXYA3j5VAj1G13rQIbhGiose82jNwTSsvvmwg4t8R9Ycv5Oh1a8p6QxvjQ==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7442554220065208204", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=4842, tp=13, tpl=0, uplat=259, ullat=0
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 / Show response
api.rudderstack.com/sourceConfig/ 2 KB
2 KB 8ms
8ms XHR
application/json 18.245.31.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rudderstack.com/sourceConfig/?p=cdn&v=2.48.40&writeKey=1Xw0r3h5UkJhTd7i4MyWYyjDQFZ

Requested by

Host: accounts.tatadigital.com
URL: https://accounts.tatadigital.com/v2/tdl-sso-auth.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.31.30 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-31-30.fra56.r.cloudfront.net

Software

Resource Hash

0dcb78c35ae24725f200c7471c957d13166d6f1cb2eafa5d80d09183486895a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Authorization: Basic MVh3MHIzaDVVa0poVGQ3aTRNeVdZeWpEUUZaOg==
Referer: https://www.1mg.com/

Response headers

x-request-id: 3d69bae0-ae0a-11ef-aa2c-1db565f5b940
access-control-expose-headers: X-Request-ID
content-encoding: gzip
age: 241
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: pUIaxSHOW7WuGxwSxoMj-pb9Nk-wnQFZRl015ZuSRwM2uu-9OOQjhA==
date: Fri, 29 Nov 2024 04:27:27 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding,Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-dns-prefetch-control: off
access-control-allow-credentials: true
x-download-options: noopen
via: 1.1 b7c8b552077b93dc0acaa0b82d11fa62.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA56-P8

OPTIONS
H2 204 /
api.rudderstack.com/sourceConfig/ Frame 0
0 32ms
7ms Preflight 18.245.31.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.rudderstack.com/sourceConfig/?p=cdn&v=2.48.40&writeKey=1Xw0r3h5UkJhTd7i4MyWYyjDQFZ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.31.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-31-30.fra56.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://www.1mg.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-origin: *
access-control-max-age: 900
age: 19
alt-svc: h3=":443"; ma=86400
date: Fri, 29 Nov 2024 04:31:10 GMT
vary: Origin
via: 1.1 b7c8b552077b93dc0acaa0b82d11fa62.cloudfront.net (CloudFront)
x-amz-cf-id: x-GbwYZgUdPEntDn9iYLarqag8_SpaOTTDWMoWbfK6u_bs-7WD2a9g==
x-amz-cf-pop: FRA56-P8
x-cache: Hit from cloudfront
x-request-id: c252ffa0-ae0a-11ef-b3db-c1f649671f2f

GET
H2 200 mui-common.bundle.f37ccf6ed52bdd9652245c2253d52350.js Show response
assets.1mg.com/hkp/1.0.0/static/js/ 3 MB
715 KB 39ms
38ms Script
application/javascript 2606:4700:10::6814:d632
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.1mg.com/hkp/1.0.0/static/js/mui-common.bundle.f37ccf6ed52bdd9652245c2253d52350.js
Requested by: Host: www.1mg.com
URL: https://www.1mg.com/categories/winter-care-65?referrer=singular_click_id%3Dec044b40-c901-4909-81a0-c483b7382d27&utm_campaign=winter_care_dweb&utm_medium=emailer_NC&utm_source=emailer_NC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:d632 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c18ab5a7224c2604dfefa135f9e52b36addcd518eb3cbcfff8827ec6adfe0015

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1mg.com/

Response headers

x-amz-id-2: lbfLId782OoYzITiq1s4oyrNwEIuJlhIGyRCTqMyc0fesev8ynBhbfZUwkbJVjPlzGox3rf1x6dS9NKm5DHwCw==
cache-control: max-age=31536000
content-encoding: br
cf-cache-status: HIT
etag: W/"f37ccf6ed52bdd9652245c2253d52350"
age: 56845
x-amz-request-id: BXY1VM88278WC63E
cf-ray: 8e9fde545820dcaa-FRA
date: Fri, 29 Nov 2024 04:31:30 GMT
content-type: application/javascript
last-modified: Thu, 28 Nov 2024 12:32:44 GMT
vary: Accept-Encoding
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 categoryPage.bundle.c008e793f8ecef82209e7ff7b138ee70.js Show response
assets.1mg.com/hkp/1.0.0/static/js/ 116 KB
27 KB 21ms
20ms Script
application/javascript 2606:4700:10::6814:d632
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.1mg.com/hkp/1.0.0/static/js/categoryPage.bundle.c008e793f8ecef82209e7ff7b138ee70.js
Requested by: Host: www.1mg.com
URL: https://www.1mg.com/categories/winter-care-65?referrer=singular_click_id%3Dec044b40-c901-4909-81a0-c483b7382d27&utm_campaign=winter_care_dweb&utm_medium=emailer_NC&utm_source=emailer_NC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:d632 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5474255ea78c64619188eadc6c1f5a16570fc822844a8cc232fb8ce09c86bfb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1mg.com/

Response headers

x-amz-id-2: MPAyWcvcCI6n8qX0Doo9b0+D+j5IaErJSY3nqfaJ7/H0GLljiKexLzxjvfI6/IyKcf9b/a165q1hfXXX2vo1DQ==
cache-control: max-age=31536000
content-encoding: br
cf-cache-status: HIT
etag: W/"c008e793f8ecef82209e7ff7b138ee70"
age: 56845
x-amz-request-id: BXYESC1M1R9KC4QX
cf-ray: 8e9fde54682adcaa-FRA
date: Fri, 29 Nov 2024 04:31:29 GMT
content-type: application/javascript
last-modified: Thu, 28 Nov 2024 12:32:44 GMT
vary: Accept-Encoding
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 raven.min.js Show response
cdn.ravenjs.com/3.8.1/ 21 KB
8 KB 44ms
18ms Script
application/javascript 2a04:4e42:400::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ravenjs.com/3.8.1/raven.min.js
Requested by: Host: www.1mg.com
URL: https://www.1mg.com/categories/winter-care-65?referrer=singular_click_id%3Dec044b40-c901-4909-81a0-c483b7382d27&utm_campaign=winter_care_dweb&utm_medium=emailer_NC&utm_source=emailer_NC
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Fastly /
Resource Hash: fd2c4520a3d59da0d21fbe3d009df84ff3e448c28f7c88807fc277038f7ae9ed

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1mg.com/

Response headers

cache-control: public, max-age=31536000
timing-allow-origin: *
content-encoding: gzip
etag: "f05c5502275fc20f0d12d8c0bda3fff4"
age: 79371
accept-ranges: bytes
access-control-allow-origin: *
content-length: 8422
date: Fri, 29 Nov 2024 04:31:30 GMT
last-modified: Thu, 17 Nov 2016 16:35:03 GMT
vary: Accept-Encoding
server: Fastly
content-type: application/javascript; charset=utf-8

GET
H2 200 header-essentials.min.6141ace8ec9024a16ba4eb1f0b2c95cf.js Show response
assets.1mg.com/hkp/1.0.0/static/js/ 338 KB
98 KB 47ms
46ms Script
application/javascript 2606:4700:10::6814:d632
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.1mg.com/hkp/1.0.0/static/js/header-essentials.min.6141ace8ec9024a16ba4eb1f0b2c95cf.js
Requested by: Host: www.1mg.com
URL: https://www.1mg.com/categories/winter-care-65?referrer=singular_click_id%3Dec044b40-c901-4909-81a0-c483b7382d27&utm_campaign=winter_care_dweb&utm_medium=emailer_NC&utm_source=emailer_NC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:d632 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f993153efcc7420f89746666b7ad09cfa914fcd866ca4ed932ecd544b5d4016

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1mg.com/

Response headers

x-amz-id-2: JPy/7/PEuSDUA/oYTnInVuWa2SqbW9ttckQeX98e+MRl9eM/zwQCJI1GgFfTz1oycUbxXENsy4ILI2g28/yfkA==
cache-control: max-age=31536000
content-encoding: br
cf-cache-status: HIT
etag: W/"6141ace8ec9024a16ba4eb1f0b2c95cf"
age: 312880
x-amz-request-id: EXV3FWYFVHX83TZW
cf-ray: 8e9fde54682bdcaa-FRA
date: Fri, 29 Nov 2024 04:31:30 GMT
content-type: application/javascript
last-modified: Tue, 19 Nov 2024 12:36:07 GMT
vary: Accept-Encoding
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 search-page.min.5a0d2cbf4ada731b604d9bf3b7a57933.js Show response
assets.1mg.com/hkp/1.0.0/static/js/ 39 KB
12 KB 24ms
23ms Script
application/javascript 2606:4700:10::6814:d632
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.1mg.com/hkp/1.0.0/static/js/search-page.min.5a0d2cbf4ada731b604d9bf3b7a57933.js
Requested by: Host: www.1mg.com
URL: https://www.1mg.com/categories/winter-care-65?referrer=singular_click_id%3Dec044b40-c901-4909-81a0-c483b7382d27&utm_campaign=winter_care_dweb&utm_medium=emailer_NC&utm_source=emailer_NC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:d632 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d76725b7f590999d2a82733ff3278c2e9bce806dd225d4b2924e989e7eb3147

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1mg.com/

Response headers

x-amz-id-2: VYpnjyz1+ndWKtAjZ/+0Yn4BvgKpD8pzA056yfgxBLObn0F7QF9xAxJ4fTaND12TzEQHVy2S/f8=
cache-control: max-age=31536000
content-encoding: br
cf-cache-status: HIT
etag: W/"5a0d2cbf4ada731b604d9bf3b7a57933"
age: 251816
x-amz-request-id: GTADTQJSSY0JWDEN
cf-ray: 8e9fde54682cdcaa-FRA
date: Fri, 29 Nov 2024 04:31:29 GMT
content-type: application/javascript
last-modified: Tue, 19 Nov 2024 12:35:58 GMT
vary: Accept-Encoding
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 vcd15cbe7772f49c399c6a5babf22c1241717689176015 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 44ms
27ms Script
text/javascript 2606:4700::6810:5049
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by: Host: www.1mg.com
URL: https://www.1mg.com/categories/winter-care-65?referrer=singular_click_id%3Dec044b40-c901-4909-81a0-c483b7382d27&utm_campaign=winter_care_dweb&utm_medium=emailer_NC&utm_source=emailer_NC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.1mg.com
Referer: https://www.1mg.com/

Response headers

cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"2024.6.1"
cross-origin-resource-policy: cross-origin
cf-ray: 8e9fde548ebd904c-FRA
access-control-allow-origin: *
date: Fri, 29 Nov 2024 04:31:30 GMT
content-type: text/javascript;charset=UTF-8
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
vary: Accept-Encoding
server: cloudflare

OPTIONS
H2 204 page
rudderapi.1mg.com/v1/ Frame 0
0 581ms
188ms Preflight 15.207.65.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rudderapi.1mg.com/v1/page
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.207.65.151 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-15-207-65-151.ap-south-1.compute.amazonaws.com
Software: openresty/1.21.4.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: anonymousid,authorization,content-type
Access-Control-Request-Method: POST
Origin: https://www.1mg.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: anonymousid,authorization,content-type
access-control-allow-methods: POST
access-control-allow-origin: https://www.1mg.com
access-control-max-age: 900
date: Fri, 29 Nov 2024 04:31:30 GMT
server: openresty/1.21.4.1
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

POST
H2 200 page Show response
rudderapi.1mg.com/v1/ 2 B
174 B 207ms
205ms XHR
text/plain 15.207.65.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rudderapi.1mg.com/v1/page
Requested by: Host: accounts.tatadigital.com
URL: https://accounts.tatadigital.com/v2/tdl-sso-auth.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.207.65.151 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-15-207-65-151.ap-south-1.compute.amazonaws.com
Software: openresty/1.21.4.1 /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

AnonymousId: OGNkNDYwOTctODBkYS00NmJhLTljZDctMDg1MDBkMGRmZTNm
Authorization: Basic MVh3MHIzaDVVa0poVGQ3aTRNeVdZeWpEUUZaOg==
Referer: https://www.1mg.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.1mg.com
content-length: 2
date: Fri, 29 Nov 2024 04:31:30 GMT
content-type: text/plain; charset=utf-8
vary: Origin
server: openresty/1.21.4.1
access-control-allow-credentials: true

GET
H2 200 Fullstory.min.js Show response
cdn.rudderlabs.com/v1.1/js-integrations/ 8 KB
4 KB 112ms
111ms Script
application/javascript 2600:9000:275d:2200:16:a497:9700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rudderlabs.com/v1.1/js-integrations/Fullstory.min.js
Requested by: Host: cdn.rudderlabs.com
URL: https://cdn.rudderlabs.com/v1.1/rudder-analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:2200:16:a497:9700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8043b1ed865fcb3817e34634e2462bbadb83b64b348aad4668a3c131603dc67e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1mg.com/

Response headers

vary: accept-encoding
cache-control: no-store
content-encoding: br
etag: W/"0ac7792c124cfdbea483eb7d72672e54"
via: 1.1 0b761d2a74b283528cf840bf9ce44b20.cloudfront.net (CloudFront)
alt-svc: h3=":443"; ma=86400
x-cache: RefreshHit from cloudfront
x-amz-cf-id: p2qPZYISCbnAutA7xb-bWZ_AR__-x5eZV4FBLra8RB1Azxmrg6AmvQ==
date: Fri, 29 Nov 2024 04:31:31 GMT
content-type: application/javascript
last-modified: Fri, 22 Nov 2024 16:43:47 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
x-amz-server-side-encryption: AES256

OPTIONS
H2 204 page
rudderapi.1mg.com/v1/ Frame 0
0 292ms
187ms Preflight 15.207.65.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rudderapi.1mg.com/v1/page
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.207.65.151 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-15-207-65-151.ap-south-1.compute.amazonaws.com
Software: openresty/1.21.4.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: anonymousid,authorization,content-type
Access-Control-Request-Method: POST
Origin: https://www.1mg.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: anonymousid,authorization,content-type
access-control-allow-methods: POST
access-control-allow-origin: https://www.1mg.com
access-control-max-age: 900
date: Fri, 29 Nov 2024 04:31:30 GMT
server: openresty/1.21.4.1
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

OPTIONS
H2 200 check-session
api.tatadigital.com/api/v2/sso/ Frame 0
0 138ms
138ms Preflight 2a02:26f0:480:d::210:f157
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.tatadigital.com/api/v2/sso/check-session
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:d::210:f157 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: access-control-allow-origin,client_id,content-type
Access-Control-Request-Method: POST
Origin: https://www.1mg.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: access-control-allow-origin,client_id,content-type
access-control-allow-methods: POST
access-control-allow-origin: https://www.1mg.com
access-control-max-age: 3600
content-length: 0
date: Fri, 29 Nov 2024 04:31:30 GMT
request-context: appId=cid-v1:bb7ea1b5-3c4c-43ba-b2f0-54af335f620f
server-timing: ak_p; desc="1732854690320_34664471_782217302_12186_9168_13_0_219";dur=1

GET
H2 200 ads.js Show response
www.1mg.com/js/ 0
628 B 469ms
469ms Script
application/javascript 2606:4700:10::6814:d632
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.1mg.com/js/ads.js

Requested by

Host: assets.1mg.com
URL: https://assets.1mg.com/hkp/1.0.0/static/js/mui-common.bundle.f37ccf6ed52bdd9652245c2253d52350.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:d632 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1mg.com/categories/winter-care-65?referrer=singular_click_id%3Dec044b40-c901-4909-81a0-c483b7382d27&utm_campaign=winter_care_dweb&utm_medium=emailer_NC&utm_source=emailer_NC

Response headers

content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=0
cf-cache-status: BYPASS
etag: W/"0-19372b92e98"
cf-ray: 8e9fde5629fedcaa-FRA
accept-ranges: bytes
access-control-allow-origin: https://www.1mglabs.com
content-length: 0
date: Fri, 29 Nov 2024 04:31:30 GMT
cache-status: HIT
content-type: application/javascript; charset=UTF-8
last-modified: Thu, 28 Nov 2024 12:22:39 GMT
vary: Accept-Encoding
server: cloudflare

POST
H2 200 page Show response
rudderapi.1mg.com/v1/ 2 B
174 B 206ms
205ms XHR
text/plain 15.207.65.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rudderapi.1mg.com/v1/page
Requested by: Host: accounts.tatadigital.com
URL: https://accounts.tatadigital.com/v2/tdl-sso-auth.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.207.65.151 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-15-207-65-151.ap-south-1.compute.amazonaws.com
Software: openresty/1.21.4.1 /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

AnonymousId: OGNkNDYwOTctODBkYS00NmJhLTljZDctMDg1MDBkMGRmZTNm
Authorization: Basic MVh3MHIzaDVVa0poVGQ3aTRNeVdZeWpEUUZaOg==
Referer: https://www.1mg.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.1mg.com
content-length: 2
date: Fri, 29 Nov 2024 04:31:30 GMT
content-type: text/plain; charset=utf-8
vary: Origin
server: openresty/1.21.4.1
access-control-allow-credentials: true

GET
H2 200 details Show response
www.1mg.com/api/v2/cart/ 638 B
2 KB 225ms
225ms XHR
application/json 2606:4700:10::6814:d632
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.1mg.com/api/v2/cart/details

Requested by

Host: accounts.tatadigital.com
URL: https://accounts.tatadigital.com/v2/tdl-sso-auth.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:d632 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd75a1a9fa9924826d77159ec4e5d54bea1d87c55988917b07010eac8ff39086

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://cont-sites.bajajfinserv.in/ https://www.bajajfinserv.in/ https://www.1mg.com/ https://chatbot.tatadigital.com/ https://www.tatadigital.com/ https://www.tataneu.com/
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

X-Platform: Desktop-0.0.1
X-CSRF-Token: vnA25fCu-_e5HVXENAFRtzLDYe8vzR3DGqlY
Cache-Control: no-cache, no-store, must-revalidate
Referer: https://www.1mg.com/categories/winter-care-65?referrer=singular_click_id%3Dec044b40-c901-4909-81a0-c483b7382d27&utm_campaign=winter_care_dweb&utm_medium=emailer_NC&utm_source=emailer_NC
Pragma: no-cache
HKP-Platform: Healthkartplus-0.0.1-Desktop
X-HTML-CanRender: True
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-expose-headers: Content-Length,Content-Range
content-encoding: br
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, PUT, OPTIONS, DELETE, PATCH
date: Fri, 29 Nov 2024 04:31:30 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
access-control-allow-headers: x-1mglabs-platform,Pragma,DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,authorization,hkp-platform,x-csrf-token,x-html-canrender,x-platform,user-device
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains; preload;
content-security-policy: frame-ancestors 'self' https://cont-sites.bajajfinserv.in/ https://www.bajajfinserv.in/ https://www.1mg.com/ https://chatbot.tatadigital.com/ https://www.tatadigital.com/ https://www.tataneu.com/
x-dns-prefetch-control: off
visitor-id: 0feb20bd-bf91-4838-931f-9ea1ad4c1fb9_kqppYYIUAS_2934_1732854688824
x-download-options: noopen
cf-ray: 8e9fde568a4bdcaa-FRA
x-visitor-id: 0feb20bd-bf91-4838-931f-9ea1ad4c1fb9_kqppYYIUAS_2934_1732854688824
x-xss-protection: 1; mode=block
server: cloudflare

POST
H2 200 check-session Show response
api.tatadigital.com/api/v2/sso/ 110 B
2 KB 166ms
164ms Fetch
application/json 2a02:26f0:480:d::210:f157
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.tatadigital.com/api/v2/sso/check-session

Requested by

Host: accounts.tatadigital.com
URL: https://accounts.tatadigital.com/v2/tdl-sso-auth.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:d::210:f157 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Resource Hash

435303d6da864c3fea9152c0ea61e8dd3585e7e174f5f5e3c46e757bc4b81ffd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'

Request headers

Access-Control-Allow-Origin: https://api.tatadigital.com
Referer: https://www.1mg.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
client_id: ONEMG-WEB-APP
Content-Type: application/json

Response headers

content-security-policy: default-src 'self'
access-control-expose-headers: Transfer-Encoding,Connection,Content-Security-Policy,Vary,Date,Set-Cookie
access-control-allow-credentials: true
request-context: appId=cid-v1:bb7ea1b5-3c4c-43ba-b2f0-54af335f620f
server-timing: cdn-cache; desc=MISS, edge; dur=123, origin; dur=17, ak_p; desc="1732854690460_34664471_782217328_14043_9274_17_0_219";dur=1
access-control-allow-origin: https://www.1mg.com
content-length: 110
date: Fri, 29 Nov 2024 04:31:30 GMT
content-type: application/json

