www.1mg.com Open in urlscan Pro
2606:4700:10::6814:d732 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://1mg.com/
Effective URL:
https://www.1mg.com/
Submission: On June 03 via manual (June 3rd 2023, 4:08:36 am UTC) from IT — Scanned from IT

Summary HTTP 150 Redirects Behaviour Indicators

Summary

This website contacted 67 IPs in 10 countries across 49 domains to perform 150 HTTP transactions. The main IP is 2606:4700:10::6814:d732, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.1mg.com. The Cisco Umbrella rank of the primary domain is 222316.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 19th 2022. Valid for: a year.

This is the only time www.1mg.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 22	2606:4700:10:... 2606:4700:10::6814:d732	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:bb9a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2600:9000:214... 2600:9000:214f:be00:16:a497:9700:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
23	2600:9000:223... 2600:9000:223f:7c00:d:a7d1:b5c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42::729 2a04:4e42::729	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6810:3865	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:225... 2600:9000:2251:d400:9:fddd:fc40:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700:1::... 2606:4700:1::6813:864e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
5	35.201.112.186 35.201.112.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:780... 2a02:26f0:780::210:ca7a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 7	2600:9000:225... 2600:9000:225e:a200:6:9280:1080:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:215... 2600:9000:2156:6200:14:81fb:1e80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:d::2 2a02:2638:d::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	23.32.185.60 23.32.185.60	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
3	64.202.112.63 64.202.112.63	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
4 5	2a02:2638:d::d 2a02:2638:d::d	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2600:9000:223... 2600:9000:223e:3600:1e:6c7e:cb00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a05:d018:cc3... 2a05:d018:cc3:fe04:7b12:8510:f751:9a5d	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
2	95.101.54.200 95.101.54.200	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:400c:c0c::9b	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
1 3	178.250.7.11 178.250.7.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	182.161.74.16 182.161.74.16	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
3	35.186.194.58 35.186.194.58	15169 (GOOGLE) (GOOGLE)
1 2	3.126.160.30 3.126.160.30	16509 (AMAZON-02) (AMAZON-02)
1 1	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
2 2	185.89.211.84 185.89.211.84	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	185.89.210.20 185.89.210.20	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2.18.235.93 2.18.235.93	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	18.193.218.55 18.193.218.55	16509 (AMAZON-02) (AMAZON-02)
1	185.86.139.93 185.86.139.93	201081 (SMARTADSE...) (SMARTADSERVER)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	2.18.161.51 2.18.161.51	16625 (AKAMAI-AS) (AKAMAI-AS)
1	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1 2	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
1	37.157.3.30 37.157.3.30	198622 (ADFORM) (ADFORM)
1	185.255.84.152 185.255.84.152	200271 (IGUANE-) (IGUANE-)
1 2	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1 2	3.248.155.70 3.248.155.70	16509 (AMAZON-02) (AMAZON-02)
1	162.19.138.82 162.19.138.82	16276 (OVH) (OVH)
1 2	34.253.4.201 34.253.4.201	16509 (AMAZON-02) (AMAZON-02)
1	34.117.157.22 34.117.157.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.157.206.233 35.157.206.233	16509 (AMAZON-02) (AMAZON-02)
1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2600:1f18:612... 2600:1f18:612b:4280:9c57:55f3:743f:20f9	14618 (AMAZON-AES) (AMAZON-AES)
1	23.215.16.120 23.215.16.120	16625 (AKAMAI-AS) (AKAMAI-AS)
1	54.77.194.148 54.77.194.148	16509 (AMAZON-02) (AMAZON-02)
1	99.80.94.143 99.80.94.143	16509 (AMAZON-02) (AMAZON-02)
1	52.15.58.80 52.15.58.80	16509 (AMAZON-02) (AMAZON-02)
150	67

22 2606:4700:10::6814:d732 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

1mg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.1mg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.1mg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rudderapi.1mg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:bb9a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

accounts.tatadigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:214f:be00:16:a497:9700:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.rudderlabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2600:9000:223f:7c00:d:a7d1:b5c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

onemg.gumlet.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::729 (United States)

ASN54113 (FASTLY, US)

cdn.ravenjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2251:d400:9:fddd:fc40:93a1 (United States)

ASN16509 (AMAZON-02, US)

api.rudderlabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:1::6813:864e (United States)

ASN13335 (CLOUDFLARENET, US)

a.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.201.112.186 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.112.201.35.bc.googleusercontent.com

edge.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

e52e961b8bb7e1421041f035d13b3981.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:780::210:ca7a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

web-sdk-cdn.singular.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:9000:225e:a200:6:9280:1080:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2156:6200:14:81fb:1e80:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.notifyvisitors.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.32.185.60 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-185-60.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 64.202.112.63 (Chicago, United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:2638:d::d (France) 4 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223e:3600:1e:6c7e:cb00:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.notifyvisitors.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:cc3:fe04:7b12:8510:f751:9a5d (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.101.54.200 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-54-200.deploy.static.akamaitechnologies.com

sdk-api-v1.singular.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.7.11 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 182.161.74.16 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

widget.as.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.186.194.58 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 58.194.186.35.bc.googleusercontent.com

rs.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.160.30 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-160-30.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.74.194 (Staten Island, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.211.84 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.210.20 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.193.218.55 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-218-55.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.93 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.161.51 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-161-51.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.75.62.37 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.3.30 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.152 (France)

ASN200271 (IGUANE-, FR)

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.80.39.216 (Canada) 1 redirects

ASN27381 (CASALE-MEDIA, CA)

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.248.155.70 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-155-70.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.82 (France)

ASN16276 (OVH, FR)
PTR: ns31532337.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.253.4.201 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-4-201.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com

matching.ivitrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.157.206.233 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-206-233.eu-central-1.compute.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4280:9c57:55f3:743f:20f9 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

criteo-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.215.16.120 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-215-16-120.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.77.194.148 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-194-148.eu-west-1.compute.amazonaws.com

sync-criteo.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.80.94.143 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-94-143.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.15.58.80 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-15-58-80.us-east-2.compute.amazonaws.com

s.thebrighttag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	gumlet.io onemg.gumlet.io — Cisco Umbrella Rank: 257361	450 KB
22	1mg.com 1 redirects 1mg.com — Cisco Umbrella Rank: 208686 www.1mg.com — Cisco Umbrella Rank: 222316 assets.1mg.com — Cisco Umbrella Rank: 293609 rudderapi.1mg.com — Cisco Umbrella Rank: 304645	821 KB
10	criteo.com 5 redirects gum.criteo.com — Cisco Umbrella Rank: 416 mug.criteo.com — Cisco Umbrella Rank: 2331 sslwidget.criteo.com — Cisco Umbrella Rank: 1681 widget.as.criteo.com — Cisco Umbrella Rank: 34795 dis.criteo.com — Cisco Umbrella Rank: 587	13 KB
8	adroll.com 1 redirects s.adroll.com — Cisco Umbrella Rank: 2565 d.adroll.com — Cisco Umbrella Rank: 1319	84 KB
8	googlesyndication.com e52e961b8bb7e1421041f035d13b3981.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 123 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	40 KB
8	fullstory.com edge.fullstory.com — Cisco Umbrella Rank: 2139 rs.fullstory.com — Cisco Umbrella Rank: 1983	242 KB
7	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 221 stats.g.doubleclick.net — Cisco Umbrella Rank: 111 cm.g.doubleclick.net — Cisco Umbrella Rank: 231	153 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 49 region1.google-analytics.com — Cisco Umbrella Rank: 1866	21 KB
5	google.com adservice.google.com — Cisco Umbrella Rank: 103 ampcid.google.com — Cisco Umbrella Rank: 2277 www.google.com — Cisco Umbrella Rank: 3	2 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 239 secure.adnxs.com — Cisco Umbrella Rank: 446	4 KB
4	outbrain.com amplify.outbrain.com — Cisco Umbrella Rank: 3029 tr.outbrain.com — Cisco Umbrella Rank: 2794 sync.outbrain.com — Cisco Umbrella Rank: 740	8 KB
4	singular.net web-sdk-cdn.singular.net — Cisco Umbrella Rank: 16520 sdk-api-v1.singular.net — Cisco Umbrella Rank: 5325	47 KB
4	google.it adservice.google.it — Cisco Umbrella Rank: 50002 ampcid.google.it — Cisco Umbrella Rank: 399306 www.google.it — Cisco Umbrella Rank: 18817	1 KB
4	rudderlabs.com cdn.rudderlabs.com — Cisco Umbrella Rank: 13219 api.rudderlabs.com — Cisco Umbrella Rank: 7486	43 KB
3	notifyvisitors.com www.notifyvisitors.com — Cisco Umbrella Rank: 153517 cdn.notifyvisitors.com — Cisco Umbrella Rank: 167827	21 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 383	13 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 165	71 KB
2	360yield.com 1 redirects ad.360yield.com — Cisco Umbrella Rank: 648	875 B
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 216	2 KB
2	casalemedia.com 1 redirects r.casalemedia.com — Cisco Umbrella Rank: 1385	2 KB
2	yahoo.com 1 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 315	507 B
2	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 340	878 B
2	googleapis.com imasdk.googleapis.com — Cisco Umbrella Rank: 486 ajax.googleapis.com — Cisco Umbrella Rank: 398	151 KB
2	mgid.com a.mgid.com — Cisco Umbrella Rank: 21975	5 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 70	185 KB
1	thebrighttag.com s.thebrighttag.com — Cisco Umbrella Rank: 1997	268 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 634	338 B
1	yieldmo.com sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 2138	38 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 3956	235 B
1	tremorhub.com criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2378	399 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 690	585 B
1	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1154	878 B
1	ivitrack.com matching.ivitrack.com — Cisco Umbrella Rank: 2691	274 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 429	1 KB
1	omnitagjs.com visitor.omnitagjs.com — Cisco Umbrella Rank: 970	235 B
1	adform.net cm.adform.net — Cisco Umbrella Rank: 1224	163 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 402	140 B
1	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 1934	163 B
1	taboola.com sync-t1.taboola.com — Cisco Umbrella Rank: 1260	99 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 595	114 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 548	357 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 362	239 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 638	793 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 205	25 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 569	15 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 101	185 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1079	7 KB
1	ravenjs.com cdn.ravenjs.com — Cisco Umbrella Rank: 8793	8 KB
1	tatadigital.com accounts.tatadigital.com — Cisco Umbrella Rank: 179178
150	49

	Domain	Requested by
23	onemg.gumlet.io	www.1mg.com
8	rudderapi.1mg.com	cdn.rudderlabs.com
7	s.adroll.com	1 redirects www.googletagmanager.com s.adroll.com www.1mg.com
7	assets.1mg.com	www.1mg.com
6	www.1mg.com	www.1mg.com assets.1mg.com static.cloudflareinsights.com
5	gum.criteo.com	4 redirects static.criteo.net
5	edge.fullstory.com	cdn.rudderlabs.com edge.fullstory.com rs.fullstory.com
4	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
4	securepubads.g.doubleclick.net	assets.1mg.com securepubads.g.doubleclick.net
3	rs.fullstory.com	edge.fullstory.com
3	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
3	www.google.com	www.1mg.com tpc.googlesyndication.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.1mg.com
3	bat.bing.com	www.1mg.com bat.bing.com
3	connect.facebook.net	www.1mg.com connect.facebook.net
2	ad.360yield.com	1 redirects
2	dpm.demdex.net	1 redirects
2	r.casalemedia.com	1 redirects
2	ups.analytics.yahoo.com	1 redirects
2	secure.adnxs.com	1 redirects
2	ib.adnxs.com	2 redirects
2	dis.criteo.com
2	x.bidswitch.net	1 redirects
2	www.google.it	www.1mg.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	sdk-api-v1.singular.net	web-sdk-cdn.singular.net
2	tr.outbrain.com	amplify.outbrain.com www.1mg.com
2	region1.google-analytics.com	www.googletagmanager.com
2	www.notifyvisitors.com	www.1mg.com cdn.notifyvisitors.com
2	web-sdk-cdn.singular.net	www.googletagmanager.com web-sdk-cdn.singular.net
2	a.mgid.com	www.1mg.com
2	www.googletagmanager.com	www.1mg.com www.googletagmanager.com
2	api.rudderlabs.com	cdn.rudderlabs.com
2	cdn.rudderlabs.com	www.1mg.com cdn.rudderlabs.com
1	s.thebrighttag.com
1	beacon.krxd.net
1	sync-criteo.ads.yieldmo.com
1	ad.yieldlab.net
1	criteo-partners.tremorhub.com
1	simage2.pubmatic.com
1	sync.outbrain.com
1	exchange.mediavine.com
1	matching.ivitrack.com
1	id5-sync.com
1	visitor.omnitagjs.com
1	cm.adform.net
1	eb2.3lift.com
1	criteo-sync.teads.tv
1	sync-t1.taboola.com
1	rtb-csync.smartadserver.com
1	match.sharethrough.com
1	pixel.rubiconproject.com
1	contextual.media.net
1	cm.g.doubleclick.net	1 redirects
1	widget.as.criteo.com
1	sslwidget.criteo.com	1 redirects
1	ajax.googleapis.com	cdn.notifyvisitors.com
1	mug.criteo.com	www.1mg.com
1	ampcid.google.it	www.google-analytics.com
1	d.adroll.com	s.adroll.com
1	cdn.notifyvisitors.com	www.notifyvisitors.com
1	www.googletagservices.com	www.googletagmanager.com
1	ampcid.google.com	www.google-analytics.com
1	amplify.outbrain.com	www.1mg.com
1	static.criteo.net	www.googletagmanager.com
1	imasdk.googleapis.com	www.googletagmanager.com
1	e52e961b8bb7e1421041f035d13b3981.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.it	securepubads.g.doubleclick.net
1	www.facebook.com	www.1mg.com
1	static.cloudflareinsights.com	www.1mg.com
1	cdn.ravenjs.com	www.1mg.com
1	accounts.tatadigital.com	www.1mg.com
1	1mg.com	1 redirects
150	74

This site contains no links.

Subject Issuer	Validity	Valid
1mg.com Cloudflare Inc ECC CA-3	`2022-10-19` - `2023-10-19`	a year	crt.sh
api.tatadigital.com R3	`2023-05-24` - `2023-08-22`	3 months	crt.sh
*.rudderlabs.com Amazon RSA 2048 M02	`2023-02-21` - `2023-08-12`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-03-12` - `2023-06-10`	3 months	crt.sh
*.gumlet.io Amazon ECDSA 256 M01	`2023-02-16` - `2024-03-16`	a year	crt.sh
cdn.ravenjs.com GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-08-30` - `2023-10-01`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2023-02-16` - `2023-08-16`	6 months	crt.sh
edge.fullstory.com GTS CA 1D4	`2023-05-27` - `2023-08-25`	3 months	crt.sh
*.google.it GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.singular.net DigiCert TLS RSA SHA256 2020 CA1	`2023-05-05` - `2024-05-04`	a year	crt.sh
s.adroll.com Amazon RSA 2048 M02	`2023-02-24` - `2023-08-01`	5 months	crt.sh
notifyvisitors.com Amazon RSA 2048 M01	`2023-05-15` - `2024-06-12`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-27` - `2023-08-27`	3 months	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-09` - `2024-02-11`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
d.adroll.com Amazon RSA 2048 M01	`2022-11-08` - `2023-12-07`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
rs.fullstory.com GTS CA 1D4	`2023-05-21` - `2023-08-19`	3 months	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M02	`2023-02-10` - `2023-08-12`	6 months	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.taboola.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
teads.tv R3	`2023-05-11` - `2023-08-09`	3 months	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
*.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-25` - `2024-06-18`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-21` - `2023-07-21`	a year	crt.sh
*.id5-sync.com R3	`2023-04-18` - `2023-07-17`	3 months	crt.sh
itm.ivitrack.com R3	`2023-06-03` - `2023-09-01`	3 months	crt.sh
exchange.mediavine.com Amazon RSA 2048 M01	`2023-02-11` - `2023-08-04`	6 months	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.tremorhub.com Amazon RSA 2048 M01	`2023-02-22` - `2024-03-23`	a year	crt.sh
*.yieldlab.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-11-15`	a year	crt.sh
*.ads.yieldmo.com Amazon RSA 2048 M01	`2023-04-04` - `2024-05-02`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://www.1mg.com/
Frame ID: 055153A14C76904C009FDF5CF5FD7504
Requests: 106 HTTP requests in this frame