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 9ms
9ms Image
text/plain 157.240.253.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1533315340292439&ev=ViewCategory&dl=https%3A%2F%2Fwww.1mg.com&rl=&if=false&ts=1732854690278&cd[value]=65&cd[currency]=INR&cd[content_type]=product&sw=1600&sh=1200&v=2.9.176&r=stable&ec=1&o=12316&fbp=fb.1.1732854689902.950985894828236430&pm=1&hrl=cea8ad&ler=empty&cdl=API_unavailable&it=1732854689874&coo=false&cs_cc=1&cas=1332311013456368%2C6356198277764857%2C5565497676895272%2C6144472272230806%2C8705157822835137%2C4410832612298206%2C5567879149981237%2C4326805070696266%2C2594319933950882%2C2414853131965762%2C2268650139852816%2C2371037966301581%2C2473827572662118%2C1869756436428197%2C1690952850949294&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1mg.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=10, rtx=0, c=26, mss=1232, tbw=8105, tp=20, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Fri, 29 Nov 2024 04:31:30 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
193 B 80ms
79ms Image
image/png 157.240.253.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1533315340292439&ev=ViewCategory&dl=https%3A%2F%2Fwww.1mg.com&rl=&if=false&ts=1732854690278&cd[value]=65&cd[currency]=INR&cd[content_type]=product&sw=1600&sh=1200&v=2.9.176&r=stable&ec=1&o=12316&fbp=fb.1.1732854689902.950985894828236430&pm=1&hrl=cea8ad&ler=empty&cdl=API_unavailable&it=1732854689874&coo=false&cs_cc=1&cas=1332311013456368%2C6356198277764857%2C5565497676895272%2C6144472272230806%2C8705157822835137%2C4410832612298206%2C5567879149981237%2C4326805070696266%2C2594319933950882%2C2414853131965762%2C2268650139852816%2C2371037966301581%2C2473827572662118%2C1869756436428197%2C1690952850949294&rqm=FGET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1mg.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7442554222644806790"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 29 Nov 2024 04:31:30 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: fCQz04LUKLJ5Vcx5cMlvE4/eRHHAXDUoZUkh3di5BVmi2u9zmVp8VslZ/GzndrgumiGi2YYv4PNMxuG8wgYj8w==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7442554222644806790", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=10, rtx=0, c=26, mss=1232, tbw=8393, tp=24, tpl=0, uplat=69, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
cross-origin-opener-policy-report-only: restrict-properties;report-to="coop_report"
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 search_loader.svg
www.1mg.com/images/ 687 B
881 B 471ms
469ms Image
image/svg+xml 2606:4700:10::6814:d632
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.1mg.com/images/search_loader.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:d632 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

913d7e209b69e0165ba3c05335f9f69dc9c9ccdd3ffb69fcd659c7ac86cef79b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1mg.com/categories/winter-care-65?referrer=singular_click_id%3Dec044b40-c901-4909-81a0-c483b7382d27&utm_campaign=winter_care_dweb&utm_medium=emailer_NC&utm_source=emailer_NC

Response headers

content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=0
content-encoding: br
cf-cache-status: BYPASS
etag: W/"2af-19372b92e98"
cf-ray: 8e9fde568a58dcaa-FRA
access-control-allow-origin: https://www.1mglabs.com
date: Fri, 29 Nov 2024 04:31:30 GMT
cache-status: HIT
content-type: image/svg+xml
vary: Accept-Encoding
server: cloudflare
last-modified: Thu, 28 Nov 2024 12:22:39 GMT

GET
H3 200 2f1a0904-5c22-4563-8b1c-bdc05deb660d.png
onemg.gumlet.io/a_ignore,w_150,h_150,c_fit,q_auto,f_auto/ 10 KB
11 KB 28ms
26ms Image
image/avif 104.18.27.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onemg.gumlet.io/a_ignore,w_150,h_150,c_fit,q_auto,f_auto/2f1a0904-5c22-4563-8b1c-bdc05deb660d.png?format=auto

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.62 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c462bbe93116df73a69b83c42aa1c0477bdbbd3d9aa108ad2a55433a227bf71d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1mg.com/

Response headers

access-control-max-age: 3600
surrogate-key: onemg.gumlet.io 2024-10-10
x-gumlet-reqid: 6748339326100b361b6bde9c
etag: "2ci8b01xpwdm8"
age: 69647
cf-cache-status: HIT
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
x-gumlet-pc: HIT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 29 Nov 2024 04:31:30 GMT
content-type: image/avif
vary: accept, Accept-Encoding
priority: u=3,i
access-control-allow-headers: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
reporting-endpoints: gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
cross-origin-resource-policy: cross-origin
x-gumlet-runtime: 0.208
cf-ray: 8e9fde568c009740-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 10107
server: cloudflare

GET
H3 200 19e65c56-5553-4183-bafa-d34f5cb78fe7.png
onemg.gumlet.io/a_ignore,w_150,h_150,c_fit,q_auto,f_auto/ 11 KB
11 KB 29ms
27ms Image
image/avif 104.18.27.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onemg.gumlet.io/a_ignore,w_150,h_150,c_fit,q_auto,f_auto/19e65c56-5553-4183-bafa-d34f5cb78fe7.png?format=auto

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.62 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e89bf03359e3477e0d4c4e6a0b50b092dccd2f7e032fa4cdb30bc4ef0f4bc66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1mg.com/

Response headers

access-control-max-age: 3600
surrogate-key: onemg.gumlet.io 2024-10-10
x-gumlet-reqid: 6748448926100b361b6fae15
etag: "dnfo02n2usp2"
age: 65305
cf-cache-status: HIT
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
x-gumlet-pc: HIT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 29 Nov 2024 04:31:30 GMT
content-type: image/avif
vary: accept, Accept-Encoding
priority: u=3,i
access-control-allow-headers: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
reporting-endpoints: gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
cross-origin-resource-policy: cross-origin
x-gumlet-runtime: 0.015
cf-ray: 8e9fde568c029740-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 10765
server: cloudflare

GET
H3 200 7c37f1c2-91b1-4b28-912d-d9b3d15ad223.png
onemg.gumlet.io/a_ignore,w_150,h_150,c_fit,q_auto,f_auto/ 8 KB
9 KB 24ms
22ms Image
image/avif 104.18.27.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onemg.gumlet.io/a_ignore,w_150,h_150,c_fit,q_auto,f_auto/7c37f1c2-91b1-4b28-912d-d9b3d15ad223.png?format=auto

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.62 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc0923e986b163ba35a8084cc6483006a4a6aab231becc943f44adf1b9624ba5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1mg.com/

Response headers

access-control-max-age: 3600
surrogate-key: onemg.gumlet.io 2024-10-11
x-gumlet-reqid: 674833930628884270c73ec9
etag: "kfdwmm0kbd6p"
age: 69646
cf-cache-status: HIT
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
x-gumlet-pc: HIT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 29 Nov 2024 04:31:30 GMT
content-type: image/avif
vary: accept, Accept-Encoding
priority: u=3,i
access-control-allow-headers: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
reporting-endpoints: gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
cross-origin-resource-policy: cross-origin
x-gumlet-runtime: 0.202
cf-ray: 8e9fde568c039740-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 8380
server: cloudflare

GET
H3 200 b9470383-c274-4453-9989-8bdacdc8eb49.png
onemg.gumlet.io/a_ignore,w_150,h_150,c_fit,q_auto,f_auto/ 12 KB
13 KB 30ms
29ms Image
image/avif 104.18.27.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onemg.gumlet.io/a_ignore,w_150,h_150,c_fit,q_auto,f_auto/b9470383-c274-4453-9989-8bdacdc8eb49.png?format=auto

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.62 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd5bd6705a747b90db5e715e7b148a46e6b2c7b5d944e0a9ab9aba3825cf56c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1mg.com/

Response headers

access-control-max-age: 3600
surrogate-key: onemg.gumlet.io 2024-10-10
x-gumlet-reqid: 6748339326100b361b6bde9d
etag: "2qheopk5z0q6"
age: 69647
cf-cache-status: HIT
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
x-gumlet-pc: HIT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 29 Nov 2024 04:31:30 GMT
content-type: image/avif
vary: accept, Accept-Encoding
priority: u=3,i
access-control-allow-headers: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
reporting-endpoints: gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
cross-origin-resource-policy: cross-origin
x-gumlet-runtime: 0.191
cf-ray: 8e9fde568c049740-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 12091
server: cloudflare

GET
H3 200 a4118924-002e-4310-b76e-075e980f81dd.png
onemg.gumlet.io/a_ignore,w_150,h_150,c_fit,q_auto,f_auto/ 6 KB
7 KB 33ms
31ms Image
image/avif 104.18.27.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onemg.gumlet.io/a_ignore,w_150,h_150,c_fit,q_auto,f_auto/a4118924-002e-4310-b76e-075e980f81dd.png?format=auto

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.62 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1b265446dfb64556d74c1ded6bce8ab39f921f9b5ac4085daa619e63712a268

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1mg.com/

Response headers

access-control-max-age: 3600
surrogate-key: onemg.gumlet.io 2024-10-11
x-gumlet-reqid: 6748448926100b361b6fae1d
etag: "247qx000tsses"
age: 65304
cf-cache-status: HIT
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
x-gumlet-pc: HIT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 29 Nov 2024 04:31:30 GMT
content-type: image/avif
vary: accept, Accept-Encoding
priority: u=3,i
access-control-allow-headers: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
reporting-endpoints: gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
cross-origin-resource-policy: cross-origin
x-gumlet-runtime: 0.245
cf-ray: 8e9fde568c059740-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 6326
server: cloudflare

GET
H3 200 7a515bb1-c115-4b47-9d7e-54631d520921.webp
onemg.gumlet.io/a_ignore,w_150,h_150,c_fit,q_auto,f_auto/ 5 KB
6 KB 34ms
33ms Image
image/avif 104.18.27.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onemg.gumlet.io/a_ignore,w_150,h_150,c_fit,q_auto,f_auto/7a515bb1-c115-4b47-9d7e-54631d520921.webp?format=auto

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.62 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

415142ed295e2502cbdc1c41886c05789dee9c62518407dcd626ae4ae3e52d36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1mg.com/

Response headers

access-control-max-age: 3600
surrogate-key: onemg.gumlet.io 2024-10-10
x-gumlet-reqid: 6748339326100b361b6bde9f
etag: "2c1mmil6oev4i"
age: 69647
cf-cache-status: HIT
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
x-gumlet-pc: HIT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 29 Nov 2024 04:31:30 GMT
content-type: image/avif
vary: accept, Accept-Encoding
priority: u=3,i
access-control-allow-headers: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
reporting-endpoints: gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
cross-origin-resource-policy: cross-origin
x-gumlet-runtime: 0.221
cf-ray: 8e9fde568c079740-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5265
server: cloudflare

GET
H3 200 8e953e7e-822b-45fb-9d55-8decd8ba02ad.png
onemg.gumlet.io/a_ignore,w_150,h_150,c_fit,q_auto,f_auto/ 6 KB
6 KB 25ms
24ms Image
image/avif 104.18.27.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onemg.gumlet.io/a_ignore,w_150,h_150,c_fit,q_auto,f_auto/8e953e7e-822b-45fb-9d55-8decd8ba02ad.png?format=auto

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.62 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7518603279024fe064bc8e76ee651647481217be42dcdfceb8bb901312a9be5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1mg.com/

Response headers

access-control-max-age: 3600
surrogate-key: onemg.gumlet.io 2024-10-10
x-gumlet-reqid: 6748339326100b361b6bdea5
etag: "2qhyfn7eyrwdo"
age: 69647
cf-cache-status: HIT
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
x-gumlet-pc: HIT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 29 Nov 2024 04:31:30 GMT
content-type: image/avif
vary: accept, Accept-Encoding
priority: u=3,i
access-control-allow-headers: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
reporting-endpoints: gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
cross-origin-resource-policy: cross-origin
x-gumlet-runtime: 0.189
cf-ray: 8e9fde568c0a9740-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5712
server: cloudflare

GET
H3 200 69790c54-ce66-4a4b-9618-b521cc0ca863.png
onemg.gumlet.io/a_ignore,w_150,h_150,c_fit,q_auto,f_auto/ 9 KB
10 KB 43ms
42ms Image
image/avif 104.18.27.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onemg.gumlet.io/a_ignore,w_150,h_150,c_fit,q_auto,f_auto/69790c54-ce66-4a4b-9618-b521cc0ca863.png?format=auto

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.62 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1099d6d36fb392c7c5efea52233bffe2b039dcc8c4b133fc2790747d172e489c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1mg.com/

Response headers

access-control-max-age: 3600
surrogate-key: onemg.gumlet.io 2024-10-10
x-gumlet-reqid: 674833930628884270c73ec7
etag: "2f87m6zrb3tnx"
age: 69646
cf-cache-status: HIT
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
x-gumlet-pc: HIT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 29 Nov 2024 04:31:30 GMT
content-type: image/avif
vary: accept, Accept-Encoding
priority: u=3,i
access-control-allow-headers: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
reporting-endpoints: gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
cross-origin-resource-policy: cross-origin
x-gumlet-runtime: 0.212
cf-ray: 8e9fde568c0b9740-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 9349
server: cloudflare

GET
H3 200 73a79da7-e820-4702-a686-eb9c99105970.webp
onemg.gumlet.io/a_ignore,w_150,h_150,c_fit,q_auto,f_auto/ 6 KB
7 KB 35ms
33ms Image
image/avif 104.18.27.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onemg.gumlet.io/a_ignore,w_150,h_150,c_fit,q_auto,f_auto/73a79da7-e820-4702-a686-eb9c99105970.webp?format=auto

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.62 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7f909e44fa960a3050fc98cb18d32dc7559ee841f2580b17b817b59e6b87c57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1mg.com/

Response headers

access-control-max-age: 3600
surrogate-key: onemg.gumlet.io 2024-10-10
x-gumlet-reqid: 674833930628884270c73eb4
etag: "1iwzutyi6idpl"
age: 69647
cf-cache-status: HIT
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
x-gumlet-pc: HIT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 29 Nov 2024 04:31:30 GMT
content-type: image/avif
vary: accept, Accept-Encoding
priority: u=3,i
access-control-allow-headers: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
reporting-endpoints: gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
cross-origin-resource-policy: cross-origin
x-gumlet-runtime: 0.221
cf-ray: 8e9fde568c0d9740-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 6326
server: cloudflare

GET
H3 200 f6cce419-334a-44c4-9860-ceb52b0da11a.png
onemg.gumlet.io/a_ignore,w_150,h_150,c_fit,q_auto,f_auto/ 7 KB
8 KB 26ms
25ms Image
image/avif 104.18.27.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onemg.gumlet.io/a_ignore,w_150,h_150,c_fit,q_auto,f_auto/f6cce419-334a-44c4-9860-ceb52b0da11a.png?format=auto

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.62 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4c4d6c2992b3d37bccdc36dca0d52dba15197425eb6bc14825f85f73320b3f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1mg.com/

Response headers

access-control-max-age: 3600
surrogate-key: onemg.gumlet.io 2024-10-11
x-gumlet-reqid: 6749430f17e23a5173356cd1
etag: "9150ybww8snb"
age: 147
cf-cache-status: HIT
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
x-gumlet-pc: HIT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 29 Nov 2024 04:31:30 GMT
content-type: image/avif
vary: accept, Accept-Encoding
priority: u=3,i
access-control-allow-headers: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
reporting-endpoints: gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
cross-origin-resource-policy: cross-origin
x-gumlet-runtime: 0.188
cf-ray: 8e9fde568c0e9740-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 6959
server: cloudflare

GET
H3 200 6644d23a-ae60-4b75-b4b5-4a6e6f75ee90.webp
onemg.gumlet.io/ 22 KB
23 KB 35ms
34ms Image
image/avif 104.18.27.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onemg.gumlet.io/6644d23a-ae60-4b75-b4b5-4a6e6f75ee90.webp?w=1062&h=124&format=auto

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.62 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c9f3127e75cffc09f159787fe22fb1bc692d5e12626ece95b7e79a5a894df52b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1mg.com/

Response headers

access-control-max-age: 3600
x-gumlet-reqid: 6748448926100b361b6fae25
etag: "2vucj7dazxpfw"
age: 65304
cf-cache-status: HIT
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
x-gumlet-pc: HIT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 29 Nov 2024 04:31:30 GMT
content-type: image/avif
vary: accept, Accept-Encoding
priority: u=3,i
access-control-allow-headers: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
reporting-endpoints: gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
cross-origin-resource-policy: cross-origin
x-gumlet-runtime: 0.196
cf-ray: 8e9fde568c0f9740-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 22950
server: cloudflare

GET
H3 200 15a9567a-7a4e-4d53-974a-a81add66d8d6.png
onemg.gumlet.io/ 21 KB
22 KB 36ms
35ms Image
image/avif 104.18.27.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onemg.gumlet.io/15a9567a-7a4e-4d53-974a-a81add66d8d6.png?w=1062&h=125&format=auto

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.62 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d972d4c6d8686d183464018746bb3a34926bdf94a35cefc9043b1e19ade12596

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1mg.com/

Response headers

access-control-max-age: 3600
surrogate-key: onemg.gumlet.io 2024-10-09
x-gumlet-reqid: 673f508c8845216609110989
etag: "3ec179jj6hbma"
age: 652054
cf-cache-status: HIT
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
x-gumlet-pc: HIT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 29 Nov 2024 04:31:30 GMT
content-type: image/avif
vary: accept, Accept-Encoding
priority: u=3,i
access-control-allow-headers: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
reporting-endpoints: gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
cross-origin-resource-policy: cross-origin
x-gumlet-runtime: 0.271
cf-ray: 8e9fde568c119740-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 21728
server: cloudflare

GET
H3 200 71b7dbba-c64b-45bb-9de1-066525dbda2c.png
onemg.gumlet.io/ 11 KB
12 KB 36ms
35ms Image
image/webp 104.18.27.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onemg.gumlet.io/71b7dbba-c64b-45bb-9de1-066525dbda2c.png?w=1062&h=125&format=auto

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.62 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60465f8ed45a069f2dbe8658a62fced0fc8691416f8c2afaa59b0dd2d1fecb74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1mg.com/

Response headers

access-control-max-age: 3600
surrogate-key: onemg.gumlet.io 2024-08-07
x-gumlet-reqid: 66e7d95b43324d3a413eaf3f
etag: "evexemv1yabo"
age: 6384199
cf-cache-status: HIT
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
x-gumlet-pc: HIT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 29 Nov 2024 04:31:30 GMT
content-type: image/webp
vary: accept, Accept-Encoding
priority: u=3,i
access-control-allow-headers: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
reporting-endpoints: gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
cross-origin-resource-policy: cross-origin
x-gumlet-runtime: 0.442
cf-ray: 8e9fde568c129740-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 11720
server: cloudflare

GET
H3 200 ed5c120d-5a7a-45ef-aeab-7ad967cc4092.jpg
onemg.gumlet.io/ 16 KB
17 KB 37ms
36ms Image
image/avif 104.18.27.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onemg.gumlet.io/ed5c120d-5a7a-45ef-aeab-7ad967cc4092.jpg?w=349&h=187&format=auto

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.62 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c15ba11f2efa8f3308a73300d0f50c4526b43f6c4dba74e4c87c22f7602ff52d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1mg.com/

Response headers

access-control-max-age: 3600
x-gumlet-reqid: 67484b2926100b361b71285f
etag: "17f0g9wmgk69s"
age: 63609
cf-cache-status: HIT
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
x-gumlet-pc: HIT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 29 Nov 2024 04:31:30 GMT
content-type: image/avif
vary: accept, Accept-Encoding
priority: u=3,i
access-control-allow-headers: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
reporting-endpoints: gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
cross-origin-resource-policy: cross-origin
x-gumlet-runtime: 0.195
cf-ray: 8e9fde568c149740-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 16818
server: cloudflare

GET
H3 200 2966bdec-5eea-47d6-adc1-5d1b1c7c0166.jpg
onemg.gumlet.io/ 21 KB
21 KB 38ms
37ms Image
image/avif 104.18.27.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onemg.gumlet.io/2966bdec-5eea-47d6-adc1-5d1b1c7c0166.jpg?w=349&h=187&format=auto

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.62 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d9a5c992606651522968f914729c69164c9db9d96d13f8ac8a63200b787a1fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1mg.com/

Response headers

access-control-max-age: 3600
x-gumlet-reqid: 67484b2926100b361b712860
etag: "7tblvhj7fo0c"
age: 63609
cf-cache-status: HIT
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
x-gumlet-pc: HIT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 29 Nov 2024 04:31:30 GMT
content-type: image/avif
vary: accept, Accept-Encoding
priority: u=3,i
access-control-allow-headers: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
reporting-endpoints: gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
cross-origin-resource-policy: cross-origin
x-gumlet-runtime: 0.19
cf-ray: 8e9fde568c169740-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 21126
server: cloudflare

GET
H3 200 f72c1374-596b-4ff8-b7a4-246a9abe2e4f.jpg
onemg.gumlet.io/ 28 KB
29 KB 42ms
41ms Image
image/avif 104.18.27.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onemg.gumlet.io/f72c1374-596b-4ff8-b7a4-246a9abe2e4f.jpg?w=349&h=187&format=auto

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.62 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c8a66934177cac3a8ee53e6939ec8265aa2dd657517db02e248501ce2668f0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1mg.com/

Response headers

access-control-max-age: 3600
x-gumlet-reqid: 67484b290628884270cccf91
etag: "347pmx5ww3yx2"
age: 63609
cf-cache-status: HIT
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
x-gumlet-pc: HIT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 29 Nov 2024 04:31:30 GMT
content-type: image/avif
vary: accept, Accept-Encoding
priority: u=3,i
access-control-allow-headers: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
reporting-endpoints: gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
cross-origin-resource-policy: cross-origin
x-gumlet-runtime: 0.196
cf-ray: 8e9fde568c189740-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 28621
server: cloudflare

GET
H3 200 ed5c120d-5a7a-45ef-aeab-7ad967cc4092.jpg
onemg.gumlet.io/ 16 KB
17 KB 39ms
38ms Image
image/avif 104.18.27.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onemg.gumlet.io/ed5c120d-5a7a-45ef-aeab-7ad967cc4092.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.62 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c15ba11f2efa8f3308a73300d0f50c4526b43f6c4dba74e4c87c22f7602ff52d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1mg.com/

Response headers

x-gumlet-oc: HIT
access-control-max-age: 3600
x-gumlet-reqid: Z0hEi4Z70qJF4RBy
etag: "17f0g9wmgk69s"
age: 65303
cf-cache-status: HIT
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
x-gumlet-pc: MISS
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 29 Nov 2024 04:31:30 GMT
content-type: image/avif
vary: accept, Accept-Encoding
priority: u=3,i
access-control-allow-headers: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
reporting-endpoints: gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
cross-origin-resource-policy: cross-origin
x-gumlet-runtime: 0.538
cf-ray: 8e9fde568c199740-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 16818
server: cloudflare

GET
H3 200 2966bdec-5eea-47d6-adc1-5d1b1c7c0166.jpg
onemg.gumlet.io/ 21 KB
21 KB 40ms
39ms Image
image/avif 104.18.27.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onemg.gumlet.io/2966bdec-5eea-47d6-adc1-5d1b1c7c0166.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.62 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d9a5c992606651522968f914729c69164c9db9d96d13f8ac8a63200b787a1fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1mg.com/

Response headers

x-gumlet-oc: HIT
access-control-max-age: 3600
x-gumlet-reqid: Z0hEioZ70qJF4RBq
etag: "7tblvhj7fo0c"
age: 65303
cf-cache-status: HIT
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
x-gumlet-pc: MISS
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 29 Nov 2024 04:31:30 GMT
content-type: image/avif
vary: accept, Accept-Encoding
priority: u=3,i
access-control-allow-headers: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
reporting-endpoints: gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
cross-origin-resource-policy: cross-origin
x-gumlet-runtime: 0.521
cf-ray: 8e9fde568c1b9740-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 21126
server: cloudflare

GET
H3 200 f72c1374-596b-4ff8-b7a4-246a9abe2e4f.jpg
onemg.gumlet.io/ 28 KB
29 KB 41ms
40ms Image
image/avif 104.18.27.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onemg.gumlet.io/f72c1374-596b-4ff8-b7a4-246a9abe2e4f.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.62 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c8a66934177cac3a8ee53e6939ec8265aa2dd657517db02e248501ce2668f0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1mg.com/

Response headers

x-gumlet-oc: HIT
access-control-max-age: 3600
x-gumlet-reqid: Z0lDD7Jzzd/7yH/x
etag: "347pmx5ww3yx2"
age: 147
cf-cache-status: HIT
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
x-gumlet-pc: MISS
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 29 Nov 2024 04:31:30 GMT
content-type: image/avif
vary: accept, Accept-Encoding
priority: u=3,i
access-control-allow-headers: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
reporting-endpoints: gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
cross-origin-resource-policy: cross-origin
x-gumlet-runtime: 0.548
cf-ray: 8e9fde568c1d9740-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 28621
server: cloudflare

GET
H2 200 fs.js Show response
edge.fullstory.com/s/ 286 KB
78 KB 34ms
12ms Script
application/javascript 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/fs.js
Requested by: Host: cdn.rudderlabs.com
URL: https://cdn.rudderlabs.com/v1.1/js-integrations/Fullstory.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 8ee3657560b1a271d276a415951fe1e5451e258da97a10c639e6b9aba2f28e1b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.1mg.com
Referer: https://www.1mg.com/

Response headers

x-goog-metageneration: 1
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
content-encoding: br
x-goog-hash: crc32c=ZmBNIA==, md5=0Vgo23dc3Qpu85CjYQ6d0Q==
etag: "d15828db775cdd0a6ef390a3610e9dd1"
age: 870
x-goog-stored-content-encoding: br
expires: Fri, 29 Nov 2024 05:17:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 79132
date: Fri, 29 Nov 2024 04:17:00 GMT
last-modified: Thu, 14 Nov 2024 14:06:07 GMT
content-type: application/javascript
vary: Accept-Encoding
x-guploader-uploadid: AFiumC7kPTpChCJLqmeLIIG3rVZlVuHAQ9O9d8RA2Cmd84QB9LC8soJht6pSOExdVNx1b9JcMExjn8728g
cache-control: public, max-age=3600,no-transform
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1731593167065982
content-length: 79132
server: UploadServer

GET
H3 200 ed5c120d-5a7a-45ef-aeab-7ad967cc4092.jpg
onemg.gumlet.io/ 16 KB
17 KB 20ms
19ms Image
image/avif 104.18.27.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onemg.gumlet.io/ed5c120d-5a7a-45ef-aeab-7ad967cc4092.jpg?w=350&h=187&format=auto

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.62 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c15ba11f2efa8f3308a73300d0f50c4526b43f6c4dba74e4c87c22f7602ff52d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1mg.com/

Response headers

access-control-max-age: 3600
x-gumlet-reqid: 6748448c26100b361b6fae9a
etag: "17f0g9wmgk69s"
age: 65302
cf-cache-status: HIT
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
x-gumlet-pc: HIT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 29 Nov 2024 04:31:30 GMT
content-type: image/avif
vary: accept, Accept-Encoding
priority: u=3,i
access-control-allow-headers: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
reporting-endpoints: gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
cross-origin-resource-policy: cross-origin
x-gumlet-runtime: 0.197
cf-ray: 8e9fde572c759740-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 16818
server: cloudflare

GET
H3 200 2966bdec-5eea-47d6-adc1-5d1b1c7c0166.jpg
onemg.gumlet.io/ 21 KB
21 KB 18ms
17ms Image
image/avif 104.18.27.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onemg.gumlet.io/2966bdec-5eea-47d6-adc1-5d1b1c7c0166.jpg?w=350&h=187&format=auto

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.62 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d9a5c992606651522968f914729c69164c9db9d96d13f8ac8a63200b787a1fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1mg.com/

Response headers

access-control-max-age: 3600
x-gumlet-reqid: 6749430f17e23a5173356cd6
etag: "7tblvhj7fo0c"
age: 147
cf-cache-status: HIT
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
x-gumlet-pc: HIT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 29 Nov 2024 04:31:30 GMT
content-type: image/avif
vary: accept, Accept-Encoding
priority: u=3,i
access-control-allow-headers: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
reporting-endpoints: gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
cross-origin-resource-policy: cross-origin
x-gumlet-runtime: 0.206
cf-ray: 8e9fde572c769740-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 21126
server: cloudflare

GET
H3 200 f72c1374-596b-4ff8-b7a4-246a9abe2e4f.jpg
onemg.gumlet.io/ 28 KB
29 KB 20ms
20ms Image
image/avif 104.18.27.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onemg.gumlet.io/f72c1374-596b-4ff8-b7a4-246a9abe2e4f.jpg?w=350&h=187&format=auto

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.62 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c8a66934177cac3a8ee53e6939ec8265aa2dd657517db02e248501ce2668f0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1mg.com/

Response headers

access-control-max-age: 3600
x-gumlet-reqid: 6748448c0628884270cb4123
etag: "347pmx5ww3yx2"
age: 65302
cf-cache-status: HIT
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
x-gumlet-pc: HIT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 29 Nov 2024 04:31:30 GMT
content-type: image/avif
vary: accept, Accept-Encoding
priority: u=3,i
access-control-allow-headers: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
reporting-endpoints: gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
cross-origin-resource-policy: cross-origin
x-gumlet-runtime: 0.217
cf-ray: 8e9fde572c779740-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 28621
server: cloudflare

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 552 KB
137 KB 69ms
46ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KR9MB8

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f866c961bcf793222e5b6e38a849856f692313de6c7822fb5ae366598f722ea9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1mg.com/

Response headers

content-encoding: gzip
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Fri, 29 Nov 2024 04:31:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 29 Nov 2024 04:31:30 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Fri, 29 Nov 2024 03:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 139400
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 bat.js Show response
bat.bing.com/ 50 KB
15 KB 113ms
41ms Script
application/javascript 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1mg.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
content-encoding: gzip
etag: "028e0691d20db1:0"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5A106B0D310048A88E02DDC41334C716 Ref B: FRA31EDGE0422 Ref C: 2024-11-29T04:31:30Z
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 14570
date: Fri, 29 Nov 2024 04:31:30 GMT
content-type: application/javascript
last-modified: Wed, 16 Oct 2024 22:47:44 GMT
vary: Accept-Encoding

GET
H2 200 ClearSans-Bold.woff2
assets.1mg.com/hkp/1.0.0/static/css/fonts/clearsans-1.00/WOFF2/ 43 KB
43 KB 30ms
30ms Font
application/octet-stream 2606:4700:10::ac43:127a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.1mg.com/hkp/1.0.0/static/css/fonts/clearsans-1.00/WOFF2/ClearSans-Bold.woff2
Requested by: Host: www.1mg.com
URL: https://www.1mg.com/categories/winter-care-65?referrer=singular_click_id%3Dec044b40-c901-4909-81a0-c483b7382d27&utm_campaign=winter_care_dweb&utm_medium=emailer_NC&utm_source=emailer_NC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:127a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5e810c538d9ac115faaaa527625164da813013d225ad8b3f7bf19a3ccc409f2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.1mg.com
Referer: https://www.1mg.com/

Response headers

access-control-max-age: 3000
content-encoding: br
cf-cache-status: HIT
etag: W/"76687bf10bd465fe4da2b0a2b52a7b7a"
age: 312964
access-control-allow-methods: GET, HEAD
date: Fri, 29 Nov 2024 04:31:30 GMT
content-type: text/plain
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Tue, 19 Nov 2024 12:35:40 GMT
x-amz-id-2: HwGuJzmlmiLTC0XNHkMFOOwYFYU2K0QIVhb+tsXFE9kFcPgIkVa63vJo7LakuoZtbyCfVR+05jU=
cache-control: max-age=31536000
x-amz-request-id: 6AK8D30HEXKX7XEQ
cf-ray: 8e9fde575a915d66-FRA
access-control-allow-origin: *
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 ClearSans-Medium.woff2
assets.1mg.com/hkp/1.0.0/static/css/fonts/clearsans-1.00/WOFF2/ 49 KB
49 KB 28ms
28ms Font
application/octet-stream 2606:4700:10::ac43:127a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.1mg.com/hkp/1.0.0/static/css/fonts/clearsans-1.00/WOFF2/ClearSans-Medium.woff2
Requested by: Host: www.1mg.com
URL: https://www.1mg.com/categories/winter-care-65?referrer=singular_click_id%3Dec044b40-c901-4909-81a0-c483b7382d27&utm_campaign=winter_care_dweb&utm_medium=emailer_NC&utm_source=emailer_NC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:127a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7a44d65de0fa865598d717bd575fb2eda490ed79d908a45e0677c2401c05f9e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.1mg.com
Referer: https://www.1mg.com/

Response headers

access-control-max-age: 3000
content-encoding: br
cf-cache-status: HIT
etag: W/"36dd1d9f89b920205b64f56dd4277539"
age: 312353
access-control-allow-methods: GET, HEAD
date: Fri, 29 Nov 2024 04:31:30 GMT
content-type: text/plain
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Tue, 19 Nov 2024 12:35:39 GMT
x-amz-id-2: m2QN/ZWv4DJ8ShUVt3C0+JAHMZYHVCinWofrDn/CzIPCIFN5L05MPR5C13nnhw/U1+ZJl7CTcKs=
cache-control: max-age=31536000
x-amz-request-id: JEF6BH6K7BDMJG5J
cf-ray: 8e9fde575a925d66-FRA
access-control-allow-origin: *
server: cloudflare
x-amz-server-side-encryption: AES256

OPTIONS
H2 200 v1
api.tatadigital.com/analytics-engine/events/ Frame 0
0 830ms
829ms Preflight 2a02:26f0:480:d::210:f157
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.tatadigital.com/analytics-engine/events/v1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:d::210:f157 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: client_id,content-type,customer-hash,session,tdl-sso-version
Access-Control-Request-Method: POST
Origin: https://www.1mg.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: client_id,content-type,customer-hash,session,tdl-sso-version
access-control-allow-methods: POST
access-control-allow-origin: https://www.1mg.com
access-control-max-age: 3600
content-length: 0
date: Fri, 29 Nov 2024 04:31:31 GMT
server-timing: ak_p; desc="1732854690462_34664471_782217329_81039_9232_11_0_219";dur=1

POST
H2 200 v1 Show response
api.tatadigital.com/analytics-engine/events/ 19 B
2 KB 146ms
145ms Fetch
application/json 2a02:26f0:480:d::210:f157
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.tatadigital.com/analytics-engine/events/v1

Requested by

Host: accounts.tatadigital.com
URL: https://accounts.tatadigital.com/v2/tdl-sso-auth.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:d::210:f157 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Resource Hash

fa5c91905c6fea2b045d5009bb3a06ad63ab76ff1effb6e3bf5064879bd7c1fd

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

tdl-sso-version: 4.1.15
customer-hash: null
Referer: https://www.1mg.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
session: false
client_id: ONEMG-WEB-APP
Content-Type: application/json

Response headers

access-control-expose-headers: Connection,x-frame-options,x-xss-protection,Vary,Content-Length,Date,ETag
etag: W/"13-AU5FafGnjGQRcAzuw5htDSM9eaQ"
access-control-allow-credentials: true
server-timing: cdn-cache; desc=MISS, edge; dur=123, origin; dur=7, ak_p; desc="1732854691291_34664471_782217480_12908_8487_10_0_219";dur=1
access-control-allow-origin: https://www.1mg.com
content-length: 19
x-xss-protection: 1; mode=block
date: Fri, 29 Nov 2024 04:31:31 GMT
content-type: application/json; charset=utf-8
x-frame-options: SAMEORIGIN

POST
H2 200 v1 Show response
api.tatadigital.com/analytics-engine/events/ 19 B
2 KB 149ms
148ms Fetch
application/json 2a02:26f0:480:d::210:f157
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.tatadigital.com/analytics-engine/events/v1

Requested by

Host: accounts.tatadigital.com
URL: https://accounts.tatadigital.com/v2/tdl-sso-auth.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:d::210:f157 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Resource Hash

fa5c91905c6fea2b045d5009bb3a06ad63ab76ff1effb6e3bf5064879bd7c1fd

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

tdl-sso-version: 4.1.15
customer-hash: null
Referer: https://www.1mg.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
session: false
client_id: ONEMG-WEB-APP
Content-Type: application/json

Response headers

access-control-expose-headers: Connection,x-frame-options,x-xss-protection,Vary,Content-Length,Date,ETag
etag: W/"13-AU5FafGnjGQRcAzuw5htDSM9eaQ"
access-control-allow-credentials: true
server-timing: cdn-cache; desc=MISS, edge; dur=122, origin; dur=8, ak_p; desc="1732854690841_34664471_782217404_12955_9192_13_0_219";dur=1
access-control-allow-origin: https://www.1mg.com
content-length: 19
x-xss-protection: 1; mode=block
date: Fri, 29 Nov 2024 04:31:30 GMT
content-type: application/json; charset=utf-8
x-frame-options: SAMEORIGIN

POST
H2 200 v1 Show response
api.tatadigital.com/analytics-engine/events/ 19 B
2 KB 145ms
143ms Fetch
application/json 2a02:26f0:480:d::210:f157
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.tatadigital.com/analytics-engine/events/v1

Requested by

Host: accounts.tatadigital.com
URL: https://accounts.tatadigital.com/v2/tdl-sso-auth.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:d::210:f157 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Resource Hash

fa5c91905c6fea2b045d5009bb3a06ad63ab76ff1effb6e3bf5064879bd7c1fd

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

tdl-sso-version: 4.1.15
customer-hash: null
Referer: https://www.1mg.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
session: false
client_id: ONEMG-WEB-APP
Content-Type: application/json

Response headers

access-control-expose-headers: Connection,x-frame-options,x-xss-protection,Vary,Content-Length,Date,ETag
etag: W/"13-AU5FafGnjGQRcAzuw5htDSM9eaQ"
access-control-allow-credentials: true
server-timing: cdn-cache; desc=MISS, edge; dur=118, origin; dur=7, ak_p; desc="1732854690616_34664471_782217357_12496_8267_11_0_219";dur=1
access-control-allow-origin: https://www.1mg.com
content-length: 19
x-xss-protection: 1; mode=block
date: Fri, 29 Nov 2024 04:31:30 GMT
content-type: application/json; charset=utf-8
x-frame-options: SAMEORIGIN

OPTIONS
H2 200 v1
api.tatadigital.com/analytics-engine/events/ Frame 0
0 380ms
379ms Preflight 2a02:26f0:480:d::210:f157
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.tatadigital.com/analytics-engine/events/v1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:d::210:f157 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: client_id,content-type,customer-hash,session,tdl-sso-version
Access-Control-Request-Method: POST
Origin: https://www.1mg.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: client_id,content-type,customer-hash,session,tdl-sso-version
access-control-allow-methods: POST
access-control-allow-origin: https://www.1mg.com
access-control-max-age: 3600
content-length: 0
date: Fri, 29 Nov 2024 04:31:30 GMT
server-timing: ak_p; desc="1732854690473_34664471_782217332_35099_9540_15_0_219";dur=1

OPTIONS
H2 200 v1
api.tatadigital.com/analytics-engine/events/ Frame 0
0 153ms
152ms Preflight 2a02:26f0:480:d::210:f157
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.tatadigital.com/analytics-engine/events/v1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:d::210:f157 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: client_id,content-type,customer-hash,session,tdl-sso-version
Access-Control-Request-Method: POST
Origin: https://www.1mg.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: client_id,content-type,customer-hash,session,tdl-sso-version
access-control-allow-methods: POST
access-control-allow-origin: https://www.1mg.com
access-control-max-age: 3600
content-length: 0
date: Fri, 29 Nov 2024 04:31:30 GMT
server-timing: ak_p; desc="1732854690473_34664471_782217333_12331_8051_11_0_219";dur=1

GET
H2 200 web Show response
edge.fullstory.com/s/settings/11EGJ5/v1/ 118 KB
14 KB 8ms
7ms XHR
application/json 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/settings/11EGJ5/v1/web
Requested by: Host: accounts.tatadigital.com
URL: https://accounts.tatadigital.com/v2/tdl-sso-auth.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 8e3e1eae5a568bf7667f4b4912cbd692f3fa8ab836bf400934d61efd366f651c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1mg.com/

Response headers

x-goog-metageneration: 1
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
content-encoding: gzip
x-goog-hash: crc32c=vF3NGQ==, md5=zmXCG8AWqs7/OX4ctCA+jg==
etag: "ce65c21bc016aaceff397e1cb4203e8e"
age: 334
x-goog-stored-content-encoding: gzip
expires: Fri, 29 Nov 2024 04:40:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 13935
date: Fri, 29 Nov 2024 04:25:56 GMT
last-modified: Mon, 18 Nov 2024 20:27:44 GMT
content-type: application/json
x-guploader-uploadid: AFiumC44UzQIHJnm4ogtnAZGhL8ZQK-3prJeHhATdx-kCTmT_U4RlcLx5_ZVjGzk-qFh5qdAci7YxYQIOA
cache-control: public,max-age=900,no-transform
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1731961664862271
content-length: 13935
server: UploadServer

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 67ms
12ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KR9MB8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1mg.com/

Response headers

content-encoding: gzip
age: 6605
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Fri, 29 Nov 2024 04:41:25 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 29 Nov 2024 02:41:25 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

POST
H3 200 collect
www.google.com/ccm/ 0
0 68ms
18ms Ping
text/plain 172.217.18.4
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fwww.1mg.com%2Fcategories%2Fwinter-care-65&scrsrc=www.googletagmanager.com&frm=0&rnd=1495837630.1732854691&auid=844245749.1732854691&npa=1&gtm=45He4bk0v6472178za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&tft=1732854690559&tfd=3221&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KR9MB8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.18.4 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s22-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1mg.com/

Response headers

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 424 KB
134 KB 52ms
51ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-NPGHGVF7FB&l=dataLayer&cx=c&gtm=45He4bk0v6472178za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KR9MB8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a5a1ba626c3405141d7b050d083065a2edf9ff5c9aa9e8f37195ec6ac2935dd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1mg.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Fri, 29 Nov 2024 04:31:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 29 Nov 2024 04:31:30 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 136947
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 286 KB
98 KB 37ms
37ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-882349284&l=dataLayer&cx=c&gtm=45He4bk0v6472178za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KR9MB8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

559ffb4174fd981e6d89c0c58dcc1a4594f29913b5a3d2ee17c3727b458695b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1mg.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Fri, 29 Nov 2024 04:31:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 29 Nov 2024 04:31:30 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Fri, 29 Nov 2024 03:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 100514
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 singular-gtm-interface.js Show response
web-sdk-cdn.singular.net/singular-gtm-interface/latest/ 6 KB
2 KB 92ms
16ms Script
application/javascript 2a02:26f0:2780:6::214:f58b
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://web-sdk-cdn.singular.net/singular-gtm-interface/latest/singular-gtm-interface.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KR9MB8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:2780:6::214:f58b , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software: /
Resource Hash: 4286a0d0f77fe9bc243253e4297b58365319bcc30f8bb61b3f1b3eb6b8c46983

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1mg.com/

Response headers

cache-control: max-age=1
content-encoding: gzip
etag: W/"6c2db96922f9080ff3fec251c31808cd"
server-timing: cdn-cache; desc=REVALIDATE, edge; dur=7, origin; dur=2, ak_p; desc="1732854690625_34846347_77757615_878_892_10_14_146";dur=1
content-length: 1318
x-amz-cf-id: 1uJZ6Fw5oXHymHzKep43OH3Zb7kkVZPv9QZ878U2YLycV7_QcmOmEA==
date: Fri, 29 Nov 2024 04:31:30 GMT
content-type: application/javascript
last-modified: Wed, 27 Nov 2024 14:36:37 GMT
vary: accept-encoding
x-amz-cf-pop: FRA56-P10
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 88 KB
28 KB 72ms
11ms Script
text/javascript 2600:9000:2644:5e00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KR9MB8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2644:5e00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 84de47ed6481524074cd5e375bb773f01b59fa6452539b3b60cdb916914ca0e1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1mg.com/