Frame: https://e52e961b8bb7e1421041f035d13b3981.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 90B0F47D4E5565A0B8E9DB3EFC87F083
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.1mg.com&origin=onetag
Frame ID: 3588B5672D4BD0A63EF26DC88979DC28
Requests: 2 HTTP requests in this frame

Frame: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Frame ID: 16ECF9E28EDB832C2D788DF6DF2F6520
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3825FE7027403BC68E9E9301DF80D89F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D4B587D09A670FF26B7051D7837A1692
Requests: 2 HTTP requests in this frame

Frame: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-cLjpa4d9tizz_y2mJGmHNyGFISjYiwimt9sqbA&expires=30
Frame ID: FEED2990F24C52529F873938BAA5AA18
Requests: 27 HTTP requests in this frame

Frame: https://edge.fullstory.com/s/fs.js
Frame ID: 424FFB9B739D6B694ABE2E19DF200DBC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Online Pharmacy India | Buy Medicines from India's Trusted Medicine Store: 1mg.com

Page URL History Show full URLs

http://1mg.com/ HTTP 301
https://www.1mg.com/ Page URL

Detected technologies

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:a|s)\.adroll\.com

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Criteo (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

//static\.criteo\.net/js/ld/ld\.js

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

150
Requests

91 %
HTTPS

51 %
IPv6

49
Domains

74
Subdomains

67
IPs

10
Countries

2433 kB
Transfer

7809 kB
Size

87
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://1mg.com/ HTTP 301
https://www.1mg.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 77

https://s.adroll.com/j/pre/U4ZFS2QH4VB65A54O43AEQ/6PFMKMAZXFGFLMSXPCJHFF/fpconsent.js HTTP 302
https://s.adroll.com/j/pre/index.js

Request Chain 99

https://gum.criteo.com/sid/json?origin=onetag&domain=1mg.com&sn=ChromeSyncframe&so=0&topUrl=www.1mg.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=LiJ_h3xaZUUrUjhxZUxOdG9TV1o1V0pOQWgraGdBZS8wU3BRSUViMDBLL0NISjd0ckx1NjlIMGNTU0wyRnNKdTlqeW9VRnNkZW9tOUNwS09wcU9Hb24wMGhPUWhVNlpvMlMxYUo4V1NTSUpIYXdaSG5HS1VrclF5a01tOG9nT3cyeVZtZ1pTNWhyemdWMzZ2YTNOdmc2QU53RXVvdFY0OXpvMlFrRkFvUTZiKytlTEFsOGUxT2dGUGp5SmZtTVVGT1NnY1YwQ0lkYmFPQWduSzc2czJNZ2pMNUV2dEdhNVJ5N3l4U0IwNlV6bUphSXZLbHRFeTZydVNkUlhtU0xmVHl5QTFpYzE4VUVqcjdFQzlRaTFhazQwVFgrUT09fA&cppv=2

Request Chain 104

https://sslwidget.criteo.com/event?a=51601&v=5.16.1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=pZp2V19zU2tEUjdwZnNYd3p3TXNvTnVsN3ltcWJiZFdBRHhqTk9HVlRqTUVEWktvcWpkWUklMkZjM0R0bGJRUHlIS01Gek9TUUpWejlEZzN4ODMxbHNGQVclMkJsNWNZaHhvWlM4SGpEdTZ3ZDMlMkZHS1B4dGpqblg4VjB6aHUxZSUyRjNxM2NzTWdEemVxdXpCWDN0VHVjVFAwR1ZsSDQ0USUzRCUzRA&tld=1mg.com&fu=https%253A%252F%252Fwww.1mg.com%252F&ceid=a4a0ac81-4374-4d0b-a59c-a1671c3440cc&dtycbr=96745 HTTP 302
https://widget.as.criteo.com/event?a=51601&v=5.16.1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=pZp2V19zU2tEUjdwZnNYd3p3TXNvTnVsN3ltcWJiZFdBRHhqTk9HVlRqTUVEWktvcWpkWUklMkZjM0R0bGJRUHlIS01Gek9TUUpWejlEZzN4ODMxbHNGQVclMkJsNWNZaHhvWlM4SGpEdTZ3ZDMlMkZHS1B4dGpqblg4VjB6aHUxZSUyRjNxM2NzTWdEemVxdXpCWDN0VHVjVFAwR1ZsSDQ0USUzRCUzRA&tld=1mg.com&fu=https%253A%252F%252Fwww.1mg.com%252F&ceid=a4a0ac81-4374-4d0b-a59c-a1671c3440cc&dtycbr=96745

Request Chain 115

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-cLjpa4d9tizz_y2mJGmHNyGFISjYiwimt9sqbA&expires=30 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-cLjpa4d9tizz_y2mJGmHNyGFISjYiwimt9sqbA&expires=30

Request Chain 116

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-MsYmsYd9tizz_y2mJGmHNyGFIShTh-ORIHcA6g&google_cm&google_hm=ay1Nc1ltc1lkOXRpenpfeTJtSkdtSE55R0ZJU2hUaC1PUklIY0E2Zw HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-MsYmsYd9tizz_y2mJGmHNyGFIShTh-ORIHcA6g&google_gid=CAESEOOVwUIrTSm2NqeozIsgNC8&google_cver=1&google_ula=913071,0

Request Chain 117

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=1410289253550211040

Request Chain 118

https://secure.adnxs.com/setuid?entity=52&code=k-z_rLYId9tizz_y2mJGmHNyGFISgCUwH5_zl9PA HTTP 307
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-z_rLYId9tizz_y2mJGmHNyGFISgCUwH5_zl9PA

Request Chain 126

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-KRHh7Yd9tizz_y2mJGmHNyGFISh8o-u4jKoR0Q HTTP 302
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-KRHh7Yd9tizz_y2mJGmHNyGFISh8o-u4jKoR0Q&verify=true

Request Chain 129

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-VBxIJ4d9tizz_y2mJGmHNyGFIShYVk_IGyrgxQ HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-VBxIJ4d9tizz_y2mJGmHNyGFIShYVk_IGyrgxQ&C=1

Request Chain 130

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=ZaEnQuJN2FZRvsARPd4cRyP81oPtMt31 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=ZaEnQuJN2FZRvsARPd4cRyP81oPtMt31

Request Chain 132

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-0RKke4d9tizz_y2mJGmHNyGFISiLGe5wBeEmBA HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-0RKke4d9tizz_y2mJGmHNyGFISiLGe5wBeEmBA

Request Chain 142

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=kr1Mj9LgKZWml99S7IYW6FkcU0oCq2lF

Request Chain 143

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=XvDi0XltbbQXMB8btAWuKalO3DtN39Wa

150 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.1mg.com/
Redirect Chain

http://1mg.com/
https://www.1mg.com/

601 KB
101 KB

637ms
587ms

Document
text/html

2606:4700:10::6814:d732
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.1mg.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:d732 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b647bea7f12e0a8325f72c5c91b0cec0e3d5e190bd3ebb87b6bf95cd8dae68a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

access-control-expose-headers: TMP_HKP_USER_ID
cache-control: public
cf-cache-status: DYNAMIC
cf-ray: 7d15132ccb97bae5-MXP
content-encoding: br
content-type: text/html; charset=utf-8
date: Sat, 03 Jun 2023 04:08:26 GMT
pragma: public
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
visitor-id: cc3fc313-70f8-4c92-ccf0-890f693cb554_acce55_1685765306
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-visitor-id: cc3fc313-70f8-4c92-ccf0-890f693cb554_acce55_1685765306
x-xss-protection: 1; mode=block