Response headers

Access-Control-Max-Age: 600
Content-Encoding: gzip
X-Amz-Version-Id: XRapE5DFdXRGc5myIfsDq4zGHQVtai2E
Etag: W/"792eca3181a87960d692c005437f63e0"
Age: 2974
Access-Control-Allow-Methods: GET
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: EP3j6XTYpMDP-47DgBTAMW6wWa8M4GjUZLTBXdatpMrml_2nV5owcw==
Date: Fri, 29 Nov 2024 03:41:56 GMT
Content-Type: text/javascript
Vary: accept-encoding
Last-Modified: Tue, 15 Oct 2024 15:51:52 GMT
Access-Control-Allow-Headers: *
Transfer-Encoding: chunked
Cache-Control: max-age=3600, must-revalidate
Connection: keep-alive
Access-Control-Allow-Credentials: false
Via: 1.1 8e8e6ea60de74421f0058675cbcf9cb0.cloudfront.net (CloudFront)
Access-Control-Allow-Origin: *
X-Amz-Cf-Pop: FRA60-P6
Server: AmazonS3
X-Amz-Server-Side-Encryption: AES256

GET
H2 200 UXVDxjkzyjivJA3pPnzU.js Show response
tags.creativecdn.com/ 5 KB
3 KB 77ms
6ms Script
application/javascript 2a02:6ea0:c700::112
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.creativecdn.com/UXVDxjkzyjivJA3pPnzU.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KR9MB8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::112 Frankfurt am Main, Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 3ca9e609ef3f582aec6955e30de3ea1a0a33186bf6b10105d9e8391c4ba8ad21

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1mg.com/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=Dqq7NA==, md5=TM9Ddx5ISBq82bK8vb0n7Q==
content-encoding: gzip
etag: W/"4ccf43771e48481abcd9b2bcbdbd27ed"
x-77-cache: HIT
x-goog-stored-content-encoding: identity
expires: Wed, 16 Oct 2024 09:23:37 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 4724
date: Fri, 29 Nov 2024 04:31:30 GMT
content-type: application/javascript
last-modified: Wed, 16 Oct 2024 07:57:38 GMT
x-77-nzt-ray: 15b3c711e3ab057fa2434967e621e225
x-guploader-uploadid: AHmUCY3fsZItiM-gwPNcQMUr_i6yc88LxUTSSlCeCNQ-8cWTkQLfxnXYU2PC_WUHcGLoUv1Zur0
x-77-nzt: EgwBqZb/tgH3awUAAAwB1GY4EQG3AwAAAA
cache-control: public, max-age=3600
vary: Accept-Encoding
x-goog-storage-class: STANDARD
x-77-pop: frankfurtDE
x-goog-generation: 1729065458365535
x-77-age: 1387
server: CDN77-Turbo

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 232 KB
83 KB 37ms
37ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=DC-14719398&l=dataLayer&cx=c&gtm=45He4bk0v6472178za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KR9MB8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

968893629eac2d9b4fac1202f238488797f4f39bc5c9fde559dc21cb7a89ee6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1mg.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Fri, 29 Nov 2024 04:31:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 29 Nov 2024 04:31:30 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Fri, 29 Nov 2024 03:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 84542
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 settings Show response
www.notifyvisitors.com/ext/v1/ 26 KB
8 KB 249ms
201ms Script
text/html 143.204.98.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.notifyvisitors.com/ext/v1/settings?bid_e=1948D672A79F22D332F654FB766E7DC2&bid=2023&t=420&iFrame=false&trafficSource=&link_referrer=&pageUrl=https%3A%2F%2Fwww.1mg.com%2Fcategories%2Fwinter-care-65%3Freferrer%3Dsingular_click_id%253Dec044b40-c901-4909-81a0-c483b7382d27%26utm_campaign%3Dwinter_care_dweb%26utm_medium%3Demailer_NC%26utm_source%3Demailer_NC&path=%2Fcategories%2Fwinter-care-65&domain=https%3A%2F%2Fwww.1mg.com&gmOffset=3600&screenWidth=1600&screenHeight=1200&isPwa=0&cookieData=VISITOR-ID%3D0feb20bd-bf91-4838-931f-9ea1ad4c1fb9_kqppYYIUAS_2934_1732854688824%3B%20city%3DGurgaon%3B%20amoSessionId%3Dc14b884a-2e4b-41d8-8029-de867f4a5593%3B%20jarvis-id%3Db16b4c44-e785-48a4-b4fa-5f0f3c4f6578%3B%20_fbp%3Dfb.1.1732854689902.950985894828236430%3B%20rl_user_id%3DRudderEncrypt%253AU2FsdGVkX1%252BYtpRjdaz8CaYxKwi2YabeVFYjNG%252FeUC8%253D%3B%20rl_trait%3DRudderEncrypt%253AU2FsdGVkX1%252BJ57Qe47pF12jM3WGYa5faLKzSsJMNVec%253D%3B%20rl_group_id%3DRudderEncrypt%253AU2FsdGVkX1%252FgOS2qPUM0h531ziMeKHo9oxfOkvTx5bI%253D%3B%20rl_group_trait%3DRudderEncrypt%253AU2FsdGVkX1%252FT1QQI7KXfKhIh%252FpC11IPDEYrCs1FJYTU%253D%3B%20rl_anonymous_id%3DRudderEncrypt%253AU2FsdGVkX19t7PrVpPLeQ9KTAEAOzPnB5arpvAsvDhwaaFzXVw5SV%252FTqMPNXMbi%252FRQWpKlF0CcofJ8hw7yq7lA%253D%253D%3B%20rl_page_init_referrer%3DRudderEncrypt%253AU2FsdGVkX1%252FY4XK3hdlzbypyGmaOAvxvIWc3qKioYxY%253D%3B%20rl_page_init_referring_domain%3DRudderEncrypt%253AU2FsdGVkX1%252BbKq54MurB10UmJQLm0%252Bika%252BDEHxIHZII%253D%3B%20rl_session%3DRudderEncrypt%253AU2FsdGVkX18F2kVfMXP%252BOK10LHV%252FV2k9rjendMzcL6kwMglWtkpfleYxF5LUFt8WORXgAMQ8QQkCIGf6i4Xgh3yqqv1u0JfWn%252Bfgi%252F%252FZy2WbZxp9Wn91BFXx3ty%252FKCazm%252BdqvWDT5wGXHzz%252BllvHKg%253D%253D%3B%20AWSALBTG%3DMFJgViJCSFsvBOfpYPRCRlbEQejDcCLpj6o8%2BL3xKEKqfDZaTcvdkmyier%2B2EqOYC8pztj%2BAOVxLxYgOUSTt%2FfRDu%2FVxBwnVPKXMpCvJHPnEjuEXLeLvSwW5sUclPUlpFBVHo6o0EyVLsCIvqSCXrOjTa1GFAFUh8qAS1EwHd9jM%3B%20AWSALBTGCORS%3DMFJgViJCSFsvBOfpYPRCRlbEQejDcCLpj6o8%2BL3xKEKqfDZaTcvdkmyier%2B2EqOYC8pztj%2BAOVxLxYgOUSTt%2FfRDu%2FVxBwnVPKXMpCvJHPnEjuEXLeLvSwW5sUclPUlpFBVHo6o0EyVLsCIvqSCXrOjTa1GFAFUh8qAS1EwHd9jM%3B%20geolocation%3Dfalse%3B%20synapse%3Ainit%3Dfalse%3B%20synapse%3Aplatform%3Dweb%3B%20is_cp_member%3Dfalse%3B%20_gcl_au%3D1.1.844245749.1732854691%3B%20hkp_campaign%3Dwinter_care_dweb%3B%20hkp_medium%3Demailer_NC%3B%20hkp_source%3Demailer_NC&ruleData=%7B%22city%22%3A%22Gurgaon%22%7D&storage=%7B%22session%22%3A%7B%7D%2C%22local%22%3A%7B%7D%7D&

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.95 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-95.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

c75afc8fcfa7cccca79fe2d0c1e79941643c2f19eba43849ae0f008025e6fa39

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1mg.com/

Response headers

cache-control: no-store
content-encoding: gzip
via: 1.1 32e4d419823b7f8df8417a8b18c9602c.cloudfront.net (CloudFront)
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: 4H60aQP1WlQn5VWSZDchvinp9UXSkqOIquEtdjuO-QNqU1-YaXwcgw==
date: Fri, 29 Nov 2024 04:31:30 GMT
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
server: nginx
x-amz-cf-pop: FRA50-C1

GET
H2 200 ld.js Show response
static.criteo.net/js/ld/ 50 KB
16 KB 81ms
30ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/ld.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KR9MB8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),

Reverse DNS

Software

nginx /

Resource Hash

42fef7a7c13be12c7c7e48756a9d7798df382decf4d132b5e2843cec70c79636

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1mg.com/

Response headers

strict-transport-security: max-age=31536000; preload;
cache-control: max-age=86400, public
timing-allow-origin: *
content-encoding: gzip
etag: W/"6706b6f2-c61f"
cross-origin-resource-policy: cross-origin
expires: Sat, 30 Nov 2024 04:31:30 GMT
access-control-allow-origin: *
date: Fri, 29 Nov 2024 04:31:30 GMT
content-type: text/javascript
last-modified: Wed, 09 Oct 2024 17:01:38 GMT
server: nginx

GET
H2 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/4bj0/ Frame D8F2 0
0 43ms
8ms Document
text/html 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/4bj0/sw_iframe.html?origin=https%3A%2F%2Fwww.1mg.com

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KR9MB8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 201320
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Tue, 26 Nov 2024 20:36:10 GMT
expires: Wed, 26 Nov 2025 20:36:10 GMT
last-modified: Tue, 19 Nov 2024 10:38:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 5268488.js Show response
bat.bing.com/p/action/ 363 B
413 B 39ms
38ms Script
application/javascript 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5268488.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a1fec7acc9e28feaa2280cd08d30cab4cac8e9557fb8fb35ab6ffcd1e28fade8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1mg.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
content-encoding: br
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7FA14D0E9BFE4F81AF765CF67E36B738 Ref B: FRA31EDGE0422 Ref C: 2024-11-29T04:31:30Z
x-cache: CONFIG_NOCACHE
date: Fri, 29 Nov 2024 04:31:30 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
418 B 19ms
17ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=807447451&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.1mg.com%2Fcategories%2Fwinter-care-65%3Freferrer%3Dsingular_click_id%253Dec044b40-c901-4909-81a0-c483b7382d27%26utm_campaign%3Dwinter_care_dweb%26utm_medium%3Demailer_NC%26utm_source%3Demailer_NC&ul=de-de&de=UTF-8&dt=Winter%20Care%20%3A%20Buy%20Winter%20Care%20Products%20Online%20in%20India%20%7C%201mg&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Categories%20Page&ea=Page%20View%20Action&el=Product%20List%20Viewed&_u=YEBAAAABAAAAAC~&jid=38315178&gjid=1283893757&cid=319752909.1732854691&tid=UA-21820217-6&_gid=1855848459.1732854691&_r=1&_slc=1&gtm=45He4bk0n71KR9MB8v6472178za200&cd1=0feb20bd-bf91-4838-931f-9ea1ad4c1fb9_kqppYYIUAS_2934_1732854688824&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&npa=1&z=1666473018

Requested by

Host: accounts.tatadigital.com
URL: https://accounts.tatadigital.com/v2/tdl-sso-auth.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.1mg.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 29 Nov 2024 04:31:30 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://www.1mg.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 3
server: Golfe2

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 74 B
436 B 94ms
50ms XHR
application/json 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: accounts.tatadigital.com
URL: https://accounts.tatadigital.com/v2/tdl-sso-auth.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.1mg.com/

Response headers

cache-control: private
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
content-encoding: gzip
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://www.1mg.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94
date: Fri, 29 Nov 2024 04:31:30 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
server: ESF
x-frame-options: SAMEORIGIN

POST
H2 204 0
bat.bing.net/actionp/ 0
120 B 116ms
62ms Ping
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.net/actionp/0?ti=5268488&Ver=2&mid=15a21197-4fdc-4f7c-bd26-a8a9eedf75de&bo=1&evt=consent&src=enforced&cdb=AQAI&asc=D
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1mg.com/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B04D6CE67E1C46F28E8CD050AFE3A0AA Ref B: FRA31EDGE0114 Ref C: 2024-11-29T04:31:30Z
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Fri, 29 Nov 2024 04:31:30 GMT

GET
H2 204 0
bat.bing.net/action/ 0
346 B 114ms
62ms Image
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.net/action/0?ti=5268488&Ver=2&mid=15a21197-4fdc-4f7c-bd26-a8a9eedf75de&bo=2&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=Winter%20Care%20%3A%20Buy%20Winter%20Care%20Products%20Online%20in%20India%20%7C%201mg&kw=Winter%20Care&p=https%3A%2F%2Fwww.1mg.com%2Fcategories%2Fwinter-care-65%3Freferrer%3Dsingular_click_id%253Dec044b40-c901-4909-81a0-c483b7382d27%26utm_campaign%3Dwinter_care_dweb%26utm_medium%3Demailer_NC%26utm_source%3Demailer_NC&r=&lt=3121&evt=pageLoad&sv=1&asc=D&cdb=AQAY&rn=495845
Requested by: Host: www.1mg.com
URL: https://www.1mg.com/categories/winter-care-65?referrer=singular_click_id%3Dec044b40-c901-4909-81a0-c483b7382d27&utm_campaign=winter_care_dweb&utm_medium=emailer_NC&utm_source=emailer_NC
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1mg.com/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C97CEBA8BF2846C59187C4EA933374BC Ref B: FRA31EDGE0114 Ref C: 2024-11-29T04:31:30Z
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Fri, 29 Nov 2024 04:31:30 GMT

GET
H2

200

activityi;dc_pre=CJ3zpuLagIoDFUOPgwcd558Yrg;src=14719398;type=invmedia;cat=tata100;ord=0feb20bd-bf91-4838-931f-9ea1ad4c1fb9_kqppYYIUAS_2934_1732854688824;npa=1;auiddc=844245749.1732854691;ps=1;pcor...
14719398.fls.doubleclick.net/ Frame EAD5
Redirect Chain

https://14719398.fls.doubleclick.net/activityi;src=14719398;type=invmedia;cat=tata100;ord=0feb20bd-bf91-4838-931f-9ea1ad4c1fb9_kqppYYIUAS_2934_1732854688824;npa=1;auiddc=844245749.1732854691;ps=1;p...
https://14719398.fls.doubleclick.net/activityi;dc_pre=CJ3zpuLagIoDFUOPgwcd558Yrg;src=14719398;type=invmedia;cat=tata100;ord=0feb20bd-bf91-4838-931f-9ea1ad4c1fb9_kqppYYIUAS_2934_1732854688824;npa=1;...

0
0

23ms
23ms

Document
text/html

142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://14719398.fls.doubleclick.net/activityi;dc_pre=CJ3zpuLagIoDFUOPgwcd558Yrg;src=14719398;type=invmedia;cat=tata100;ord=0feb20bd-bf91-4838-931f-9ea1ad4c1fb9_kqppYYIUAS_2934_1732854688824;npa=1;auiddc=844245749.1732854691;ps=1;pcor=1451025031;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bk0v9191331500z86472178za201zb6472178;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=101925629~102067555~102067808~102077855~102081485;epver=2;~oref=https%3A%2F%2Fwww.1mg.com%2Fcategories%2Fwinter-care-65%3Freferrer%3Dsingular_click_id%253Dec044b40-c901-4909-81a0-c483b7382d27%26utm_campaign%3Dwinter_care_dweb%26utm_medium%3Demailer_NC%26utm_source%3Demailer_NC?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-14719398&l=dataLayer&cx=c&gtm=45He4bk0v6472178za200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.1mg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 527
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 29 Nov 2024 04:31:30 GMT
expires: Fri, 29 Nov 2024 04:31:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 29 Nov 2024 04:31:30 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://14719398.fls.doubleclick.net/activityi;dc_pre=CJ3zpuLagIoDFUOPgwcd558Yrg;src=14719398;type=invmedia;cat=tata100;ord=0feb20bd-bf91-4838-931f-9ea1ad4c1fb9_kqppYYIUAS_2934_1732854688824;npa=1;auiddc=844245749.1732854691;ps=1;pcor=1451025031;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bk0v9191331500z86472178za201zb6472178;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=101925629~102067555~102067808~102077855~102081485;epver=2;~oref=https%3A%2F%2Fwww.1mg.com%2Fcategories%2Fwinter-care-65%3Freferrer%3Dsingular_click_id%253Dec044b40-c901-4909-81a0-c483b7382d27%26utm_campaign%3Dwinter_care_dweb%26utm_medium%3Demailer_NC%26utm_source%3Demailer_NC?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activity;register_conversion=1;src=14719398;type=invmedia;cat=tata100;ord=0feb20bd-bf91-4838-931f-9ea1ad4c1fb9_kqppYYIUAS_2934_1732854688824;npa=1;auiddc=844245749.1732854691;ps=1;pcor=1451025031;u...
ad.doubleclick.net/ 0
23 B 46ms
19ms Image
image/png 142.250.185.70
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/activity;register_conversion=1;src=14719398;type=invmedia;cat=tata100;ord=0feb20bd-bf91-4838-931f-9ea1ad4c1fb9_kqppYYIUAS_2934_1732854688824;npa=1;auiddc=844245749.1732854691;ps=1;pcor=1451025031;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bk0v9191331500z86472178za201zb6472178;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=101925629~102067555~102067808~102077855~102081485;epver=2;~oref=https%3A%2F%2Fwww.1mg.com%2Fcategories%2Fwinter-care-65%3Freferrer%3Dsingular_click_id%253Dec044b40-c901-4909-81a0-c483b7382d27%26utm_campaign%3Dwinter_care_dweb%26utm_medium%3Demailer_NC%26utm_source%3Demailer_NC?

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1mg.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Fri, 29 Nov 2024 04:31:30 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"10918984203796744585"}],"aggregatable_trigger_data":[{"filters":[{"14":["110173830"]}],"key_piece":"0xcc310b8dff54079a","source_keys":["12","13","14","15","16","17","18","19","20","21","642851188","642851189","642851190","642851191","642852828","642852829","642852830","642852831"]},{"key_piece":"0x9b65d01c810c800a","not_filters":{"14":["110173830"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","642851188","642851189","642851190","642851191","642852828","642852829","642852830","642852831"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356,"642851188":32,"642851189":32,"642851190":32,"642851191":3177,"642852828":81,"642852829":81,"642852830":81,"642852831":7946},"aggregation_coordinator_origin":"https://publickeyservice.msmt.gcp.privacysandboxservices.com","debug_key":"9825868379266686205","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"10918984203796744585","filters":[{"14":["110173830"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"10918984203796744585","filters":[{"14":["110173830"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"10918984203796744585","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"10918984203796744585","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["14719398"]}}
content-type: image/png
x-xss-protection: 0
server: cafe

OPTIONS
H2 200 v2
asia.creativecdn.com/tags/ Frame 0
0 533ms
166ms Preflight 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.creativecdn.com/tags/v2?type=json
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.1mg.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.1mg.com
access-control-max-age: 3600
content-length: 0
date: Fri, 29 Nov 2024 04:31:31 GMT
vary: Origin

POST
H2

200

v2 Show response
asia.creativecdn.com/tags/
Redirect Chain

https://asia.creativecdn.com/tags/v2?type=json
https://asia.creativecdn.com/tags/v2?type=json&tc=1

488 B
843 B

174ms
174ms

Fetch
application/json

103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.creativecdn.com/tags/v2?type=json&tc=1
Requested by: Host: www.1mg.com
URL: https://www.1mg.com/categories/winter-care-65?referrer=singular_click_id%3Dec044b40-c901-4909-81a0-c483b7382d27&utm_campaign=winter_care_dweb&utm_medium=emailer_NC&utm_source=emailer_NC
Protocol: H2
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: 75227a5e95c02805645eeedc3399857605f360497b0262599e9360d21cc53c48

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1mg.com/categories/winter-care-65?referrer=singular_click_id%3Dec044b40-c901-4909-81a0-c483b7382d27&utm_campaign=winter_care_dweb&utm_medium=emailer_NC&utm_source=emailer_NC

Response headers

access-control-max-age: 3600
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-encoding: gzip
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin: https://www.1mg.com
content-length: 366
date: Fri, 29 Nov 2024 04:31:31 GMT, Fri, 29 Nov 2024 04:31:31 GMT
content-type: application/json;charset=utf-8
vary: Origin

Redirect headers

access-control-max-age: 3600
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
location: https://asia.creativecdn.com/tags/v2?type=json&tc=1
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin: https://www.1mg.com
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-length: 0
date: Fri, 29 Nov 2024 04:31:31 GMT, Fri, 29 Nov 2024 04:31:31 GMT
vary: Origin

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/pre/
Redirect Chain

https://s.adroll.com/j/pre/U4ZFS2QH4VB65A54O43AEQ/6PFMKMAZXFGFLMSXPCJHFF/fpconsent.js
https://s.adroll.com/j/pre/index.js

0
756 B

11ms
11ms

Script
application/javascript

2600:9000:2644:5e00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/index.js
Requested by: Host: www.1mg.com
URL: https://www.1mg.com/categories/winter-care-65?referrer=singular_click_id%3Dec044b40-c901-4909-81a0-c483b7382d27&utm_campaign=winter_care_dweb&utm_medium=emailer_NC&utm_source=emailer_NC
Protocol: HTTP/1.1
Server: 2600:9000:2644:5e00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1mg.com/

Response headers

Access-Control-Max-Age: 600
X-Amz-Version-Id: nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Age: 84757
Access-Control-Allow-Methods: GET
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: lqsIBgy3O0_XpbtrW9wQYumfmN9RrzMlRnWYjNWIbZhfMw6t6mC5Hw==
Date: Thu, 28 Nov 2024 04:58:54 GMT
Content-Type: application/javascript
Vary: Accept-Encoding
Last-Modified: Wed, 15 Jan 2020 23:54:18 GMT
Access-Control-Allow-Headers: *
Connection: keep-alive
Access-Control-Allow-Credentials: false
Via: 1.1 8e8e6ea60de74421f0058675cbcf9cb0.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 0
X-Amz-Cf-Pop: FRA60-P6
Server: AmazonS3
X-Amz-Server-Side-Encryption: AES256