Redirect headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: TMP_HKP_USER_ID
CF-Cache-Status: DYNAMIC
CF-RAY: 7d15132aeba4bb05-MXP
Cache-Control: public
Connection: keep-alive
Content-Type: text/html
Date: Sat, 03 Jun 2023 04:08:26 GMT
Location: https://www.1mg.com/
Pragma: public
Server: cloudflare
Transfer-Encoding: chunked

GET
H2 200 ClearSans-Regular.woff2
assets.1mg.com/hkp/1.0.0/static/css/fonts/clearsans-1.00/WOFF2/ 44 KB
44 KB 77ms
31ms Font
application/octet-stream 2606:4700:10::6814:d732
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.1mg.com/hkp/1.0.0/static/css/fonts/clearsans-1.00/WOFF2/ClearSans-Regular.woff2
Requested by: Host: www.1mg.com
URL: https://www.1mg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:d732 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 602358d68544ed2d54986ebd6ae716461cd6d68433e99f2e1ca63d2a284034c3

Request headers

Referer: https://www.1mg.com/
Origin: https://www.1mg.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 04:08:27 GMT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 93VZ37NHGRE1N9M4
age: 37073
x-amz-server-side-encryption: AES256
x-amz-id-2: 7iO4yHTz5LZF/nrbaipBkXhZf6Gt9dSokNm01a8Awn6FFyb4jUoH+PkDAvk5g7tM06DHiBbHPMc=
last-modified: Fri, 02 Jun 2023 17:34:18 GMT
server: cloudflare
etag: W/"4dd5d02bf54ad96ae7d03bf6cef6a966"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
content-type: text/plain
cache-control: max-age=31536000
cf-ray: 7d151330c977bab5-MXP

GET
H2 403 tdl-sso-auth.js
accounts.tatadigital.com/v2/ 0
0 210ms
42ms Script
text/html 2a02:26f0:6c00::210:bb9a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://accounts.tatadigital.com/v2/tdl-sso-auth.js
Requested by: Host: www.1mg.com
URL: https://www.1mg.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:bb9a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.1mg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

GET
H2 200 rudder-analytics.min.js Show response
cdn.rudderlabs.com/v1.1/ 115 KB
36 KB 130ms
30ms Script
text/javascript 2600:9000:214f:be00:16:a497:9700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rudderlabs.com/v1.1/rudder-analytics.min.js
Requested by: Host: www.1mg.com
URL: https://www.1mg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:be00:16:a497:9700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 078d328ee62f15d109e34685630fa9b16df33ea641832b695c795abcce4c8778

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.1mg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:14:37 GMT
content-encoding: gzip
via: 1.1 c714e4f593454d65f62cf3fecf756a4c.cloudfront.net (CloudFront)
last-modified: Mon, 29 May 2023 08:59:07 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 3231
x-amz-server-side-encryption: AES256
etag: W/"381600e723997a878dbbd184fb081ecc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: pD9KlbbGfNsPg6--YhTwE0nSoCuqUEHdLN6hIA35qdR_-p9qsAsWqg==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 106 KB
28 KB 84ms
27ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.1mg.com
URL: https://www.1mg.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0caf64bbe8954fe9c2166955ec4e1842b2f0780fb0cbb76ed7d60ea0dc59dddd

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.1mg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 03 Jun 2023 04:08:27 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27549
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: WxCuZtmkyk/XVGyWkK3Mkfl2EBAT3EY6xiJKEvvcOE/rPk37HqauNXFVvJDhmfeJfweQ+TTXUJUquxT4yzTz+A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 tata_1mg_logo.svg
www.1mg.com/images/ 7 KB
3 KB 462ms
461ms Image
image/svg+xml 2606:4700:10::6814:d732
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.1mg.com/images/tata_1mg_logo.svg

Requested by

Host: www.1mg.com
URL: https://www.1mg.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:d732 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddb459f341fe3717372b613db375fc1e2886da52acd6fc8eb06a4228ae60de54

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.1mg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 04:08:27 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: BYPASS
last-modified: Fri, 02 Jun 2023 17:20:18 GMT
server: cloudflare
etag: W/"1c92-1887d1fd5b9"
cache-status: HIT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: https://www.1mglabs.com
cache-control: public, max-age=0
cf-ray: 7d1513316d8ebae5-MXP

GET
H2 200 cart-icon-rebrand_vp4k0f.svg
onemg.gumlet.io/ 947 B
2 KB 147ms
64ms Image
image/svg+xml 2600:9000:223f:7c00:d:a7d1:b5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onemg.gumlet.io/cart-icon-rebrand_vp4k0f.svg

Requested by

Host: www.1mg.com
URL: https://www.1mg.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:7c00:d:a7d1:b5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

00ea35066ac2d3866e2b171191643fd38c03ec5f358237d0e89c13364641732d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.1mg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-gumlet-pc: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 07 Apr 2023 00:06:52 GMT
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "response_headers":["content-length"] }
x-gumlet-reqid: ZC9enO7vH7lbirP7
x-amz-cf-pop: FRA56-P5
age: 4939295
x-cache: Hit from cloudfront
x-gumlet-runtime: 0.02
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 947
surrogate-key: onemg.gumlet.io 2023-01-23
etag: "1f2c990a7de16fe6"
access-control-max-age: 3600
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000
vary: accept
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id: rS38Qnz_CiBloC9v_fYesNJsk_q9tnmAobjeCxxaUGd7gBJjMDCG2g==

GET
H2 200 ul9tzxcgrm3cfzclhi36.png
onemg.gumlet.io/ 2 KB
2 KB 110ms
28ms Image
image/webp 2600:9000:223f:7c00:d:a7d1:b5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onemg.gumlet.io/ul9tzxcgrm3cfzclhi36.png

Requested by

Host: www.1mg.com
URL: https://www.1mg.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:7c00:d:a7d1:b5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

df89109a4619b412c75d063662f307c519859e8f109030107a157ae1b6827714

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.1mg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-gumlet-pc: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 14 May 2023 01:23:07 GMT
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
nel: {'report_to': 'gumlet-nel', 'max_age': 604800, 'success_fraction': 0.005, 'response_headers':['content-length'] }
x-gumlet-reqid: 646037fbd4a0d800a65280ed
x-amz-cf-pop: FRA56-P5
age: 1737920
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-gumlet-runtime: 0.022
alt-svc: h3=":443"; ma=86400
content-length: 1642
surrogate-key: onemg.gumlet.io 2023-04-26
etag: "1kdnji7jvel25"
access-control-max-age: 3600
report-to: {'group': 'gumlet-nel', 'max_age': 604800, 'endpoints': [{'url': 'https://nel.gumlytics.com/report'}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000
vary: accept
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id: bhkpnSaK0iGdeu3XX6A5cvpekwQFUnagV0A9ybBcdDrVfN0sg3x6dQ==

GET
H2 200 fontawesome-webfont.woff2
assets.1mg.com/hkp/1.0.0/static/fonts/ 55 KB
56 KB 32ms
31ms Font
application/octet-stream 2606:4700:10::6814:d732
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.1mg.com/hkp/1.0.0/static/fonts/fontawesome-webfont.woff2?v=4.3.0
Requested by: Host: www.1mg.com
URL: https://www.1mg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:d732 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Request headers

Referer: https://www.1mg.com/
Origin: https://www.1mg.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 04:08:27 GMT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 2K2NC9YQJ3C43E0F
age: 37072
x-amz-server-side-encryption: AES256
x-amz-id-2: WKLjQLUH/4K2DxNw9rQew4Pqw4X7hvaQJtDeaY0kAnPBA/XKnHH0Cl1IDKn8Cap2r8NKnnYLj+k=
last-modified: Fri, 02 Jun 2023 17:34:19 GMT
server: cloudflare
etag: W/"97493d3f11c0a3bd5cbd959f5d19b699"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
content-type: text/plain
cache-control: max-age=31536000
cf-ray: 7d15133169c1bab5-MXP