Redirect headers

Access-Control-Max-Age: 600
Age: 42353
Access-Control-Allow-Methods: GET
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: MlERZODxygjJh5Q7BxlWoS9VNqUjTvO82XKOQOTq02psSFvqNhvHVA==
Date: Thu, 28 Nov 2024 16:45:36 GMT
Content-Type: application/xml
Access-Control-Allow-Headers: *
Location: https://s.adroll.com/j/pre/index.js
Connection: keep-alive
Access-Control-Allow-Credentials: false
Via: 1.1 8e8e6ea60de74421f0058675cbcf9cb0.cloudfront.net (CloudFront)
Access-Control-Allow-Origin: *
Content-Length: 0
X-Amz-Cf-Pop: FRA60-P6
Server: AmazonS3

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/pre/U4ZFS2QH4VB65A54O43AEQ/6PFMKMAZXFGFLMSXPCJHFF/ 9 KB
4 KB 18ms
8ms Script
text/javascript 2600:9000:2644:5e00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/U4ZFS2QH4VB65A54O43AEQ/6PFMKMAZXFGFLMSXPCJHFF/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2644:5e00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9a7616157191cea33870e61c8f37b9842c4a63088c5821eeee34e570679e904f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1mg.com/

Response headers

Access-Control-Max-Age: 600
Content-Encoding: gzip
X-Amz-Version-Id: EYiXSR423Z2oxwYAJhP3BygvNz7Nbqnh
Etag: W/"706be4fd28aeb971d2ff83a528c2073a"
Age: 2200
Access-Control-Allow-Methods: GET
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: BfaNwC-n1QSxAVVBk2gcDQ7C8H7mbB0B0m0bBpnqWMRcb5WshzOtQg==
Date: Fri, 29 Nov 2024 03:56:27 GMT
Content-Type: text/javascript; charset=utf-8
Vary: Accept-Encoding
Last-Modified: Sat, 23 Nov 2024 11:37:18 GMT
Access-Control-Allow-Headers: *
Transfer-Encoding: chunked
Cache-Control: max-age=3600, must-revalidate
Connection: keep-alive
Access-Control-Allow-Credentials: false
Via: 1.1 8e8e6ea60de74421f0058675cbcf9cb0.cloudfront.net (CloudFront)
Access-Control-Allow-Origin: *
X-Amz-Cf-Pop: FRA60-P6
Server: AmazonS3
X-Amz-Server-Side-Encryption: AES256

POST
H2 204 collect Show response
region1.google-analytics.com/g/ 0
549 B 48ms
14ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-1HF6RR2VT7&gtm=45je4bk0v879238698z86472178za200zb6472178&_p=1732854690427&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=319752909.1732854691&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1732854690&sct=1&seg=0&dl=https%3A%2F%2Fwww.1mg.com%2Fcategories%2Fwinter-care-65%3Freferrer%3Dsingular_click_id%253Dec044b40-c901-4909-81a0-c483b7382d27%26utm_campaign%3Dwinter_care_dweb%26utm_medium%3Demailer_NC%26utm_source%3Demailer_NC&dt=Winter%20Care%20%3A%20Buy%20Winter%20Care%20Products%20Online%20in%20India%20%7C%201mg&en=page_view&_fv=1&_ss=1&tfd=3390
Requested by: Host: accounts.tatadigital.com
URL: https://accounts.tatadigital.com/v2/tdl-sso-auth.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1mg.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.1mg.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 29 Nov 2024 04:31:30 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect Show response
region1.analytics.google.com/g/ 0
551 B 44ms
18ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-NPGHGVF7FB&gtm=45je4bk0v879238698z86472178za200zb6472178&_p=1732854690427&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=319752909.1732854691&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1732854690&sct=1&seg=0&dl=https%3A%2F%2Fwww.1mg.com%2Fcategories%2Fwinter-care-65%3Freferrer%3Dsingular_click_id%253Dec044b40-c901-4909-81a0-c483b7382d27%26utm_campaign%3Dwinter_care_dweb%26utm_medium%3Demailer_NC%26utm_source%3Demailer_NC&dt=Winter%20Care%20%3A%20Buy%20Winter%20Care%20Products%20Online%20in%20India%20%7C%201mg&en=page_view&_fv=1&_ss=1&tfd=3398
Requested by: Host: accounts.tatadigital.com
URL: https://accounts.tatadigital.com/v2/tdl-sso-auth.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1mg.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.1mg.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 29 Nov 2024 04:31:30 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
542 B 65ms
23ms Ping
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-NPGHGVF7FB&cid=319752909.1732854691&gtm=45je4bk0v879238698z86472178za200zb6472178&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NPGHGVF7FB&l=dataLayer&cx=c&gtm=45He4bk0v6472178za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1mg.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.1mg.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 29 Nov 2024 04:31:30 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 41ms
19ms Image
image/gif 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-NPGHGVF7FB&cid=319752909.1732854691&gtm=45je4bk0v879238698z86472178za200zb6472178&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&tag_exp=101925629~102067555~102067808~102077855~102081485&z=2065937901

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1mg.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Fri, 29 Nov 2024 04:31:30 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 singular-sdk.js Show response
web-sdk-cdn.singular.net/singular-sdk/latest/ 157 KB
46 KB 23ms
22ms Script
application/javascript 2a02:26f0:2780:6::214:f58b
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://web-sdk-cdn.singular.net/singular-sdk/latest/singular-sdk.js
Requested by: Host: web-sdk-cdn.singular.net
URL: https://web-sdk-cdn.singular.net/singular-gtm-interface/latest/singular-gtm-interface.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:2780:6::214:f58b , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software: /
Resource Hash: 986be1292b8e83aa329bb18ee812a4f895dd9b1348cda18f76f5777b0223edd6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1mg.com/

Response headers

cache-control: max-age=1
content-encoding: gzip
etag: W/"fdceee099ed7d7d33f11408da7b5708f"
server-timing: cdn-cache; desc=REVALIDATE, edge; dur=12, origin; dur=2, ak_p; desc="1732854690743_34846347_77757803_1473_1057_10_0_146";dur=1
content-length: 46775
x-amz-cf-id: dqUiY3snh5bKKvVTq4IKOLjZBxbRHK84MXbLBEsOzmV4qG6IIo_BcQ==
date: Fri, 29 Nov 2024 04:31:30 GMT
content-type: application/javascript
last-modified: Wed, 27 Nov 2024 14:14:37 GMT
vary: accept-encoding
x-amz-cf-pop: FRA56-P10
x-amz-server-side-encryption: AES256

POST
H2 200 publisher:getClientId Show response
ampcid.google.de/v1/ 3 B
365 B 57ms
17ms XHR
application/json 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: accounts.tatadigital.com
URL: https://accounts.tatadigital.com/v2/tdl-sso-auth.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.1mg.com/

Response headers

cache-control: private
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
content-encoding: gzip
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://www.1mg.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
date: Fri, 29 Nov 2024 04:31:30 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
server: ESF
x-frame-options: SAMEORIGIN

GET
H2 200 syncframe
gum.criteo.com/ Frame 4161 0
0 75ms
15ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=www.1mg.com&origin=onetag

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.1mg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 29 Nov 2024 04:31:30 GMT
server: Kestrel
server-processing-duration-in-ticks: 269797
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

OPTIONS
H2 200 v1
api.tatadigital.com/analytics-engine/events/ Frame 0
0 143ms
143ms Preflight 2a02:26f0:480:d::210:f157
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.tatadigital.com/analytics-engine/events/v1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:d::210:f157 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: client_id,content-type,customer-hash,session,tdl-sso-version
Access-Control-Request-Method: POST
Origin: https://www.1mg.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: client_id,content-type,customer-hash,session,tdl-sso-version
access-control-allow-methods: POST
access-control-allow-origin: https://www.1mg.com
access-control-max-age: 3600
content-length: 0
date: Fri, 29 Nov 2024 04:31:30 GMT
server-timing: ak_p; desc="1732854690798_34664471_782217397_12224_9775_14_0_219";dur=1

POST
H2 200 v1 Show response
api.tatadigital.com/analytics-engine/events/ 19 B
2 KB 150ms
147ms Fetch
application/json 2a02:26f0:480:d::210:f157
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.tatadigital.com/analytics-engine/events/v1

Requested by

Host: accounts.tatadigital.com
URL: https://accounts.tatadigital.com/v2/tdl-sso-auth.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:d::210:f157 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Resource Hash

fa5c91905c6fea2b045d5009bb3a06ad63ab76ff1effb6e3bf5064879bd7c1fd

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

tdl-sso-version: 4.1.15
customer-hash: null
Referer: https://www.1mg.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
session: false
client_id: ONEMG-WEB-APP
Content-Type: application/json

Response headers

access-control-expose-headers: Connection,x-frame-options,x-xss-protection,Vary,Content-Length,Date,ETag
etag: W/"13-AU5FafGnjGQRcAzuw5htDSM9eaQ"
access-control-allow-credentials: true
server-timing: cdn-cache; desc=MISS, edge; dur=123, origin; dur=9, ak_p; desc="1732854690941_34664471_782217418_13204_8240_17_0_219";dur=1
access-control-allow-origin: https://www.1mg.com
content-length: 19
x-xss-protection: 1; mode=block
date: Fri, 29 Nov 2024 04:31:31 GMT
content-type: application/json; charset=utf-8
x-frame-options: SAMEORIGIN

OPTIONS
H2 200 v1
api.tatadigital.com/analytics-engine/events/ Frame 0
0 143ms
143ms Preflight 2a02:26f0:480:d::210:f157
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.tatadigital.com/analytics-engine/events/v1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:d::210:f157 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: client_id,content-type,customer-hash,session,tdl-sso-version
Access-Control-Request-Method: POST
Origin: https://www.1mg.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: client_id,content-type,customer-hash,session,tdl-sso-version
access-control-allow-methods: POST
access-control-allow-origin: https://www.1mg.com
access-control-max-age: 3600
content-length: 0
date: Fri, 29 Nov 2024 04:31:30 GMT
server-timing: ak_p; desc="1732854690798_34664471_782217398_12254_9780_14_0_219";dur=1

POST
H2 200 v1 Show response
api.tatadigital.com/analytics-engine/events/ 19 B
2 KB 203ms
200ms Fetch
application/json 2a02:26f0:480:d::210:f157
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.tatadigital.com/analytics-engine/events/v1

Requested by

Host: accounts.tatadigital.com
URL: https://accounts.tatadigital.com/v2/tdl-sso-auth.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:d::210:f157 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Resource Hash

fa5c91905c6fea2b045d5009bb3a06ad63ab76ff1effb6e3bf5064879bd7c1fd

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

tdl-sso-version: 4.1.15
customer-hash: null
Referer: https://www.1mg.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
session: false
client_id: ONEMG-WEB-APP
Content-Type: application/json

Response headers

access-control-expose-headers: Connection,x-frame-options,x-xss-protection,Vary,Content-Length,Date,ETag
etag: W/"13-AU5FafGnjGQRcAzuw5htDSM9eaQ"
access-control-allow-credentials: true
server-timing: cdn-cache; desc=MISS, edge; dur=166, origin; dur=13, ak_p; desc="1732854690949_34664471_782217422_17822_7151_13_0_219";dur=1
access-control-allow-origin: https://www.1mg.com
content-length: 19
x-xss-protection: 1; mode=block
date: Fri, 29 Nov 2024 04:31:31 GMT
content-type: application/json; charset=utf-8
x-frame-options: SAMEORIGIN

GET
H2 200 U4ZFS2QH4VB65A54O43AEQ Show response
d.adroll.com/consent/check/ 534 B
627 B 125ms
35ms Script
application/javascript 2a05:d018:cc3:fe05:6a2c:6133:165d:73e6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/U4ZFS2QH4VB65A54O43AEQ?flg=1&pv=70471941102.43651&arrfrr=https%3A%2F%2Fwww.1mg.com%2Fcategories%2Fwinter-care-65%3Freferrer%3Dsingular_click_id%253Dec044b40-c901-4909-81a0-c483b7382d27%26utm_campaign%3Dwinter_care_dweb%26utm_medium%3Demailer_NC%26utm_source%3Demailer_NC&_s=4034f0631702587615c42f001616b939&_b=2
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d018:cc3:fe05:6a2c:6133:165d:73e6 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: 944ea93e22ed0f67c1aecb7407c4ff6be5a47329399a3110ff9f1c2fee12f13f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1mg.com/

Response headers

content-length: 534
date: Fri, 29 Nov 2024 04:31:30 GMT
content-type: application/javascript
server: nginx/1.22.1

POST
H2 200 event Show response
sdk-api-v1.singular.net/api/v1/ 18 B
254 B 150ms
150ms XHR
application/x-javascript 2.16.10.154
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk-api-v1.singular.net/api/v1/event?current_device_time=1732854691&event_id=6a587b7d-f61d-4689-bffb-7b5c4e310b73&conversion_event=true&k=SDID&a=ikshit&p=Web&i=www.1mg.com&screen_height=1200&screen_width=1600&sdk=WebSDK-v1.4.4&singular_instance_id=036a961e-ef31-4103-bf88-ea4c07344bef&sdid=95aad782-98e1-415a-b5c9-cebd719e3ce2&storage_type=local&timezone=GMT%2B0100&touchpoint_timestamp=1732854691&u=95aad782-98e1-415a-b5c9-cebd719e3ce2&n=__PAGE_VISIT__&is_revenue_event=false&first=true&s=8f3206f1-1a5e-4155-ba83-4bc31251262a&is_first_visit=true&is_page_refreshed=false&sdid_persist_mode=off&is_first_page_visit_in_session=true&ecid=95aad782-98e1-415a-b5c9-cebd719e3ce2&os=Linux&lag=0&h=08fb4bd3e1b8b82a4e4b53c8db44a8fbe022cb7b
Requested by: Host: accounts.tatadigital.com
URL: https://accounts.tatadigital.com/v2/tdl-sso-auth.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.10.154 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a2-16-10-154.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8a49ea5083c8030f058182dcd6ae7da0960e68a0d762f71e8e8375f5732fb2fb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.1mg.com/

Response headers

cache-control: max-age=0, no-cache, no-store
pragma: no-cache
access-control-allow-methods: POST, GET, OPTIONS
expires: Fri, 29 Nov 2024 04:31:31 GMT
access-control-allow-origin: *
content-length: 18
date: Fri, 29 Nov 2024 04:31:31 GMT
content-type: application/x-javascript
vary: Accept-Encoding
access-control-allow-headers: Content-Type, Content-Length

OPTIONS
H2 200 event
sdk-api-v1.singular.net/api/v1/ Frame 0
0 217ms
155ms Preflight 2.16.10.154
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk-api-v1.singular.net/api/v1/event?current_device_time=1732854691&event_id=6a587b7d-f61d-4689-bffb-7b5c4e310b73&conversion_event=true&k=SDID&a=ikshit&p=Web&i=www.1mg.com&screen_height=1200&screen_width=1600&sdk=WebSDK-v1.4.4&singular_instance_id=036a961e-ef31-4103-bf88-ea4c07344bef&sdid=95aad782-98e1-415a-b5c9-cebd719e3ce2&storage_type=local&timezone=GMT%2B0100&touchpoint_timestamp=1732854691&u=95aad782-98e1-415a-b5c9-cebd719e3ce2&n=__PAGE_VISIT__&is_revenue_event=false&first=true&s=8f3206f1-1a5e-4155-ba83-4bc31251262a&is_first_visit=true&is_page_refreshed=false&sdid_persist_mode=off&is_first_page_visit_in_session=true&ecid=95aad782-98e1-415a-b5c9-cebd719e3ce2&os=Linux&lag=0&h=08fb4bd3e1b8b82a4e4b53c8db44a8fbe022cb7b
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.10.154 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a2-16-10-154.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.1mg.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type, Content-Length
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 0
date: Fri, 29 Nov 2024 04:31:31 GMT
expires: Fri, 29 Nov 2024 04:31:31 GMT
pragma: no-cache
vary: Accept-Encoding

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
361 B 20ms
19ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-21820217-6&cid=319752909.1732854691&jid=538362757&gjid=1030268423&_gid=1855848459.1732854691&npa=1&_u=YGDAiEABBAQCAGAAI~&z=2005627093

Requested by

Host: accounts.tatadigital.com
URL: https://accounts.tatadigital.com/v2/tdl-sso-auth.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.1mg.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgdc:149:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 29 Nov 2024 04:31:30 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgdc:149:0
access-control-allow-origin: https://www.1mg.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 1
server: Golfe2

GET
H3 200 collect
www.google-analytics.com/ 35 B
58 B 11ms
11ms Image
image/gif 142.250.186.78
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=807447451&t=pageview&_s=1&dl=https%3A%2F%2Fwww.1mg.com%2Fcategories%2Fwinter-care-65%3Freferrer%3Dsingular_click_id%253Dec044b40-c901-4909-81a0-c483b7382d27%26utm_campaign%3Dwinter_care_dweb%26utm_medium%3Demailer_NC%26utm_source%3Demailer_NC&ul=de-de&de=UTF-8&dt=Winter%20Care%20%3A%20Buy%20Winter%20Care%20Products%20Online%20in%20India%20%7C%201mg&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAiEABBAQCACAAI~&jid=538362757&gjid=1030268423&cid=319752909.1732854691&tid=UA-21820217-6&_gid=1855848459.1732854691&gtm=45He4bk0n71KR9MB8v6472178za200&cd1=0feb20bd-bf91-4838-931f-9ea1ad4c1fb9_kqppYYIUAS_2934_1732854688824&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&cd4=0&cd7=default&cd8=253255&cd9=1&cd12=&cd20=Gurgaon&cd33=Applicable%20%7C%20Shown&cd35=Applicable%20%7C%20Shown&cd60=%22%22&npa=1&z=552746548

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1mg.com/

Response headers

age: 51617
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:163:0"}],}
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 28 Nov 2024 14:11:13 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:163:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 35
server: Golfe2

GET
H2 200 nv-banner-upl.js Show response
cdn.notifyvisitors.com/ext/js/ 56 KB
13 KB 113ms
9ms Script
application/javascript 2600:9000:206f:c200:1e:6c7e:cb00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.notifyvisitors.com/ext/js/nv-banner-upl.js
Requested by: Host: www.notifyvisitors.com
URL: https://www.notifyvisitors.com/ext/v1/settings?bid_e=1948D672A79F22D332F654FB766E7DC2&bid=2023&t=420&iFrame=false&trafficSource=&link_referrer=&pageUrl=https%3A%2F%2Fwww.1mg.com%2Fcategories%2Fwinter-care-65%3Freferrer%3Dsingular_click_id%253Dec044b40-c901-4909-81a0-c483b7382d27%26utm_campaign%3Dwinter_care_dweb%26utm_medium%3Demailer_NC%26utm_source%3Demailer_NC&path=%2Fcategories%2Fwinter-care-65&domain=https%3A%2F%2Fwww.1mg.com&gmOffset=3600&screenWidth=1600&screenHeight=1200&isPwa=0&cookieData=VISITOR-ID%3D0feb20bd-bf91-4838-931f-9ea1ad4c1fb9_kqppYYIUAS_2934_1732854688824%3B%20city%3DGurgaon%3B%20amoSessionId%3Dc14b884a-2e4b-41d8-8029-de867f4a5593%3B%20jarvis-id%3Db16b4c44-e785-48a4-b4fa-5f0f3c4f6578%3B%20_fbp%3Dfb.1.1732854689902.950985894828236430%3B%20rl_user_id%3DRudderEncrypt%253AU2FsdGVkX1%252BYtpRjdaz8CaYxKwi2YabeVFYjNG%252FeUC8%253D%3B%20rl_trait%3DRudderEncrypt%253AU2FsdGVkX1%252BJ57Qe47pF12jM3WGYa5faLKzSsJMNVec%253D%3B%20rl_group_id%3DRudderEncrypt%253AU2FsdGVkX1%252FgOS2qPUM0h531ziMeKHo9oxfOkvTx5bI%253D%3B%20rl_group_trait%3DRudderEncrypt%253AU2FsdGVkX1%252FT1QQI7KXfKhIh%252FpC11IPDEYrCs1FJYTU%253D%3B%20rl_anonymous_id%3DRudderEncrypt%253AU2FsdGVkX19t7PrVpPLeQ9KTAEAOzPnB5arpvAsvDhwaaFzXVw5SV%252FTqMPNXMbi%252FRQWpKlF0CcofJ8hw7yq7lA%253D%253D%3B%20rl_page_init_referrer%3DRudderEncrypt%253AU2FsdGVkX1%252FY4XK3hdlzbypyGmaOAvxvIWc3qKioYxY%253D%3B%20rl_page_init_referring_domain%3DRudderEncrypt%253AU2FsdGVkX1%252BbKq54MurB10UmJQLm0%252Bika%252BDEHxIHZII%253D%3B%20rl_session%3DRudderEncrypt%253AU2FsdGVkX18F2kVfMXP%252BOK10LHV%252FV2k9rjendMzcL6kwMglWtkpfleYxF5LUFt8WORXgAMQ8QQkCIGf6i4Xgh3yqqv1u0JfWn%252Bfgi%252F%252FZy2WbZxp9Wn91BFXx3ty%252FKCazm%252BdqvWDT5wGXHzz%252BllvHKg%253D%253D%3B%20AWSALBTG%3DMFJgViJCSFsvBOfpYPRCRlbEQejDcCLpj6o8%2BL3xKEKqfDZaTcvdkmyier%2B2EqOYC8pztj%2BAOVxLxYgOUSTt%2FfRDu%2FVxBwnVPKXMpCvJHPnEjuEXLeLvSwW5sUclPUlpFBVHo6o0EyVLsCIvqSCXrOjTa1GFAFUh8qAS1EwHd9jM%3B%20AWSALBTGCORS%3DMFJgViJCSFsvBOfpYPRCRlbEQejDcCLpj6o8%2BL3xKEKqfDZaTcvdkmyier%2B2EqOYC8pztj%2BAOVxLxYgOUSTt%2FfRDu%2FVxBwnVPKXMpCvJHPnEjuEXLeLvSwW5sUclPUlpFBVHo6o0EyVLsCIvqSCXrOjTa1GFAFUh8qAS1EwHd9jM%3B%20geolocation%3Dfalse%3B%20synapse%3Ainit%3Dfalse%3B%20synapse%3Aplatform%3Dweb%3B%20is_cp_member%3Dfalse%3B%20_gcl_au%3D1.1.844245749.1732854691%3B%20hkp_campaign%3Dwinter_care_dweb%3B%20hkp_medium%3Demailer_NC%3B%20hkp_source%3Demailer_NC&ruleData=%7B%22city%22%3A%22Gurgaon%22%7D&storage=%7B%22session%22%3A%7B%7D%2C%22local%22%3A%7B%7D%7D&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:c200:1e:6c7e:cb00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: d0f731b1ed39a79a9715d51747baeebe457a3b2fcde0ffe3a01e3fa54bedd8e6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.1mg.com
Referer: https://www.1mg.com/

Response headers

cache-control: max-age=43200
content-encoding: gzip
etag: W/"66e025bb-de74"
age: 10031
via: 1.1 c630c028c0123d2a5e8fa36e68049386.cloudfront.net (CloudFront), 1.1 c888f786e25e6e3c7dbb7e9da462d714.cloudfront.net (CloudFront)
expires: Fri, 29 Nov 2024 13:44:19 GMT
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-id: LXr2iafcdbjlK8SpIhzQBPcF_NiCoWX9nZ3AeLF4xoPUWfhSC6_97Q==
date: Fri, 29 Nov 2024 01:54:06 GMT
content-type: application/javascript
last-modified: Tue, 10 Sep 2024 10:55:55 GMT
server: nginx
x-amz-cf-pop: FRA60-P10, FRA56-C1
vary: accept-encoding

GET
H2

200

event Show response
widget.as.criteo.com/
Redirect Chain

https://sslwidget.criteo.com/event?a=51601&v=5.29.0&otl=1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvl%26p%3D%255B910894%252C842751%252C470527%255D&p3=e%3Ddis&adce=1&bundle=nwZUW...
https://widget.as.criteo.com/event?a=51601&v=5.29.0&otl=1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvl%26p%3D%255B910894%252C842751%252C470527%255D&p3=e%3Ddis&adce=1&bundle=nwZUW...