GET
H2 200 31303ed7-be3f-4840-be58-ea2ebf5d7fcc_1660815255.jpg
onemg.gumlet.io/ 147 KB
148 KB 77ms
69ms Image
application/x-www-form-urlencoded 2600:9000:223f:7c00:d:a7d1:b5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onemg.gumlet.io/31303ed7-be3f-4840-be58-ea2ebf5d7fcc_1660815255.jpg?blur=80&format=auto

Requested by

Host: www.1mg.com
URL: https://www.1mg.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:7c00:d:a7d1:b5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

b390abb00c8303f368578e1c09798505b1b9fe8d9dbb8808534998a1c0c5947b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.1mg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-gumlet-pc: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 02 Jun 2023 17:34:32 GMT
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
nel: {'report_to': 'gumlet-nel', 'max_age': 604800, 'success_fraction': 0.005, 'response_headers':['content-length'] }
x-gumlet-reqid: 647a28274474a960db6e6101
x-amz-cf-pop: FRA56-P5
age: 38034
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-gumlet-runtime: 0.974
alt-svc: h3=":443"; ma=86400
content-length: 150330
surrogate-key: onemg.gumlet.io 2023-03-27
etag: "31lmapxqqyqub"
access-control-max-age: 3600
report-to: {'group': 'gumlet-nel', 'max_age': 604800, 'endpoints': [{'url': 'https://nel.gumlytics.com/report'}]}
content-type: application/x-www-form-urlencoded
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id: rjGy8kJOa2bsc49rKt4DD7rw4dW_iEg3DcqN86AKzFktZGYzUfTJrA==

GET
H2 200 0a019cb8-03df-4985-ad78-cc6dc8bc72c5.png
onemg.gumlet.io/a_ignore,w_480,h_200,c_fit,q_auto,f_auto/ 13 KB
14 KB 67ms
59ms Image
image/webp 2600:9000:223f:7c00:d:a7d1:b5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onemg.gumlet.io/a_ignore,w_480,h_200,c_fit,q_auto,f_auto/0a019cb8-03df-4985-ad78-cc6dc8bc72c5.png

Requested by

Host: www.1mg.com
URL: https://www.1mg.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:7c00:d:a7d1:b5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

c864c9a32a3058b4f23b4bfa3ea536eb44427a0c4aa83506718b7a99272f73bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.1mg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-gumlet-pc: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 02 Jun 2023 19:53:14 GMT
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
nel: {'report_to': 'gumlet-nel', 'max_age': 604800, 'success_fraction': 0.005, 'response_headers':['content-length'] }
x-gumlet-reqid: 647a48aad9eea7ff1f293e13
x-amz-cf-pop: FRA56-P5
age: 29713
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-gumlet-runtime: 0.25
alt-svc: h3=":443"; ma=86400
content-length: 13054
surrogate-key: onemg.gumlet.io 2023-06-02
etag: "36vtsqm289ggj"
access-control-max-age: 3600
report-to: {'group': 'gumlet-nel', 'max_age': 604800, 'endpoints': [{'url': 'https://nel.gumlytics.com/report'}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
vary: accept
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id: APDAZrWiQywim-vzmlRGEwWw3nIYC5Xf90xc4jCXNVKXanJpDDsBAA==

GET
H2 200 d037f049-0426-43b5-b365-c89ccd788d2d.png
onemg.gumlet.io/marketing/ 30 KB
31 KB 40ms
32ms Image
image/webp 2600:9000:223f:7c00:d:a7d1:b5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onemg.gumlet.io/marketing/d037f049-0426-43b5-b365-c89ccd788d2d.png

Requested by

Host: www.1mg.com
URL: https://www.1mg.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:7c00:d:a7d1:b5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

70b5da9ec7021d319b0feca1dd271703b35e4769a79693818f485887ee3cf014

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.1mg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-gumlet-pc: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 31 May 2023 16:18:07 GMT
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
nel: {'report_to': 'gumlet-nel', 'max_age': 604800, 'success_fraction': 0.005, 'response_headers':['content-length'] }
x-gumlet-reqid: 6477733f3c991c167673ab2e
x-amz-cf-pop: FRA56-P5
age: 215420
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-gumlet-runtime: 0.265
alt-svc: h3=":443"; ma=86400
content-length: 30864
surrogate-key: onemg.gumlet.io 2023-05-24
etag: "2y34uujdpnhlu"
access-control-max-age: 3600
report-to: {'group': 'gumlet-nel', 'max_age': 604800, 'endpoints': [{'url': 'https://nel.gumlytics.com/report'}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
vary: accept
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id: K7koF4m9FPZj-eEGiLHPgRw0WR1I5vPI7FJ6u3nZ7EuTyW_57SwRNg==

GET
H2 200 safe_bjisiz.svg
onemg.gumlet.io/ 1 KB
2 KB 75ms
68ms Image
image/svg+xml 2600:9000:223f:7c00:d:a7d1:b5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onemg.gumlet.io/safe_bjisiz.svg

Requested by

Host: www.1mg.com
URL: https://www.1mg.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:7c00:d:a7d1:b5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

f9d5b667c6b7e4e03152a7ecb28b091672b7112489fb3b7e1d95e1c76c5206ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.1mg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-gumlet-pc: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 11 May 2023 06:21:53 GMT
content-encoding: br
nel: {'report_to': 'gumlet-nel', 'max_age': 604800, 'success_fraction': 0.005, 'response_headers':['content-length'] }
x-gumlet-reqid: 645c89804cf61f774b044038
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 1979194
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-gumlet-runtime: 0.526
alt-svc: h3=":443"; ma=86400
surrogate-key: onemg.gumlet.io 2023-04-29
etag: W/"2ivmmznvhir9q"
access-control-max-age: 3600
report-to: {'group': 'gumlet-nel', 'max_age': 604800, 'endpoints': [{'url': 'https://nel.gumlytics.com/report'}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000
vary: Accept-Encoding,accept
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id: MgO0H9u_qxut7tXq99hLlbDHI6uxyJ7sAI_ZCI8GjMue-gOI7uS1BA==

GET
H2 200 quick_buy_rebrand_lqpnce.svg
onemg.gumlet.io/ 179 B
1 KB 79ms
78ms Image
image/svg+xml 2600:9000:223f:7c00:d:a7d1:b5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onemg.gumlet.io/quick_buy_rebrand_lqpnce.svg

Requested by

Host: www.1mg.com
URL: https://www.1mg.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:7c00:d:a7d1:b5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

8c2dae0d93380e1cca1ed3cb66cadab9659b6c215b2f9e1381ec5c31d5c3ab2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.1mg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-gumlet-pc: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 03 May 2023 22:59:29 GMT
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
nel: {'report_to': 'gumlet-nel', 'max_age': 604800, 'success_fraction': 0.005, 'response_headers':['content-length'] }
x-gumlet-reqid: 6452e75140f45a455009c68f
x-amz-cf-pop: FRA56-P5
age: 2610538
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-gumlet-runtime: 0.011
alt-svc: h3=":443"; ma=86400
content-length: 179
surrogate-key: onemg.gumlet.io 2023-04-28
etag: "8pr37pd78p2k"
access-control-max-age: 3600
report-to: {'group': 'gumlet-nel', 'max_age': 604800, 'endpoints': [{'url': 'https://nel.gumlytics.com/report'}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000
vary: accept
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id: QPrjhnGRua-SZTjDHJM3kgW8dq0JAqkN758yjB5_vKtpXIg7txBv_g==

GET
H2 200 next-round.svg
assets.1mg.com/hkp/1.0.0/static/images/ 995 B
797 B 34ms
34ms Image
image/svg+xml 2606:4700:10::6814:d732
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.1mg.com/hkp/1.0.0/static/images/next-round.svg
Requested by: Host: www.1mg.com
URL: https://www.1mg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:d732 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02eee1baa62e5dfb787d85763f1b9893f082683a294b44fda6e572aeabca8392

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.1mg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 04:08:27 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 02 Jun 2023 17:34:30 GMT
server: cloudflare
x-amz-request-id: FA6XEBXD8ZP19QD4
age: 36454
etag: W/"75aa10679318dcc8b1dc8b6c99da1f69"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 7d151331edb7bae5-MXP
x-amz-id-2: SwBG633p1W7ViEUpR6wVC+tYMtOh0Cpd+iYk1cpSFn3EooZIBztYv/OqOfCBxg88Ax+VpJaizLA=

GET
H2 200 commons-products.bundle.2ae1ca96d5bb03698da206dc6a1281e9.js Show response
assets.1mg.com/hkp/1.0.0/static/js/ 741 KB
202 KB 47ms
47ms Script
application/javascript 2606:4700:10::6814:d732
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.1mg.com/hkp/1.0.0/static/js/commons-products.bundle.2ae1ca96d5bb03698da206dc6a1281e9.js
Requested by: Host: www.1mg.com
URL: https://www.1mg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:d732 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3322cdd40962df77e2f84c1f17857684c17737725a8b8437a1eb0635214654e1

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.1mg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 04:08:27 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 02 Jun 2023 17:34:52 GMT
server: cloudflare
x-amz-request-id: 2K2RJMM8P0KJM42E
age: 37072
etag: W/"2ae1ca96d5bb03698da206dc6a1281e9"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 7d1513322dcfbae5-MXP
x-amz-id-2: mMh1EX/sN3ox8K/YVaT4ljxnR119IXSifmnu43bv/gapZahvB7KtXkO/iOvBqf3FP3WO5jrz6ZU=

GET
H2 200 homePage.bundle.8c38e3f8bde053f15d385c75890958fe.js Show response
assets.1mg.com/hkp/1.0.0/static/js/ 2 MB
310 KB 54ms
52ms Script
application/javascript 2606:4700:10::6814:d732
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.1mg.com/hkp/1.0.0/static/js/homePage.bundle.8c38e3f8bde053f15d385c75890958fe.js
Requested by: Host: www.1mg.com
URL: https://www.1mg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:d732 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 029b8bb17fe0e69335f1af3f9977b36571c603b8452f160ff1cf77a4f1507801

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.1mg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 04:08:27 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 02 Jun 2023 17:34:51 GMT
server: cloudflare
x-amz-request-id: T226XDRN0DKQ2GAS
age: 27565
etag: W/"8c38e3f8bde053f15d385c75890958fe"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 7d1513323dd8bae5-MXP
x-amz-id-2: RZqkq9WGBNhuT1fjbATXC2P5Aw3iZ7P6qOuY51TXKuV8i21WmP7BocLvcbJvn0TUzCGDlmnC2Fg=

GET
H2 200 raven.min.js Show response
cdn.ravenjs.com/3.8.1/ 21 KB
8 KB 67ms
17ms Script
application/javascript 2a04:4e42::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ravenjs.com/3.8.1/raven.min.js
Requested by: Host: www.1mg.com
URL: https://www.1mg.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Fastly /
Resource Hash: fd2c4520a3d59da0d21fbe3d009df84ff3e448c28f7c88807fc277038f7ae9ed

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.1mg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 04:08:27 GMT
content-encoding: gzip
last-modified: Thu, 17 Nov 2016 16:35:03 GMT
server: Fastly
age: 81048
etag: "f05c5502275fc20f0d12d8c0bda3fff4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
content-length: 8422

GET
H2 200 header-essentials.min.6141ace8ec9024a16ba4eb1f0b2c95cf.js Show response
assets.1mg.com/hkp/1.0.0/static/js/ 338 KB
98 KB 53ms
52ms Script
application/javascript 2606:4700:10::6814:d732
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.1mg.com/hkp/1.0.0/static/js/header-essentials.min.6141ace8ec9024a16ba4eb1f0b2c95cf.js
Requested by: Host: www.1mg.com
URL: https://www.1mg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:d732 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f993153efcc7420f89746666b7ad09cfa914fcd866ca4ed932ecd544b5d4016

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.1mg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 04:08:27 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 02 Jun 2023 17:34:52 GMT
server: cloudflare
x-amz-request-id: 2K2WR8NR9CV2YFFP
age: 37072
etag: W/"6141ace8ec9024a16ba4eb1f0b2c95cf"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 7d1513323ddabae5-MXP
x-amz-id-2: iB6xzsWFKFCTJab2q3aoIclpYtQHj495nx/iVv19txuzshryhBYyH7k/p4AFyGRusOmvfD+hr+E=

GET
H2 200 v52afc6f149f6479b8c77fa569edb01181681764108816 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 92ms
44ms Script
text/javascript 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816
Requested by: Host: www.1mg.com
URL: https://www.1mg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b

Request headers

Referer: https://www.1mg.com/
Origin: https://www.1mg.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 04:08:27 GMT
content-encoding: gzip
last-modified: Mon, 17 Apr 2023 20:41:48 GMT
server: cloudflare
etag: W/2023.4.2
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7d1513328f5b8397-MXP

GET
H2 200 1533315340292439 Show response
connect.facebook.net/signals/config/ 78 KB
22 KB 129ms
127ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1533315340292439?v=2.9.106&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

865f91f404ba04e87dd6af045c0c912f587e9f042a8bfc10b74a92dd687f8868

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.1mg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 03 Jun 2023 04:08:27 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: h59RxynP77JKhN0fhbj66veCtqq/3UXSaZ+FQOk7nwqqAS+7QpEAi5uJQ0ZbDr8aPNdLXzTmyvCWyup/iOR7Aw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

OPTIONS
H2 204 /
api.rudderlabs.com/sourceConfig/ Frame 0
0 140ms
25ms Preflight 2600:9000:2251:d400:9:fddd:fc40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.rudderlabs.com/sourceConfig/?p=cdn&v=2.34.0&writeKey=1Xw0r3h5UkJhTd7i4MyWYyjDQFZ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:d400:9:fddd:fc40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://www.1mg.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-origin: *
access-control-max-age: 900
age: 84
alt-svc: h3=":443"; ma=86400
date: Sat, 03 Jun 2023 04:07:03 GMT
vary: Origin
via: 1.1 68b2682a924ac399aa2724b5b439e75c.cloudfront.net (CloudFront)
x-amz-cf-id: BkPL5NT7jvYopFEP_jp81r2458o2YQdiNqKrgxijnI2DsabARPvheA==
x-amz-cf-pop: FRA60-P3
x-cache: Hit from cloudfront
x-request-id: 187d0b90-01c4-11ee-ad26-7befed592837

GET
H2 200 / Show response
api.rudderlabs.com/sourceConfig/ 12 KB
4 KB 27ms
26ms XHR
application/json 2600:9000:2251:d400:9:fddd:fc40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rudderlabs.com/sourceConfig/?p=cdn&v=2.34.0&writeKey=1Xw0r3h5UkJhTd7i4MyWYyjDQFZ

Requested by

Host: cdn.rudderlabs.com
URL: https://cdn.rudderlabs.com/v1.1/rudder-analytics.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2251:d400:9:fddd:fc40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

2261f01d5e3916154a5551b5abb0925d5f5a812151cd5812f20a3b9d3acb2edb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.1mg.com/
accept-language: it-IT,it;q=0.9
Authorization: Basic MVh3MHIzaDVVa0poVGQ3aTRNeVdZeWpEUUZaOg==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 04:07:47 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
via: 1.1 68b2682a924ac399aa2724b5b439e75c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 40
x-dns-prefetch-control: off
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 33072c70-01c4-11ee-ab35-876c5d83cd40
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
x-amz-cf-id: hrNI8wUGU4u7FcXoZLaq-cJy4GAfOG4B0kGEwCiLbg1e9oodpewwng==

GET
H2 200 ads.js Show response
www.1mg.com/js/ 0
509 B 470ms
468ms Script
application/javascript 2606:4700:10::6814:d732
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.1mg.com/js/ads.js