10 KB
4 KB

825ms
269ms

Script
application/x-javascript

182.161.74.16
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.as.criteo.com/event?a=51601&v=5.29.0&otl=1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvl%26p%3D%255B910894%252C842751%252C470527%255D&p3=e%3Ddis&adce=1&bundle=nwZUWV84aE5rNkFlbEhDWmhMaHVwVm53bUFxTXdZajVhVGhvbiUyQkdNMVprM1MlMkZHaE4zUkZSWFFZTUtTc2xjUXl0QWQyblVOUk9iaFFXeUxTWHNDdTZET2NaVzdNa1Qyb0g5dERReGtTTG02SmlObzZGSjBtVHFYWndLaDNBSGl1RERyWEZHSDJ6V0g5RjFHZVRjdmMlMkJydzZDeXclM0QlM0Q&sc=%7B%22fbp%22%3A%22fb.1.1732854689902.950985894828236430%22%7D&tld=1mg.com&fu=https%253A%252F%252Fwww.1mg.com%252Fcategories%252Fwinter-care-65%253Freferrer%253Dsingular_click_id%25253Dec044b40-c901-4909-81a0-c483b7382d27%2526utm_campaign%253Dwinter_care_dweb%2526utm_medium%253Demailer_NC%2526utm_source%253Demailer_NC&ceid=f304e01c-ae60-4d14-98e5-ae70c35b5970

Requested by

Protocol

Server

182.161.74.16 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

2bdd9963c92dff0fce6bf62f6cd886a547380ee7ef82f0a2d03dbb50dd729a9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1mg.com/

Response headers

strict-transport-security: max-age=31536000; preload;
cache-control: no-cache
timing-allow-origin: *
content-encoding: gzip
pragma: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 8805888
expires: 0
access-control-allow-origin: *
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
date: Fri, 29 Nov 2024 04:31:31 GMT
content-type: application/x-javascript
server: Kestrel

Redirect headers

strict-transport-security: max-age=31536000; preload;
cache-control: no-cache
location: https://widget.as.criteo.com/event?a=51601&v=5.29.0&otl=1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvl%26p%3D%255B910894%252C842751%252C470527%255D&p3=e%3Ddis&adce=1&bundle=nwZUWV84aE5rNkFlbEhDWmhMaHVwVm53bUFxTXdZajVhVGhvbiUyQkdNMVprM1MlMkZHaE4zUkZSWFFZTUtTc2xjUXl0QWQyblVOUk9iaFFXeUxTWHNDdTZET2NaVzdNa1Qyb0g5dERReGtTTG02SmlObzZGSjBtVHFYWndLaDNBSGl1RERyWEZHSDJ6V0g5RjFHZVRjdmMlMkJydzZDeXclM0QlM0Q&sc=%7B%22fbp%22%3A%22fb.1.1732854689902.950985894828236430%22%7D&tld=1mg.com&fu=https%253A%252F%252Fwww.1mg.com%252Fcategories%252Fwinter-care-65%253Freferrer%253Dsingular_click_id%25253Dec044b40-c901-4909-81a0-c483b7382d27%2526utm_campaign%253Dwinter_care_dweb%2526utm_medium%253Demailer_NC%2526utm_source%253Demailer_NC&ceid=f304e01c-ae60-4d14-98e5-ae70c35b5970
content-encoding: gzip
pragma: no-cache
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3537676
expires: 0
access-control-allow-origin: *
content-length: 0
date: Fri, 29 Nov 2024 04:31:30 GMT
server: Kestrel

GET
H/1.1 200
OK consent_tcfv2.js Show response
s.adroll.com/j/ 419 KB
85 KB 10ms
10ms Script
text/javascript 2600:9000:2644:5e00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/consent_tcfv2.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2644:5e00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3d2b803a87bda2c6064214f81f0878c08642ab57aa744977cd45b93af7b70c2c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1mg.com/

Response headers

Access-Control-Max-Age: 600
Content-Encoding: gzip
X-Amz-Version-Id: NkD8Kb6QJUQgyS_cbh5uEjNw4KOmW4t2
Etag: W/"d33c95496b44f5f21b0c399374728d4c"
Age: 85
Access-Control-Allow-Methods: GET
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: 0KXQjMkrJKtFPAuW92zynySaKp58nZaqUp5QH3-GBNiAbAEbB6lKoQ==
Date: Fri, 29 Nov 2024 04:31:30 GMT
Content-Type: text/javascript
Vary: accept-encoding
Last-Modified: Mon, 18 Nov 2024 23:38:38 GMT
Access-Control-Allow-Headers: *
Transfer-Encoding: chunked
Cache-Control: max-age=300, must-revalidate
Connection: keep-alive
Access-Control-Allow-Credentials: false
Via: 1.1 8e8e6ea60de74421f0058675cbcf9cb0.cloudfront.net (CloudFront)
Access-Control-Allow-Origin: *
X-Amz-Cf-Pop: FRA60-P6
Server: AmazonS3
X-Amz-Server-Side-Encryption: AES256

GET
H/1.1 200
OK nextroll-32x32.png
s.adroll.com/i/favicon/ 2 KB
2 KB 9ms
8ms Image
image/png 2600:9000:2644:5e00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.adroll.com/i/favicon/nextroll-32x32.png
Requested by: Host: www.1mg.com
URL: https://www.1mg.com/categories/winter-care-65?referrer=singular_click_id%3Dec044b40-c901-4909-81a0-c483b7382d27&utm_campaign=winter_care_dweb&utm_medium=emailer_NC&utm_source=emailer_NC
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2644:5e00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1mg.com/

Response headers

Access-Control-Max-Age: 600
X-Amz-Version-Id: eTpwxbAIDHDUN.4tfrROIgU_pzKN9Xh0
Etag: "403a0a7dcf2d617e7ea852bfb9d11945"
Age: 84672
Access-Control-Allow-Methods: GET
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: r1a-nEBBWvwehRv8CrGAp6us0UgaGQXc5ew1dhTc7F8vOEpSer49aA==
Date: Thu, 28 Nov 2024 05:00:18 GMT
Content-Type: image/png
Vary: accept-encoding
Last-Modified: Mon, 28 Jun 2021 18:19:21 GMT
Access-Control-Allow-Headers: *
Connection: keep-alive
Access-Control-Allow-Credentials: false
Via: 1.1 8e8e6ea60de74421f0058675cbcf9cb0.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 1615
X-Amz-Cf-Pop: FRA60-P6
Server: AmazonS3
X-Amz-Server-Side-Encryption: AES256

OPTIONS
H2 200 v2
asia.creativecdn.com/tags/ Frame 0
0 167ms
167ms Preflight 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.creativecdn.com/tags/v2?type=json&tc=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.1mg.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.1mg.com
access-control-max-age: 3600
content-length: 0
date: Fri, 29 Nov 2024 04:31:31 GMT
vary: Origin

POST
H2 200 v1 Show response
api.tatadigital.com/analytics-engine/events/ 19 B
2 KB 148ms
146ms Fetch
application/json 2a02:26f0:480:d::210:f157
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.tatadigital.com/analytics-engine/events/v1

Requested by

Host: accounts.tatadigital.com
URL: https://accounts.tatadigital.com/v2/tdl-sso-auth.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:d::210:f157 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Resource Hash

fa5c91905c6fea2b045d5009bb3a06ad63ab76ff1effb6e3bf5064879bd7c1fd

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

tdl-sso-version: 4.1.15
customer-hash: null
Referer: https://www.1mg.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
session: false
client_id: ONEMG-WEB-APP
Content-Type: application/json

Response headers

access-control-expose-headers: Connection,x-frame-options,x-xss-protection,Vary,Content-Length,Date,ETag
etag: W/"13-AU5FafGnjGQRcAzuw5htDSM9eaQ"
access-control-allow-credentials: true
server-timing: cdn-cache; desc=MISS, edge; dur=122, origin; dur=8, ak_p; desc="1732854691967_34664471_782217597_12979_8218_9_0_219";dur=1
access-control-allow-origin: https://www.1mg.com
content-length: 19
x-xss-protection: 1; mode=block
date: Fri, 29 Nov 2024 04:31:32 GMT
content-type: application/json; charset=utf-8
x-frame-options: SAMEORIGIN

GET
H2 200 jquery_v3.js Show response
cdn.notifyvisitors.com/js/chosen/ Frame 058C 87 KB
31 KB 28ms
12ms Script
application/javascript 2600:9000:206f:c200:1e:6c7e:cb00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.notifyvisitors.com/js/chosen/jquery_v3.js

Requested by

Host: cdn.notifyvisitors.com
URL: https://cdn.notifyvisitors.com/ext/js/nv-banner-upl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:c200:1e:6c7e:cb00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

6150a35c0f486c46cadf0e230e2aa159c7c23ecfbb5611b64ee3f25fcbff341f

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1mg.com/

Response headers

cache-control: max-age=43200
content-encoding: gzip
etag: W/"66323b0e-15d83"
age: 4468
via: 1.1 e53a38d449135904e00f29f17c559950.cloudfront.net (CloudFront), 1.1 a383f82b5d4e98bbd66535c2c4b20c9e.cloudfront.net (CloudFront)
expires: Fri, 29 Nov 2024 15:17:03 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: girVz-IyoOhWCNeOd5xI0uUz7w1juy1vmagxKvlhH2Zd_NLxk-wgAg==
x-xss-protection: 1; mode=block
date: Fri, 29 Nov 2024 03:17:03 GMT
content-type: application/javascript
last-modified: Wed, 01 May 2024 12:52:30 GMT
server: nginx
x-amz-cf-pop: FRA60-P10, FRA56-C1
vary: Accept-Encoding

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame D339 170 B
409 B 49ms
17ms Image
image/png 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-uiHyplQ6gDmreUTeO8vnfyaJin7OqFjPMp5jGg&google_cm&google_hm=ay11aUh5cGxRNmdEbXJlVVRlTzh2bmZ5YUppbjdPcUZqUE1wNWpHZw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
date: Fri, 29 Nov 2024 04:31:31 GMT
x-xss-protection: 0
content-type: image/png
server: HTTP server (unknown)

GET
H2 200 sync
x.bidswitch.net/ Frame D339 43 B
183 B 68ms
20ms Image
image/gif 35.214.136.108
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-xyjCyVQ6gDmreUTeO8vnfyaJin41x62aVCnNlg&expires=30
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.214.136.108 Groningen, Netherlands, ASN19527 (GOOGLE-2, US),
Reverse DNS: 108.136.214.35.bc.googleusercontent.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

via: 1.1 google
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
date: Fri, 29 Nov 2024 04:31:31 GMT
content-type: image/gif

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame D339
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=55440800775007504

43 B
370 B

28ms
14ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=55440800775007504

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000; preload;
cache-control: no-cache
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1037679
expires: Mon, 26 Jul 1997 05:00:00 GMT
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
date: Fri, 29 Nov 2024 04:31:31 GMT
content-type: image/gif
server: Kestrel

Redirect headers

cache-control: no-store, no-cache, private
location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=55440800775007504
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 81.95.5.39; 81.95.5.39; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: *
an-x-request-uuid: 3a819cd6-e8af-41ae-a680-4c2834bb4e3d
content-length: 0
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Fri, 29 Nov 2024 04:31:32 GMT
x-xss-protection: 0
content-type: text/html; charset=utf-8
server: nginx/1.23.4

GET
H2 200 /
rtb-csync.smartadserver.com/redir/ Frame D339 43 B
114 B 139ms
23ms Image
image/gif 217.182.178.233
OVH OVH SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-3bWSO1Q6gDmreUTeO8vnfyaJin4hbdNiAsamAA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.182.178.233 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ip233.ip-217-182-178.eu
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

date: Fri, 29 Nov 2024 04:31:31 GMT
content-type: image/gif

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame D339 0
99 B 63ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS Tabool...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-gQKm_FQ6gDmreUTeO8vnfyaJin6Jfm3bqiMd9A
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

x-fastly-to-nlb-rtt: 12051
date: Fri, 29 Nov 2024 04:31:31 GMT
server: nginx
access-control-allow-credentials: true

GET
H3

200

rum
r.casalemedia.com/ Frame D339
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-ksVMmlQ6gDmreUTeO8vnfyaJin5cwqu43yb6OA
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-ksVMmlQ6gDmreUTeO8vnfyaJin5cwqu43yb6OA&C=1

43 B
750 B

19ms
19ms

Image
image/gif

104.18.26.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-ksVMmlQ6gDmreUTeO8vnfyaJin5cwqu43yb6OA&C=1
Protocol: H3
Server: 104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mt3CdLl4Ay2op1PJxsnABjypcbO4AL7wjpiUp%2BqudsNB1fh8UySEApOOq%2FvAgpFhw16ZaoyeccpkUxMHd8Ry6g%2BssIvIuAnUHaDPUh0vpOEukCAIQCv2%2BByp82kQ0SRv5v9r"}],"group":"cf-nel","max_age":604800}
expires: 0
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date: Fri, 29 Nov 2024 04:31:31 GMT
content-type: image/gif
vary: Accept-Encoding
priority: u=3,i
cache-control: no-cache
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
cf-ray: 8e9fde606e15d2d2-FRA
content-length: 43
server: cloudflare

Redirect headers

cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LkgY%2F78uxxko1PadigpuG7tgeQOgzJrpP8gT1m%2F7kc4WIFTQCS6tWyaN5REhR%2BlUJaovxkz%2BQQIdCUp8HOBuoWQqBryKmE0hI%2FqK1cE%2F9ZLKInzBox77AhQuEaFuKGCkf%2B4t"}],"group":"cf-nel","max_age":604800}
expires: 0
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date: Fri, 29 Nov 2024 04:31:31 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: no-cache
location: /rum?cm_dsp_id=20&external_user_id=k-ksVMmlQ6gDmreUTeO8vnfyaJin5cwqu43yb6OA&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
cf-ray: 8e9fde603dd2d2d2-FRA
content-length: 0
server: cloudflare

GET
H2

200

demconf.jpg
dpm.demdex.net/ Frame D339
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=uKKaVkV4ZZdsmlcEi1l1udqPqaRJyXwY
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=uKKaVkV4ZZdsmlcEi1l1udqPqaRJyXwY

42 B
717 B

34ms
33ms

Image
image/gif

99.80.224.190
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=uKKaVkV4ZZdsmlcEi1l1udqPqaRJyXwY

Protocol

Server

99.80.224.190 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-224-190.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
dcs: dcs-prod-irl1-1-v069-0b38f8fbe.edge-irl1.demdex.com 2 ms
content-encoding: gzip
pragma: no-cache
x-content-type-options: nosniff
x-tid: KZdAiQtARLs=
expires: Thu, 01 Jan 1970 00:00:00 UTC
content-length: 59
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date: Fri, 29 Nov 2024 04:31:32 GMT
content-type: image/gif

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=uKKaVkV4ZZdsmlcEi1l1udqPqaRJyXwY
dcs: dcs-prod-irl1-2-v069-0992b6c75.edge-irl1.demdex.com 0 ms
pragma: no-cache
x-tid: szx0g7PgSJk=
expires: Thu, 01 Jan 1970 00:00:00 UTC
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date: Fri, 29 Nov 2024 04:31:32 GMT

GET
H2 200 9.gif
id5-sync.com/s/966/ Frame D339 43 B
1 KB 37ms
8ms Image
image/gif 162.19.138.82
OVH OVH SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/966/9.gif?puid=k-VJAsr1Q6gDmreUTeO8vnfyaJin4o74m7kGErGw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ns31532337.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
p3p: CP="CAO PSA OUR"
date: Fri, 29 Nov 2024 04:31:31 GMT
content-type: image/gif;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

GET
H2 200 match
ad.360yield.com/ Frame D339 43 B
199 B 140ms
36ms Image
image/gif 54.194.57.148
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-DAEczlQ6gDmreUTeO8vnfyaJin4jSQFfVsJ08A
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.194.57.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-57-148.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

access-control-allow-origin: *
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
date: Fri, 29 Nov 2024 04:31:31 GMT
content-type: image/gif

GET
H2 200 sync
matching.ivitrack.com/ Frame D339 42 B
265 B 97ms
17ms Image
image/gif 34.117.157.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k-YA0ofFQ6gDmreUTeO8vnfyaJin5fKRZcliTVrw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.157.117.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
date: Fri, 29 Nov 2024 04:31:31 GMT
content-type: image/gif
server: istio-envoy

GET
H2 200 cksync.php
contextual.media.net/ Frame D339 59 B
834 B 122ms
69ms Image
image/gif 184.30.20.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-nLxnjFQ6gDmreUTeO8vnfyaJin68JvXUDfQOuA

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.20.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-20-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

bd95e8a7f7c6225934f3f14a6cdc3876566284966667fc32f88fe141e3713da6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=0, no-cache, no-store
timing-allow-origin: *
pragma: no-cache
expires: Fri, 29 Nov 2024 04:31:32 GMT
x-mnet-hl2: E
alt-svc: h3=":443"; ma=93600
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-length: 59
date: Fri, 29 Nov 2024 04:31:32 GMT
content-type: image/gif
server: Apache

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame D339 0
878 B 36ms
9ms Image
text/html 18.157.199.229
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-g-vqBlQ6gDmreUTeO8vnfyaJin6qfDVXIoIjMg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.157.199.229 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-157-199-229.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: private, no-cache
content-encoding: gzip
date: Fri, 29 Nov 2024 04:31:31 GMT
content-type: text/html; charset=utf-8
vary: Origin, Accept-Encoding
access-control-allow-credentials: true

GET
H2 200 1017
jadserve.postrelease.com/suid/ Frame D339 43 B
423 B 541ms
173ms Image
image/gif 100.21.100.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/suid/1017?vk=k-6ocblFQ6gDmreUTeO8vnfyaJin4-ivBYN4wN8A
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 100.21.100.53 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-100-21-100-53.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
expires: Mon, 1 Jan 1990 12:00:00 GMT
access-control-allow-origin: *
content-length: 43
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Fri, 29 Nov 2024 04:31:32 GMT
content-type: image/gif
server: nginx

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame D339 0
218 B 304ms
90ms Image
text/plain 64.202.112.31
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-HESNHVQ6gDmreUTeO8vnfyaJin5_ijZxyxCmdw&initiator=partner

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.202.112.31 , United States, ASN23352 (SERVERCENTRAL, US),

Reverse DNS

ny.outbrain.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache
content-length: 0
date: Fri, 29 Nov 2024 04:31:32 GMT
x-traceid: e9c850c9c0091349cac9de6273543846

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame D339 0
225 B 83ms
18ms Image
text/html 185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-WfAaCFQ6gDmreUTeO8vnfyaJin6VBA2dykd8Rw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-store, no-cache, private
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-encoding: gzip
date: Fri, 29 Nov 2024 04:31:30 GMT
content-type: text/html; charset=utf-8
server: nginx

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame D339 0
239 B 75ms
11ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-_83dOFQ6gDmreUTeO8vnfyaJin4vp4xgWfXP4A&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 54ae5f20a7acdd83fd00ddb00e96a2c1
Pragma: no-cache
Content-Type: image/gif

GET
H2 204 v1
match.sharethrough.com/sync/ Frame D339 0
58 B 68ms
8ms Image
text/plain 18.184.206.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-xOIXS1Q6gDmreUTeO8vnfyaJin6CPsBodfXXsw

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.184.206.66 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-184-206-66.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=16000000; includeSubDomains; preload;