Requested by

Host: assets.1mg.com
URL: https://assets.1mg.com/hkp/1.0.0/static/js/homePage.bundle.8c38e3f8bde053f15d385c75890958fe.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:d732 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.1mg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 04:08:28 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: BYPASS
last-modified: Fri, 02 Jun 2023 17:20:18 GMT
server: cloudflare
etag: W/"0-1887d1fd5c9"
cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://www.1mglabs.com
cache-control: public, max-age=0
accept-ranges: bytes
cf-ray: 7d1513344ea5bae5-MXP
content-length: 0

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 76 KB
25 KB 117ms
42ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: assets.1mg.com
URL: https://assets.1mg.com/hkp/1.0.0/static/js/homePage.bundle.8c38e3f8bde053f15d385c75890958fe.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ee53c344aa2dbd11917461416f67a476f818b1abd79b81533c81e3e0d57ccbe9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.1mg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 04:08:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25286
x-xss-protection: 0
server: cafe
etag: 899 / 19511 / m202305300101 / config-hash: 2362657388836249790
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 03 Jun 2023 04:08:27 GMT

GET
H2 200 details Show response
www.1mg.com/api/v2/cart/ 628 B
2 KB 163ms
160ms XHR
application/json 2606:4700:10::6814:d732
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.1mg.com/api/v2/cart/details

Requested by

Host: assets.1mg.com
URL: https://assets.1mg.com/hkp/1.0.0/static/js/commons-products.bundle.2ae1ca96d5bb03698da206dc6a1281e9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:d732 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd6e663a4005f3ac7523b608b6b0641dbcb43031f619b134432230444d5f7f5f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://cont-sites.bajajfinserv.in/ https://www.bajajfinserv.in/ https://www.1mg.com/
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

X-HTML-CanRender: True
Pragma: no-cache
HKP-Platform: Healthkartplus-0.0.1-Desktop
X-CSRF-Token: PKFBkCZ2-OMvIGEHt5zH8peojdt8WHdaE3t0
accept-language: it-IT,it;q=0.9
X-Platform: Desktop-0.0.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Accept: application/x-www-form-urlencoded; charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Referer: https://www.1mg.com/

Response headers

date: Sat, 03 Jun 2023 04:08:27 GMT
strict-transport-security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
content-security-policy: frame-ancestors https://cont-sites.bajajfinserv.in/ https://www.bajajfinserv.in/ https://www.1mg.com/
cf-cache-status: DYNAMIC
content-encoding: br
x-dns-prefetch-control: off
x-visitor-id: cc3fc313-70f8-4c92-ccf0-890f693cb554_acce55_1685765306
x-xss-protection: 1; mode=block
server: cloudflare
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
visitor-id: cc3fc313-70f8-4c92-ccf0-890f693cb554_acce55_1685765306
cf-ray: 7d151334aec7bae5-MXP

GET
H2 200 search_loader.svg
www.1mg.com/images/ 687 B
974 B 468ms
463ms Image
image/svg+xml 2606:4700:10::6814:d732
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.1mg.com/images/search_loader.svg

Requested by

Host: www.1mg.com
URL: https://www.1mg.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:d732 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

913d7e209b69e0165ba3c05335f9f69dc9c9ccdd3ffb69fcd659c7ac86cef79b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.1mg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 04:08:28 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: BYPASS
last-modified: Fri, 02 Jun 2023 17:20:18 GMT
server: cloudflare
etag: W/"2af-1887d1fd5b9"
cache-status: HIT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: https://www.1mglabs.com
cache-control: public, max-age=0
cf-ray: 7d151334bec8bae5-MXP

GET
H2 200 c2a0598f-483c-48ff-9783-71e402aa28d3.png
onemg.gumlet.io/a_ignore,w_150,h_150,c_fit,q_auto,f_auto/ 5 KB
5 KB 33ms
28ms Image
image/webp 2600:9000:223f:7c00:d:a7d1:b5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onemg.gumlet.io/a_ignore,w_150,h_150,c_fit,q_auto,f_auto/c2a0598f-483c-48ff-9783-71e402aa28d3.png

Requested by

Host: www.1mg.com
URL: https://www.1mg.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:7c00:d:a7d1:b5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

27667b4c494fd35de941b87744d8e9821f231bc062fea44b39787293c1d7b14e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.1mg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-gumlet-pc: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 14 May 2023 01:05:04 GMT
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
nel: {'report_to': 'gumlet-nel', 'max_age': 604800, 'success_fraction': 0.005, 'response_headers':['content-length'] }
x-gumlet-reqid: 646033bfd4a0d800a651fa10
x-amz-cf-pop: FRA56-P5
age: 1739003
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-gumlet-runtime: 0.422
alt-svc: h3=":443"; ma=86400
content-length: 4758
surrogate-key: onemg.gumlet.io 2023-04-27
etag: "28lk4w6gwspu8"
access-control-max-age: 3600
report-to: {'group': 'gumlet-nel', 'max_age': 604800, 'endpoints': [{'url': 'https://nel.gumlytics.com/report'}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000
vary: accept
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id: HkPt317Ba9kvRIIv8-eOdIatufoDjYg0z3IL5UhW54C18qsGuvzFmg==

GET
H2 200 ab1da5f4-c074-47d2-b278-a5fbd2c93f1f.png
onemg.gumlet.io/a_ignore,w_150,h_150,c_fit,q_auto,f_auto/ 3 KB
4 KB 33ms
29ms Image
image/webp 2600:9000:223f:7c00:d:a7d1:b5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onemg.gumlet.io/a_ignore,w_150,h_150,c_fit,q_auto,f_auto/ab1da5f4-c074-47d2-b278-a5fbd2c93f1f.png

Requested by

Host: www.1mg.com
URL: https://www.1mg.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:7c00:d:a7d1:b5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

ba2e726dc38520a74390030be09ccce20a2b7d4df7c08a999376e70994e198a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.1mg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-gumlet-pc: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 02 Apr 2023 12:34:38 GMT
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "response_headers":["content-length"] }
x-gumlet-reqid: ZCl2XTipGvuFlWxZ
x-amz-cf-pop: FRA56-P5
age: 5326429
x-cache: Hit from cloudfront
x-gumlet-runtime: 0.282
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3236
surrogate-key: onemg.gumlet.io 2023-01-26
etag: "4b6b7b6bc2419ddc"
access-control-max-age: 3600
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000
vary: accept
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id: 7uEj1k8UzUFogZbHdi8mx2ew5Ms7llwrOb2mg6G2flQXnHvybco9uw==

GET
H2 200 702457a8-ff7d-43a6-bd1d-6bcb278ce686.png
onemg.gumlet.io/a_ignore,w_150,h_150,c_fit,q_auto,f_auto/ 4 KB
5 KB 34ms
30ms Image
image/webp 2600:9000:223f:7c00:d:a7d1:b5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onemg.gumlet.io/a_ignore,w_150,h_150,c_fit,q_auto,f_auto/702457a8-ff7d-43a6-bd1d-6bcb278ce686.png

Requested by

Host: www.1mg.com
URL: https://www.1mg.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:7c00:d:a7d1:b5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

faade1f02ac7bd53335ec6fb3fd9ba1696c796e9a1d7362b25e7e59f33591dea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.1mg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-gumlet-pc: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 19 May 2023 20:36:03 GMT
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
nel: {'report_to': 'gumlet-nel', 'max_age': 604800, 'success_fraction': 0.005, 'response_headers':['content-length'] }
x-gumlet-reqid: 6467ddb2a82b8184ab98d034
x-amz-cf-pop: FRA56-P5
age: 1236744
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-gumlet-runtime: 1.033
alt-svc: h3=":443"; ma=86400
content-length: 4236
surrogate-key: onemg.gumlet.io 2023-02-21
etag: "fkpo415l2vum"
access-control-max-age: 3600
report-to: {'group': 'gumlet-nel', 'max_age': 604800, 'endpoints': [{'url': 'https://nel.gumlytics.com/report'}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000
vary: accept
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id: sceDQikS_1rZ1cRY3CHovHI4_PCMgBNhPjWMB4PTTv8K0fLN4Ytfkw==