GET
H2 200 um
criteo-sync.teads.tv/ Frame D339 23 B
163 B 84ms
33ms Image
image/gif 104.75.89.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-HYUdd1Q6gDmreUTeO8vnfyaJin7ey1zsBD_ibw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-89-75.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.1 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

expires: Fri, 29 Nov 2024 04:31:32 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 23
pragma: no-cache
date: Fri, 29 Nov 2024 04:31:32 GMT
content-type: image/gif
server: pekko-http/1.0.1

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame D339 43 B
397 B 330ms
93ms Image
image/gif 2600:1f18:612b:4280:1608:aadf:86e5:f14f
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k-ZRtaoFQ6gDmreUTeO8vnfyaJin5OAbcY317v4w
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4280:1608:aadf:86e5:f14f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Fri, 29 Nov 2024 04:31:32 GMT
content-type: image/gif
server: nginx

GET
H2 200 xuid
eb2.3lift.com/ Frame D339 37 B
140 B 48ms
10ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-hThLVVQ6gDmreUTeO8vnfyaJin7TT5prKAgw-A&dongle=013b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
date: Fri, 29 Nov 2024 04:31:32 GMT
content-type: image/gif

GET
H2 200 getusermatch.php
a.twiago.com/rtb/ Frame D339 43 B
153 B 72ms
26ms Image
image/gif 85.215.5.31
CRONON-BERLIN-AS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.twiago.com/rtb/getusermatch.php?dataid=6&external_user_id=k-gx_xtFQ6gDmreUTeO8vnfyaJin57f2bWU_XPPg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.215.5.31 , Germany, ASN6786 (CRONON-BERLIN-AS Cronon GmbH, DE),
Reverse DNS
Software: Apache / PHP/7.3.29
Resource Hash: 5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

access-control-allow-origin: *
content-length: 43
date: Fri, 29 Nov 2024 04:31:32 GMT
content-type: image/gif
x-powered-by: PHP/7.3.29
server: Apache

GET
H2 200 sync
sync-criteo.ads.yieldmo.com/ Frame D339 0
38 B 138ms
29ms Image
text/plain 52.214.170.42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-lX_ewFQ6gDmreUTeO8vnfyaJin7R0hf7Szefgw&pn_id=criteo&ext=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.214.170.42 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-170-42.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

date: Fri, 29 Nov 2024 04:31:32 GMT
content-length: 0

GET
H2 204 put
e1.emxdgt.com/ Frame D339 0
44 B 79ms
8ms Image
text/plain 3.127.101.141
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d53&uid=k-LEEPOVQ6gDmreUTeO8vnfyaJin7rRwVkAqu_HQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.127.101.141 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-101-141.eu-central-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

date: Fri, 29 Nov 2024 04:31:32 GMT
server: awselb/2.0

GET
H2

200

RX-62a0486d-aec1-49cc-9e92-4d2d629a49b9-003
sync.targeting.unrulymedia.com/csync/ Frame D339
Redirect Chain

https://sync.1rx.io/usersync/criteodsp/k-EFJKYFQ6gDmreUTeO8vnfyaJin6IxjXL0rsdMA
https://sync.1rx.io/usersync/criteodsp/k-EFJKYFQ6gDmreUTeO8vnfyaJin6IxjXL0rsdMA?zcc=1&cb=1732854692107
https://sync.targeting.unrulymedia.com/csync/RX-62a0486d-aec1-49cc-9e92-4d2d629a49b9-003

43 B
378 B

57ms
17ms

Image
image/gif

46.228.174.117
Amobee NEXXEN GRO...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.targeting.unrulymedia.com/csync/RX-62a0486d-aec1-49cc-9e92-4d2d629a49b9-003
Protocol: H2
Server: 46.228.174.117 , United Kingdom, ASN56396 (Amobee NEXXEN GROUP LTD, GB),
Reverse DNS
Software: /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
date: Fri, 29 Nov 2024 04:31:32 GMT
content-length: 43

Redirect headers

expires: 0
cache-control: no-store, no-cache, must-revalidate
location: https://sync.targeting.unrulymedia.com/csync/RX-62a0486d-aec1-49cc-9e92-4d2d629a49b9-003
date: Fri, 29 Nov 2024 04:31:32 GMT
pragma: no-cache
content-type: text/html

POST
H2 204 rum Show response
www.1mg.com/cdn-cgi/ 0
148 B 13ms
12ms XHR
text/plain 2606:4700:10::6814:d632
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.1mg.com/cdn-cgi/rum?

Requested by

Host: accounts.tatadigital.com
URL: https://accounts.tatadigital.com/v2/tdl-sso-auth.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:d632 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: application/json
Referer: https://www.1mg.com/categories/winter-care-65?referrer=singular_click_id%3Dec044b40-c901-4909-81a0-c483b7382d27&utm_campaign=winter_care_dweb&utm_medium=emailer_NC&utm_source=emailer_NC

Response headers

access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-methods: POST,OPTIONS
x-content-type-options: nosniff
cf-ray: 8e9fde602c8cdcaa-FRA
access-control-allow-origin: https://www.1mg.com
date: Fri, 29 Nov 2024 04:31:31 GMT
vary: Origin
server: cloudflare
x-frame-options: DENY

OPTIONS
H2 200 v1
api.tatadigital.com/analytics-engine/events/ Frame 0
0 155ms
155ms Preflight 2a02:26f0:480:d::210:f157
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.tatadigital.com/analytics-engine/events/v1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:d::210:f157 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: client_id,content-type,customer-hash,session,tdl-sso-version
Access-Control-Request-Method: POST
Origin: https://www.1mg.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: client_id,content-type,customer-hash,session,tdl-sso-version
access-control-allow-methods: POST
access-control-allow-origin: https://www.1mg.com
access-control-max-age: 3600
content-length: 0
date: Fri, 29 Nov 2024 04:31:31 GMT
server-timing: ak_p; desc="1732854691811_34664471_782217559_13654_9287_10_0_219";dur=1

POST
H2 200 v1 Show response
api.tatadigital.com/analytics-engine/events/ 19 B
2 KB 147ms
146ms Fetch
application/json 2a02:26f0:480:d::210:f157
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.tatadigital.com/analytics-engine/events/v1

Requested by

Host: accounts.tatadigital.com
URL: https://accounts.tatadigital.com/v2/tdl-sso-auth.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:d::210:f157 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Resource Hash

fa5c91905c6fea2b045d5009bb3a06ad63ab76ff1effb6e3bf5064879bd7c1fd

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

tdl-sso-version: 4.1.15
customer-hash: null
Referer: https://www.1mg.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
session: false
client_id: ONEMG-WEB-APP
Content-Type: application/json

Response headers

access-control-expose-headers: Connection,x-frame-options,x-xss-protection,Vary,Content-Length,Date,ETag
etag: W/"13-AU5FafGnjGQRcAzuw5htDSM9eaQ"
access-control-allow-credentials: true
server-timing: cdn-cache; desc=MISS, edge; dur=119, origin; dur=9, ak_p; desc="1732854692025_34664471_782217609_12798_7957_14_0_219";dur=1
access-control-allow-origin: https://www.1mg.com
content-length: 19
x-xss-protection: 1; mode=block
date: Fri, 29 Nov 2024 04:31:32 GMT
content-type: application/json; charset=utf-8
x-frame-options: SAMEORIGIN

OPTIONS
H2 200 v1
api.tatadigital.com/analytics-engine/events/ Frame 0
0 143ms
142ms Preflight 2a02:26f0:480:d::210:f157
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.tatadigital.com/analytics-engine/events/v1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:d::210:f157 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: client_id,content-type,customer-hash,session,tdl-sso-version
Access-Control-Request-Method: POST
Origin: https://www.1mg.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: client_id,content-type,customer-hash,session,tdl-sso-version
access-control-allow-methods: POST
access-control-allow-origin: https://www.1mg.com
access-control-max-age: 3600
content-length: 0
date: Fri, 29 Nov 2024 04:31:32 GMT
server-timing: ak_p; desc="1732854691881_34664471_782217574_12617_9648_9_0_219";dur=1

GET
H2 200 faviconRebrand.ico
www.1mg.com/ 3 KB
3 KB 461ms
460ms Other
image/x-icon 2606:4700:10::6814:d632
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.1mg.com/faviconRebrand.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:d632 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

28fc489358490927c7419d73e99d03c8ad95fbc5ae199dd73f9192158cd93247

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://cont-sites.bajajfinserv.in/ https://www.bajajfinserv.in/ https://www.1mg.com/ https://chatbot.tatadigital.com/ https://www.tatadigital.com/ https://www.tataneu.com/
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1mg.com/categories/winter-care-65?referrer=singular_click_id%3Dec044b40-c901-4909-81a0-c483b7382d27&utm_campaign=winter_care_dweb&utm_medium=emailer_NC&utm_source=emailer_NC

Response headers

access-control-expose-headers: Content-Length,Content-Range
content-encoding: gzip
cf-cache-status: BYPASS
etag: W/"b55-19372b92e98"
access-control-allow-methods: GET, POST, PUT, OPTIONS, DELETE, PATCH
date: Fri, 29 Nov 2024 04:31:32 GMT
content-type: image/x-icon
vary: Accept-Encoding
last-modified: Thu, 28 Nov 2024 12:22:39 GMT
access-control-allow-headers: x-1mglabs-platform,Pragma,DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,authorization,hkp-platform,x-csrf-token,x-html-canrender,x-platform,user-device
strict-transport-security: max-age=31536000; includeSubDomains; preload;
content-security-policy: frame-ancestors 'self' https://cont-sites.bajajfinserv.in/ https://www.bajajfinserv.in/ https://www.1mg.com/ https://chatbot.tatadigital.com/ https://www.tatadigital.com/ https://www.tataneu.com/
cache-control: public, max-age=0
visitor-id: 0feb20bd-bf91-4838-931f-9ea1ad4c1fb9_kqppYYIUAS_2934_1732854688824
cf-ray: 8e9fde604cabdcaa-FRA
x-visitor-id: 0feb20bd-bf91-4838-931f-9ea1ad4c1fb9_kqppYYIUAS_2934_1732854688824
server: cloudflare

GET
H2 200 updateViews Show response
www.notifyvisitors.com/user/notifications_v2/ 154 B
506 B 145ms
143ms Script
text/html 143.204.98.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.notifyvisitors.com/user/notifications_v2/updateViews?brandid=2023&notificationid=13453&pageUrl=https%3A%2F%2Fwww.1mg.com%2Fcategories%2Fwinter-care-65%3Freferrer%3Dsingular_click_id%253Dec044b40-c901-4909-81a0-c483b7382d27%26utm_campaign%3Dwinter_care_dweb%26utm_medium%3Demailer_NC%26utm_source%3Demailer_NC&cookieData=%20_nv_sess%3D173339004.1732854690.az4CXwX9tK5pz0fmyGUKj7XLYmJ6AKQQ30DCKs8oDoiEoh3U2c%3B%20_nv_uid%3D173339004.1732854690.8bff3067-8a25-4e60-854c-83a85edf5ba0.1732854690.1732854690.1.0%3B%20_nv_utm%3D173339004.1732854690.1.1.dXRtc3JjPWVtYWlsZXJfTkN8dXRtY2NuPXdpbnRlcl9jYXJlX2R3ZWJ8dXRtY21kPWVtYWlsZXJfTkN8dXRtY3RyPShub3Qgc2V0KXx1dG1jY3Q9KG5vdCBzZXQpfGdjbGlkPXx1dG1hZGdwPQ%3D%3D%3B%20_nv_did%3D173339004.1732854690.8195539uted9%3B%20_nv_hit%3D173339004.1732854690.cHZpZXc9MQ%3D%3D%3B%20_nv_banner_x%3D13453&js_callback=nvbanner_json1

Requested by

Host: cdn.notifyvisitors.com
URL: https://cdn.notifyvisitors.com/ext/js/nv-banner-upl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.95 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-95.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

9f8afc142828ac2d663582a12bef34da69218005f40625eb59c9387f1c8c60f0

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1mg.com/

Response headers

x-amz-cf-id: F0GgLNco7rZ2OV-BYbrSMaCwcZNUm1hMKBNseT4jNlj6sp-ZcrQ6Tw==
content-encoding: gzip
via: 1.1 32e4d419823b7f8df8417a8b18c9602c.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
date: Fri, 29 Nov 2024 04:31:31 GMT
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
server: nginx
x-amz-cf-pop: FRA50-C1

GET
H2 200 setuid
ib.adnxs.com/ Frame D339 43 B
1 KB 15ms
15ms Image
image/gif 185.89.210.122
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=52&code=k-UOKdk1Q6gDmreUTeO8vnfyaJin6Udh-iRxXKLw

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-store, no-cache, private
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
x-proxy-origin: 81.95.5.39; 81.95.5.39; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
an-x-request-uuid: 67b83002-7c0c-4a86-b261-bc46b54bc5eb
content-length: 43
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Fri, 29 Nov 2024 04:31:32 GMT
x-xss-protection: 0
content-type: image/gif
server: nginx/1.23.4

GET
H2 200 ig-membership
asia.creativecdn.com/ Frame EDF1 0
0 500ms
167ms Document
text/html 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.creativecdn.com/ig-membership?ntk=wIrhrfLtP1P6tooDxw_ZvCN3wNF278cBg_q8UqJMqCUPxM4sv5VzEi_g2C9LIsb44KOBkzTmvFt98BndL7hF3MtY4X3Lrc4uHMvgixkieoo
Requested by: Host: tags.creativecdn.com
URL: https://tags.creativecdn.com/UXVDxjkzyjivJA3pPnzU.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash

Request headers

Referer: https://www.1mg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control: public, max-age=86400
content-encoding: gzip
content-length: 571
content-type: text/html;charset=utf-8
date: Fri, 29 Nov 2024 04:31:32 GMT Fri, 29 Nov 2024 04:31:32 GMT
expires: Sat, 30 Nov 2024 04:31:32 GMT
vary: Accept-Encoding

GET
H2 200 topics-membership
asia.creativecdn.com/ Frame ABCA 0
0 501ms
169ms Document
text/html 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.creativecdn.com/topics-membership?ntk=XO60xwt55n_WcjicvjUSHmfN7JzwYJn8HtIvIEnJ9NPkiH4c4qqahVlaGWWMFNOjjZHDVeGOuwzmgYnwi1hNCPf0H-CJ5U01_yLhpIXS8q8
Requested by: Host: tags.creativecdn.com
URL: https://tags.creativecdn.com/UXVDxjkzyjivJA3pPnzU.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash

Request headers

Referer: https://www.1mg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control: public, max-age=86400
content-encoding: gzip
content-length: 488
content-type: text/html;charset=utf-8
date: Fri, 29 Nov 2024 04:31:32 GMT Fri, 29 Nov 2024 04:31:32 GMT
expires: Sat, 30 Nov 2024 04:31:32 GMT
vary: Accept-Encoding

GET
H2 200 setuid
ib.adnxs.com/ 43 B
1 KB 15ms
15ms Image
image/gif 185.89.210.122
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=315&code=oaIxdoIMSmQH8orp8loeUf62cUOQ7qsgPJ7N2Ryw-xs&consent=1

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.1mg.com/

Response headers

cache-control: no-store, no-cache, private
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
x-proxy-origin: 81.95.5.39; 81.95.5.39; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
an-x-request-uuid: f2195ab2-f7bc-45b0-bbab-2762bb1955d6
content-length: 43
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Fri, 29 Nov 2024 04:31:32 GMT
x-xss-protection: 0
content-type: image/gif
server: nginx/1.23.4

POST
H2 202 page Show response
rs.fullstory.com/rec/ 71 B
266 B 150ms
120ms XHR
text/plain 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rs.fullstory.com/rec/page

Requested by

Host: accounts.tatadigital.com
URL: https://accounts.tatadigital.com/v2/tdl-sso-auth.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

58.194.186.35.bc.googleusercontent.com

Software

Resource Hash

dc44da9edb46eaf8dd92b16d290d64b4868b54d2c6eda4387b802a01b1ccf5a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.1mg.com/

Response headers

access-control-allow-credentials: true
x-content-type-options: nosniff
via: 1.1 google
access-control-allow-origin: https://www.1mg.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71
date: Fri, 29 Nov 2024 04:31:32 GMT
content-type: text/plain; charset=utf-8

Verdicts & Comments Add Verdict or Comment

135 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

78 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
api.tatadigital.com/api/v2/sso/	1970-01-21 01:30:59	Name: SESSION Value: NDRmMzhiMmUtYTY4Ny00NmEwLTg3OGEtZjAwYTk4ODg3MmRl
.1mg.com/	1970-01-21 10:56:54	Name: VISITOR-ID Value: 0feb20bd-bf91-4838-931f-9ea1ad4c1fb9_kqppYYIUAS_2934_1732854688824
www.1mg.com/	1970-01-21 02:04:06	Name: city Value: Gurgaon
www.1mg.com/	1970-01-21 10:56:54	Name: abVisitorId Value: 253255
www.1mg.com/	1970-01-21 10:56:54	Name: abExperimentShow Value: true
www.1mg.com/	1970-01-21 01:20:56	Name: amoSessionId Value: c14b884a-2e4b-41d8-8029-de867f4a5593
www.1mg.com/	1969-12-31 23:59:59	Name: _csrf Value: s4LwMK9on9-fdkQ3O11R0llt
www.1mg.com/	1970-01-21 10:56:54	Name: jarvis-id Value: b16b4c44-e785-48a4-b4fa-5f0f3c4f6578
.1mg.com/	1970-01-21 03:30:30	Name: _fbp Value: fb.1.1732854689902.950985894828236430
.1mg.com/	1970-01-21 10:06:30	Name: rl_user_id Value: RudderEncrypt%3AU2FsdGVkX1%2BYtpRjdaz8CaYxKwi2YabeVFYjNG%2FeUC8%3D
.1mg.com/	1970-01-21 10:06:30	Name: rl_trait Value: RudderEncrypt%3AU2FsdGVkX1%2BJ57Qe47pF12jM3WGYa5faLKzSsJMNVec%3D
.1mg.com/	1970-01-21 10:06:30	Name: rl_group_id Value: RudderEncrypt%3AU2FsdGVkX1%2FgOS2qPUM0h531ziMeKHo9oxfOkvTx5bI%3D
.1mg.com/	1970-01-21 10:06:30	Name: rl_group_trait Value: RudderEncrypt%3AU2FsdGVkX1%2FT1QQI7KXfKhIh%2FpC11IPDEYrCs1FJYTU%3D
.1mg.com/	1970-01-21 10:06:30	Name: rl_anonymous_id Value: RudderEncrypt%3AU2FsdGVkX19t7PrVpPLeQ9KTAEAOzPnB5arpvAsvDhwaaFzXVw5SV%2FTqMPNXMbi%2FRQWpKlF0CcofJ8hw7yq7lA%3D%3D
.1mg.com/	1970-01-21 10:06:30	Name: rl_page_init_referrer Value: RudderEncrypt%3AU2FsdGVkX1%2FY4XK3hdlzbypyGmaOAvxvIWc3qKioYxY%3D
.1mg.com/	1970-01-21 10:06:30	Name: rl_page_init_referring_domain Value: RudderEncrypt%3AU2FsdGVkX1%2BbKq54MurB10UmJQLm0%2Bika%2BDEHxIHZII%3D
.1mg.com/	1970-01-21 10:06:30	Name: rl_session Value: RudderEncrypt%3AU2FsdGVkX18F2kVfMXP%2BOK10LHV%2FV2k9rjendMzcL6kwMglWtkpfleYxF5LUFt8WORXgAMQ8QQkCIGf6i4Xgh3yqqv1u0JfWn%2Bfgi%2F%2FZy2WbZxp9Wn91BFXx3ty%2FKCazm%2BdqvWDT5wGXHzz%2BllvHKg%3D%3D
www.1mg.com/	1970-01-21 02:04:06	Name: geolocation Value: false
www.1mg.com/	1969-12-31 23:59:59	Name: synapse:init Value: false
www.1mg.com/	1969-12-31 23:59:59	Name: synapse:platform Value: web
www.1mg.com/	1970-01-21 01:23:18	Name: session Value: QwPGHSY9dCUqmmyLUK09qg.N-JdOd2hiZsr36ZWda8lW2IRhWgRyMLPRpJ1N1Dj9CrX6TDA2majtzgSBuywc89JpJ0PHWRuQEnChyPVil0m_luRwYEirnsJDnGsEFWzBE7Jz9T_RacEYQIi8a20ew0cjJfWvY2pm0CWPz2YPRct5g.1732854690447.144000000.E3Rxz4DehzGjk6RJeiEc82kGSFqVJjmeP8pEhcPPlPY
www.1mg.com/	1969-12-31 23:59:59	Name: is_cp_member Value: false
.1mg.com/	1970-01-21 03:30:30	Name: _gcl_au Value: 1.1.844245749.1732854691
www.1mg.com/	1970-01-21 02:04:06	Name: hkp_campaign Value: winter_care_dweb
www.1mg.com/	1970-01-21 02:04:06	Name: hkp_medium Value: emailer_NC
www.1mg.com/	1970-01-21 02:04:06	Name: hkp_source Value: emailer_NC
.1mg.com/	1970-01-21 01:22:21	Name: _gid Value: GA1.2.1855848459.1732854691
.1mg.com/	1970-01-21 01:20:54	Name: _gat_UA-21820217-6 Value: 1
www.1mg.com/	1970-01-21 10:06:30	Name: __rtbh.lid Value: %7B%22eventType%22%3A%22lid%22%2C%22id%22%3A%22UlS9CE9X3cRdva1abWt4%22%2C%22expiryDate%22%3A%222025-11-29T04%3A31%3A30.686Z%22%7D
.doubleclick.net/	1970-01-21 02:04:06	Name: ar_debug Value: 1
.1mg.com/	1970-01-21 10:56:54	Name: _ga_1HF6RR2VT7 Value: GS1.1.1732854690.1.0.1732854690.0.0.0
.1mg.com/	1970-01-21 10:56:54	Name: _ga_NPGHGVF7FB Value: GS1.1.1732854690.1.0.1732854690.60.0.0
.doubleclick.net/	1970-01-21 10:42:30	Name: IDE Value: AHWqTUki_SMPbtHSS4Fp7pehoe_oQVug2mlU227ekMrabCcA8xk70NVw12rOJG_xN84
.doubleclick.net/	1970-01-21 05:40:06	Name: receive-cookie-deprecation Value: 1
.1mg.com/	1970-01-21 10:06:30	Name: singular_device_id Value: 95aad782-98e1-415a-b5c9-cebd719e3ce2
.1mg.com/	1970-01-21 01:20:58	Name: AMP_TOKEN Value: %24NOT_FOUND
.1mg.com/	1970-01-21 10:56:54	Name: _ga Value: GA1.2.319752909.1732854691
.1mg.com/	1970-01-21 01:20:54	Name: _dc_gtm_UA-21820217-6 Value: 1
.notifyvisitors.com/	1970-01-21 10:56:54	Name: nv_userdevice Value: 8195539uted9
.1mg.com/	1970-01-21 01:20:56	Name: _nv_sess Value: 173339004.1732854690.az4CXwX9tK5pz0fmyGUKj7XLYmJ6AKQQ30DCKs8oDoiEoh3U2c
.1mg.com/	1970-01-21 10:56:54	Name: _nv_uid Value: 173339004.1732854690.8bff3067-8a25-4e60-854c-83a85edf5ba0.1732854690.1732854690.1.0
.1mg.com/	1970-01-21 05:43:42	Name: _nv_utm Value: 173339004.1732854690.1.1.dXRtc3JjPWVtYWlsZXJfTkN8dXRtY2NuPXdpbnRlcl9jYXJlX2R3ZWJ8dXRtY21kPWVtYWlsZXJfTkN8dXRtY3RyPShub3Qgc2V0KXx1dG1jY3Q9KG5vdCBzZXQpfGdjbGlkPXx1dG1hZGdwPQ==
.1mg.com/	1970-01-21 10:56:54	Name: _nv_did Value: 173339004.1732854690.8195539uted9
.criteo.com/	1970-01-21 10:42:30	Name: uid Value: 5b216b0c-4dfb-40ff-a3ff-dc2c20dbbac5
.criteo.com/	1970-01-21 10:42:30	Name: receive-cookie-deprecation Value: 1
.1mg.com/	1970-01-21 10:50:18	Name: cto_bundle Value: nwZUWV84aE5rNkFlbEhDWmhMaHVwVm53bUFxTXdZajVhVGhvbiUyQkdNMVprM1MlMkZHaE4zUkZSWFFZTUtTc2xjUXl0QWQyblVOUk9iaFFXeUxTWHNDdTZET2NaVzdNa1Qyb0g5dERReGtTTG02SmlObzZGSjBtVHFYWndLaDNBSGl1RERyWEZHSDJ6V0g5RjFHZVRjdmMlMkJydzZDeXclM0QlM0Q
.creativecdn.com/	1970-01-21 10:06:30	Name: g Value: Zgn6Wm0hTmjhviWamEe4_1732854691639
.creativecdn.com/	1970-01-21 10:06:30	Name: c Value: Zgn6Wm0hTmjhviWamEe4_UXVDxjkzyjivJA3pPnzU_1732854691639
.creativecdn.com/	1970-01-21 10:06:30	Name: ts Value: 1732854691
www.1mg.com/	1970-01-21 01:22:04	Name: shw_13453 Value: 1
.1mg.com/	1970-01-21 05:40:06	Name: _nv_banner_x Value: 13453
.casalemedia.com/	1970-01-21 10:06:30	Name: CMID Value: Z0lDo1VbLXYAAAH5BkqY1QAA
.casalemedia.com/	1970-01-21 03:30:30	Name: CMPS Value: 5204
.casalemedia.com/	1970-01-21 03:30:30	Name: CMPRO Value: 5204
.criteo.com/	1970-01-21 10:42:30	Name: cto_bundle Value: A8l7lV8zQ1RlM2RBN0N3MTV4YTRDRnJQejBkMFpqUTBCMmlDQTViZzdDdW1PamJSWSUyRnZCJTJGcVc2SXJmZERkVHpwdko2VCUyRmw0MlNFQ1B1RlRBYkU5NiUyQnZZSnVBRGV5VjRNTmZzTmVzNE5Hd20ySUtKT1FaUGc5anh0dmZPNWYxM0VtSHF0
.adnxs.com/	1970-01-21 03:30:30	Name: XANDR_PANID Value: j4JsBcKILFBTsRowAha7XZPx2JirM_8F9ynyBd8VzAUwhhu0z_9C_e4mw-XAtC1PsreEfI-DVygl36Fgzr4tekzVXWC68E2_Z1B1FO03u84.
.adnxs.com/	1970-01-21 10:56:54	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-21 03:30:30	Name: uuid2 Value: 55440800775007504
exchange.mediavine.com/	1970-01-21 01:41:04	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%22cf1aa2b0-ae0a-11ef-8c2e-377c5f9bac83%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-21 01:41:04	Name: mv_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%22cf1aa2b0-ae0a-11ef-8c2e-377c5f9bac83%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-21 01:41:04	Name: am_tokens Value: %7B%22mv_uuid%22%3A%22cf1aa2b0-ae0a-11ef-8c2e-377c5f9bac83%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-21 01:41:04	Name: am_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%22cf1aa2b0-ae0a-11ef-8c2e-377c5f9bac83%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-21 01:41:04	Name: criteo Value: %7B%22id%22%3A%22k-g-vqBlQ6gDmreUTeO8vnfyaJin6qfDVXIoIjMg%22%2C%22version%22%3A%22criteo%22%7D
.media.net/	1970-01-21 10:06:30	Name: visitor-id Value: 3758562918173564000V10
.media.net/	1970-01-21 02:04:06	Name: data-c-ts Value: 1732854691
.media.net/	1970-01-21 02:04:06	Name: data-c Value: k-nLxnjFQ6gDmreUTeO8vnfyaJin68JvXUDfQOuA~~3
.demdex.net/	1970-01-21 05:40:06	Name: demdex Value: 44979765466473601160211279782313493024
.1mg.com/	1970-01-21 05:43:42	Name: _nv_hit Value: 173339004.1732854690.cHZpZXc9MXxidmlldz1bIjEzNDUzIl0=
.dpm.demdex.net/	1970-01-21 05:40:06	Name: dpm Value: 44979765466473601160211279782313493024
.creativecdn.com/	1970-01-21 10:06:30	Name: ar_debug Value: 1
.adnxs.com/	1970-01-21 03:30:30	Name: anj Value: dTM7k!M4/rD>6NRF']wIg2E>ts)n0u!@wnfH1YbZRGH!W=38Eh_UccUiq39Ji+1)F[8)X+8?g>FgYBP%8PD)M6)K*$lx:GM_@]q8AGAdyiXu_'%nugO%v4VB%nn07-<4Er
.1rx.io/	1970-01-21 10:06:30	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-62a0486d-aec1-49cc-9e92-4d2d629a49b9-003%22%7D
.targeting.unrulymedia.com/	1970-01-21 10:06:30	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-62a0486d-aec1-49cc-9e92-4d2d629a49b9-003%22%7D
.tremorhub.com/	1970-01-21 10:06:51	Name: tvid Value: 02282599804b42fc96a1d74c08e3aceb
.tremorhub.com/	1970-01-21 02:04:06	Name: tv_UICR Value: k-ZRtaoFQ6gDmreUTeO8vnfyaJin5OAbcY317v4w
www.1mg.com/	1970-01-21 01:30:59	Name: AWSALBTG Value: Uzt2UmZ9rbn2tAdyUR4d3qXGStIddXKdN5wp85RfW1oUxeHJ5Hbe4Bi72Lfq2/cPpP2SrAxWlug+3Bfa79I/IFZelBredge+Hxh4UF6Th3+mVezNmkqDE6SMIfLwACKk7fIvBp9yQojiv6ZQwtqRZkQbEEuLQTce8Puz1lvYstog
www.1mg.com/	1970-01-21 01:30:59	Name: AWSALBTGCORS Value: Uzt2UmZ9rbn2tAdyUR4d3qXGStIddXKdN5wp85RfW1oUxeHJ5Hbe4Bi72Lfq2/cPpP2SrAxWlug+3Bfa79I/IFZelBredge+Hxh4UF6Th3+mVezNmkqDE6SMIfLwACKk7fIvBp9yQojiv6ZQwtqRZkQbEEuLQTce8Puz1lvYstog
.postrelease.com/	1970-01-21 10:06:30	Name: opt_out Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

14719398.fls.doubleclick.net
a.twiago.com
accounts.tatadigital.com
ad.360yield.com
ad.doubleclick.net
ampcid.google.com
ampcid.google.de
api.rudderstack.com
api.tatadigital.com
asia.creativecdn.com
assets.1mg.com
bat.bing.com
bat.bing.net
browser.sentry-cdn.com
cdn.notifyvisitors.com
cdn.ravenjs.com
cdn.rudderlabs.com
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
d.adroll.com
dis.criteo.com
dpm.demdex.net
e1.emxdgt.com
eb2.3lift.com
edge.fullstory.com
exchange.mediavine.com
gum.criteo.com
ib.adnxs.com
id5-sync.com
jadserve.postrelease.com
ltvsnl2.ltncapp01.com
match.sharethrough.com
matching.ivitrack.com
onemg.gumlet.io
onemg.sng.link
pixel.rubiconproject.com
r.casalemedia.com
region1.analytics.google.com
region1.google-analytics.com
rs.fullstory.com
rtb-csync.smartadserver.com
rudderapi.1mg.com
s.adroll.com
sdk-api-v1.singular.net
simage2.pubmatic.com
sslwidget.criteo.com
static.cloudflareinsights.com
static.criteo.net
static.legitscript.com
stats.g.doubleclick.net
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.1rx.io
sync.outbrain.com
sync.targeting.unrulymedia.com
tags.creativecdn.com
web-sdk-cdn.singular.net
widget.as.criteo.com
www.1mg.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.notifyvisitors.com
x.bidswitch.net
100.21.100.53
103.132.192.30
104.18.26.193
104.18.27.62
104.75.89.75
13.248.245.213
141.226.228.48
142.250.185.194
142.250.185.70
142.250.186.166
142.250.186.67
142.250.186.78
143.204.98.95
15.207.65.151
157.240.0.6
157.240.253.35
162.19.138.82
172.217.18.4
178.250.1.9
18.157.199.229
18.184.206.66
18.245.31.30
182.161.74.16
184.24.77.69
184.30.20.22
185.64.191.210
185.89.210.122
2.16.10.154
2001:4860:4802:32::36
217.182.178.233
2600:1f18:612b:4280:1608:aadf:86e5:f14f
2600:9000:206f:c200:1e:6c7e:cb00:93a1
2600:9000:2644:5e00:6:9280:1080:93a1
2600:9000:275d:2200:16:a497:9700:93a1
2606:4700:10::6814:d632
2606:4700:10::ac43:127a
2606:4700::6810:5049
2606:4700::6812:1022
2620:1ec:33:1::10
2620:1ec:c11::237
2a00:1450:4001:80b::200e
2a00:1450:4001:827::200e
2a00:1450:4001:829::200e
2a00:1450:4001:830::2008
2a00:1450:400c:c00::9b
2a02:2638:3::3
2a02:2638:3::c
2a02:26f0:2780:6::214:f58b
2a02:26f0:480:d::210:f157
2a02:6ea0:c700::112
2a04:4e42:400::729
2a04:4e42:600::729
2a05:d018:cc3:fe05:6a2c:6133:165d:73e6
3.127.101.141
34.117.157.22
35.154.156.157
35.186.194.58
35.201.112.186
35.214.136.108
46.228.174.117
52.214.170.42
54.194.57.148
64.202.112.31
69.173.144.139
85.215.5.31
99.80.224.190
02eee1baa62e5dfb787d85763f1b9893f082683a294b44fda6e572aeabca8392
0647850f13776adb50fe49d901c132604fe57986d537dc3f1669fcf34bcae0b1
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c8a66934177cac3a8ee53e6939ec8265aa2dd657517db02e248501ce2668f0f
0d2113760b59d2edc20172b6d91c3c4a7539c95e6e5cad13d34a08a9e3b2a8e9
0dcb78c35ae24725f200c7471c957d13166d6f1cb2eafa5d80d09183486895a6
1099d6d36fb392c7c5efea52233bffe2b039dcc8c4b133fc2790747d172e489c
174b0e6831825fdfe89595b9175a78e0f36dca606ca6dd8970fd2e3081def1c4
1cf4425f7f6be90071a3e8016590d3c7d7e9afb78e9b67c80f55f406446f8c3d
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
28fc489358490927c7419d73e99d03c8ad95fbc5ae199dd73f9192158cd93247
2bdd9963c92dff0fce6bf62f6cd886a547380ee7ef82f0a2d03dbb50dd729a9c
300286ed6ff5fb15daa619a72f76b44b5bf24a71b0361fc4a5e071a54074b3ec
30d3b6f18bd35158d72f39105a33567c183dfbd750b815320fa042b21439ca00
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3ca9e609ef3f582aec6955e30de3ea1a0a33186bf6b10105d9e8391c4ba8ad21
3d2b803a87bda2c6064214f81f0878c08642ab57aa744977cd45b93af7b70c2c
415142ed295e2502cbdc1c41886c05789dee9c62518407dcd626ae4ae3e52d36
41c162cba678e7bba12764193043b8479932900e9e9d6b8e2d207c99248c8aa7
4286a0d0f77fe9bc243253e4297b58365319bcc30f8bb61b3f1b3eb6b8c46983
42fef7a7c13be12c7c7e48756a9d7798df382decf4d132b5e2843cec70c79636
435303d6da864c3fea9152c0ea61e8dd3585e7e174f5f5e3c46e757bc4b81ffd
437e6b19d780724862fbd3fa492ea6b4a25ad4587cfaaba5a6fb964247026435
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50f7b2d0b1f638bf9f70585de4d84165c069d490ad864f414363801c97e8451f
527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
559ffb4174fd981e6d89c0c58dcc1a4594f29913b5a3d2ee17c3727b458695b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
5ee6dcabca7195a0d0bb5d9072870414f4e059c417265cc788c0cffe8d87eb79
5f21f3bb287a66dc048072a2650960f3d3e3056744baef71fe9255afecfe5c41
602358d68544ed2d54986ebd6ae716461cd6d68433e99f2e1ca63d2a284034c3
60465f8ed45a069f2dbe8658a62fced0fc8691416f8c2afaa59b0dd2d1fecb74
6150a35c0f486c46cadf0e230e2aa159c7c23ecfbb5611b64ee3f25fcbff341f
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f993153efcc7420f89746666b7ad09cfa914fcd866ca4ed932ecd544b5d4016
7518603279024fe064bc8e76ee651647481217be42dcdfceb8bb901312a9be5a
75227a5e95c02805645eeedc3399857605f360497b0262599e9360d21cc53c48
7e89bf03359e3477e0d4c4e6a0b50b092dccd2f7e032fa4cdb30bc4ef0f4bc66
8043b1ed865fcb3817e34634e2462bbadb83b64b348aad4668a3c131603dc67e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8473f5333d9019df0cac6c5afff3211812aa42867ff602ebe0a4dc13c312d7a1
84de47ed6481524074cd5e375bb773f01b59fa6452539b3b60cdb916914ca0e1
85cc25936bc028b85fad880aad3b3c119a92f8d997e82634f816670334eae393
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
8a49ea5083c8030f058182dcd6ae7da0960e68a0d762f71e8e8375f5732fb2fb
8e3e1eae5a568bf7667f4b4912cbd692f3fa8ab836bf400934d61efd366f651c
8ee3657560b1a271d276a415951fe1e5451e258da97a10c639e6b9aba2f28e1b
900acf3b996debf18ac1d86c0d7036481ed30360ffeac9e34dc9502ff30dc1e9
913d7e209b69e0165ba3c05335f9f69dc9c9ccdd3ffb69fcd659c7ac86cef79b
921ae5a4f56184647f714d6064679eaee7df76d091c1bbc3b17c0e524b388d1c
944ea93e22ed0f67c1aecb7407c4ff6be5a47329399a3110ff9f1c2fee12f13f
94c4dfecaefaf4fa6bbcf9e1b7fb14269c115a77821d3a5007475dee1048aec5
968893629eac2d9b4fac1202f238488797f4f39bc5c9fde559dc21cb7a89ee6b
986be1292b8e83aa329bb18ee812a4f895dd9b1348cda18f76f5777b0223edd6
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
9a7616157191cea33870e61c8f37b9842c4a63088c5821eeee34e570679e904f
9d76725b7f590999d2a82733ff3278c2e9bce806dd225d4b2924e989e7eb3147
9d9a5c992606651522968f914729c69164c9db9d96d13f8ac8a63200b787a1fe
9f8afc142828ac2d663582a12bef34da69218005f40625eb59c9387f1c8c60f0
9fabef46411cf097208622219071a2537b0efade8e598c4342b20a1f4428d68b
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1fec7acc9e28feaa2280cd08d30cab4cac8e9557fb8fb35ab6ffcd1e28fade8
a5a1ba626c3405141d7b050d083065a2edf9ff5c9aa9e8f37195ec6ac2935dd7
a5e810c538d9ac115faaaa527625164da813013d225ad8b3f7bf19a3ccc409f2
a7c9512d5a288ebf5518a9ab67df63eec539c210c15e08b7b13e569f3f068f34
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1b265446dfb64556d74c1ded6bce8ab39f921f9b5ac4085daa619e63712a268
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355
bd75a1a9fa9924826d77159ec4e5d54bea1d87c55988917b07010eac8ff39086
bd95e8a7f7c6225934f3f14a6cdc3876566284966667fc32f88fe141e3713da6
c15ba11f2efa8f3308a73300d0f50c4526b43f6c4dba74e4c87c22f7602ff52d
c18ab5a7224c2604dfefa135f9e52b36addcd518eb3cbcfff8827ec6adfe0015
c462bbe93116df73a69b83c42aa1c0477bdbbd3d9aa108ad2a55433a227bf71d
c75afc8fcfa7cccca79fe2d0c1e79941643c2f19eba43849ae0f008025e6fa39
c9f3127e75cffc09f159787fe22fb1bc692d5e12626ece95b7e79a5a894df52b
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cd5bd6705a747b90db5e715e7b148a46e6b2c7b5d944e0a9ab9aba3825cf56c0
cdcbfe15fb180ea37774bd925583c1f51fa630f13eae5581d050671f86ec5484
d0f731b1ed39a79a9715d51747baeebe457a3b2fcde0ffe3a01e3fa54bedd8e6
d7d80f4005ce0e8a8bcb78d84c84b3ed5ab6d7af2aac291c711316fda128a2df
d7f909e44fa960a3050fc98cb18d32dc7559ee841f2580b17b817b59e6b87c57
d972d4c6d8686d183464018746bb3a34926bdf94a35cefc9043b1e19ade12596
dab2aa2011b95b66975909e036c3b397192901249b5183cd46975485e9a4b4a6
dc0923e986b163ba35a8084cc6483006a4a6aab231becc943f44adf1b9624ba5
dc44da9edb46eaf8dd92b16d290d64b4868b54d2c6eda4387b802a01b1ccf5a6
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
ddb459f341fe3717372b613db375fc1e2886da52acd6fc8eb06a4228ae60de54
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4c4d6c2992b3d37bccdc36dca0d52dba15197425eb6bc14825f85f73320b3f5
e5474255ea78c64619188eadc6c1f5a16570fc822844a8cc232fb8ce09c86bfb
e569cd0396544776ed94a7bb2ea2822af1d4a13df4baa8d59bb3bc564f9db698
e70bbc655c6946bbee07576395e4a817eb7841a6a03d4edaefa7c9121e3250dc
eafdc1561e9daf70c23b0a060ded87223c58c0366e85ff9eb798c57432b6b1bc
ebe871432b6d84f8ad91d399d60898fa1176e4c2a80aa79db69907f5bcff41e2
eea76f37e6421d524273f7466091068fcea0dc37b66daa4a596f450a1098850b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f7287b45d0e8430371798da834c8087bed31a443dc8ea5b8919bc815e00b4e03
f7a44d65de0fa865598d717bd575fb2eda490ed79d908a45e0677c2401c05f9e
f866c961bcf793222e5b6e38a849856f692313de6c7822fb5ae366598f722ea9
fa5c91905c6fea2b045d5009bb3a06ad63ab76ff1effb6e3bf5064879bd7c1fd
fb9e4aa0f74c32adf3ac46f12444303e3ffd9b40a15ee6cb2661d60d18a8606f
fccb5b4f6109f7c49d87a035ba3f1c3a03791d0d2e599e27d1bae64923c105e7
fd2c4520a3d59da0d21fbe3d009df84ff3e448c28f7c88807fc277038f7ae9ed

www.1mg.com Open in urlscan Pro 2606:4700:10::6814:d632 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

171 Requests

96 %HTTPS

36 %IPv6

51 Domains

69 Subdomains

64 IPs

10 Countries

2725 kBTransfer

9459 kBSize

78 Cookies

10 Outgoing links

Page URL History

Redirected requests

171 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.1mg.com Open in urlscan Pro
2606:4700:10::6814:d632 Public Scan

Screenshot
Live screenshot

Full Image

171
Requests

96 %
HTTPS

36 %
IPv6

51
Domains

69
Subdomains

64
IPs

10
Countries

2725 kB
Transfer

9459 kB
Size

78
Cookies

171 HTTP transactions
0 data transactions