GET
H2 200 995e64ba-5bd9-42bc-8db6-5dc0b821c89d.png
onemg.gumlet.io/a_ignore,w_150,h_150,c_fit,q_auto,f_auto/ 5 KB
5 KB 34ms
30ms Image
image/webp 2600:9000:223f:7c00:d:a7d1:b5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onemg.gumlet.io/a_ignore,w_150,h_150,c_fit,q_auto,f_auto/995e64ba-5bd9-42bc-8db6-5dc0b821c89d.png

Requested by

Host: www.1mg.com
URL: https://www.1mg.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:7c00:d:a7d1:b5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

d501083ad011d60eb9c00c0cbe55e185c040e52fc3cf83f4dc1655b449957496

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.1mg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-gumlet-pc: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 19 May 2023 04:51:17 GMT
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
nel: {'report_to': 'gumlet-nel', 'max_age': 604800, 'success_fraction': 0.005, 'response_headers':['content-length'] }
x-gumlet-reqid: 646700452c637327400a740e
x-amz-cf-pop: FRA56-P5
age: 1293430
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-gumlet-runtime: 0.011
alt-svc: h3=":443"; ma=86400
content-length: 4642
surrogate-key: onemg.gumlet.io 2023-02-20
etag: "e0c16a1c0820e097"
access-control-max-age: 3600
report-to: {'group': 'gumlet-nel', 'max_age': 604800, 'endpoints': [{'url': 'https://nel.gumlytics.com/report'}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000
vary: accept
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id: dO0IF-ci13QvQjmBiwk1sOWPo7NtLhqjZFQMZIr5KEOlaSNpGMqPzQ==

GET
H2 200 ba975795-98dc-4cd8-8b55-3c20230d70e3.png
onemg.gumlet.io/a_ignore,w_150,h_150,c_fit,q_auto,f_auto/ 3 KB
4 KB 35ms
31ms Image
image/webp 2600:9000:223f:7c00:d:a7d1:b5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onemg.gumlet.io/a_ignore,w_150,h_150,c_fit,q_auto,f_auto/ba975795-98dc-4cd8-8b55-3c20230d70e3.png

Requested by

Host: www.1mg.com
URL: https://www.1mg.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:7c00:d:a7d1:b5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

6fbb6a98b74881cbd603dba92e6d65984529b1b91aaf54837bb32db47805742c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.1mg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-gumlet-pc: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 23 May 2023 08:34:23 GMT
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
nel: {'report_to': 'gumlet-nel', 'max_age': 604800, 'success_fraction': 0.005, 'response_headers':['content-length'] }
x-gumlet-reqid: 646c7a8fbd654add95536e73
x-amz-cf-pop: FRA56-P5
age: 934444
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-gumlet-runtime: 0.011
alt-svc: h3=":443"; ma=86400
content-length: 3350
surrogate-key: onemg.gumlet.io 2023-04-27
etag: "3ubgdjp7dw9gu"
access-control-max-age: 3600
report-to: {'group': 'gumlet-nel', 'max_age': 604800, 'endpoints': [{'url': 'https://nel.gumlytics.com/report'}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000
vary: accept
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id: UsclVGKi2ANMdfYqbkC8fvngfKWAcy2JAsc_EL7koBXBeDM2mJBA0w==

GET
H2 200 e77d5099-d905-4462-ab9d-b51802e3739b.png
onemg.gumlet.io/a_ignore,w_150,h_150,c_fit,q_auto,f_auto/ 3 KB
4 KB 35ms
32ms Image
image/webp 2600:9000:223f:7c00:d:a7d1:b5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onemg.gumlet.io/a_ignore,w_150,h_150,c_fit,q_auto,f_auto/e77d5099-d905-4462-ab9d-b51802e3739b.png

Requested by

Host: www.1mg.com
URL: https://www.1mg.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:7c00:d:a7d1:b5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

d8ae99d64fb7c0abcfab535dcab09a8cd09f7034b4d64a60e7ee6bfe58c3a002

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.1mg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-gumlet-pc: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 24 Mar 2023 23:00:01 GMT
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "response_headers":["content-length"] }
x-gumlet-reqid: ZB4rcIny7Qdf6o37
x-amz-cf-pop: FRA56-P5
age: 6066506
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-gumlet-runtime: 0.603
alt-svc: h3=":443"; ma=86400
content-length: 3008
surrogate-key: onemg.gumlet.io 2023-02-20
etag: "4013ceb443ba4c1c"
access-control-max-age: 3600
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000
vary: accept
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id: XvwJfZaAlctcW795XXGyK6Iwq90mz3zy2-w09J7KCiZTVTbgrvfMMg==

GET
H2 200 6f9a726a-4a98-42e6-a834-67381be5e330.png
onemg.gumlet.io/a_ignore,w_150,h_150,c_fit,q_auto,f_auto/ 3 KB
4 KB 36ms
33ms Image
image/webp 2600:9000:223f:7c00:d:a7d1:b5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onemg.gumlet.io/a_ignore,w_150,h_150,c_fit,q_auto,f_auto/6f9a726a-4a98-42e6-a834-67381be5e330.png

Requested by

Host: www.1mg.com
URL: https://www.1mg.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:7c00:d:a7d1:b5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

958205ec90ec2c96aef39cb092037e469cea821da49c4e30f738fe0ea4f47e36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.1mg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-gumlet-pc: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 22 May 2023 05:46:58 GMT
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
nel: {'report_to': 'gumlet-nel', 'max_age': 604800, 'success_fraction': 0.005, 'response_headers':['content-length'] }
x-gumlet-reqid: 646b01d24cf61f774b1e44d2
x-amz-cf-pop: FRA56-P5
age: 1030889
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-gumlet-runtime: 0.393
alt-svc: h3=":443"; ma=86400
content-length: 3284
surrogate-key: onemg.gumlet.io 2023-05-20
etag: "23y8wjgeganx1"
access-control-max-age: 3600
report-to: {'group': 'gumlet-nel', 'max_age': 604800, 'endpoints': [{'url': 'https://nel.gumlytics.com/report'}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
vary: accept
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id: rpeVmLxcO_8_qhv-3RaC6_MOxSnZWNe8G4Wlx1aL927XhBlgfsfKww==

GET
H2 200 ce42a7a6-3952-4705-9dd9-8bd94387d922.png
onemg.gumlet.io/a_ignore,w_150,h_150,c_fit,q_auto,f_auto/ 2 KB
3 KB 38ms
34ms Image
image/webp 2600:9000:223f:7c00:d:a7d1:b5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onemg.gumlet.io/a_ignore,w_150,h_150,c_fit,q_auto,f_auto/ce42a7a6-3952-4705-9dd9-8bd94387d922.png

Requested by

Host: www.1mg.com
URL: https://www.1mg.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:7c00:d:a7d1:b5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

2022c830a028cdcffae1fd10f1b292f703d521b06d7cecb27e84068f71b1c99f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.1mg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-gumlet-pc: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 30 May 2023 06:05:41 GMT
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
nel: {'report_to': 'gumlet-nel', 'max_age': 604800, 'success_fraction': 0.005, 'response_headers':['content-length'] }
x-gumlet-reqid: 647592353c991c1676302e37
x-amz-cf-pop: FRA56-P5
age: 338566
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-gumlet-runtime: 0.446
alt-svc: h3=":443"; ma=86400
content-length: 2470
surrogate-key: onemg.gumlet.io 2023-05-30
etag: "1mxvezlvr8siv"
access-control-max-age: 3600
report-to: {'group': 'gumlet-nel', 'max_age': 604800, 'endpoints': [{'url': 'https://nel.gumlytics.com/report'}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
vary: accept
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id: Xcp8Hib5jmMwBA7aNb61N4e21l3FMK5CfzqFEoVPIrpLTo4gkdYhxw==

GET
H2 200 90722eb9-89d6-4d0c-b38a-4962b2aeeb29.png
onemg.gumlet.io/a_ignore,w_150,h_150,c_fit,q_auto,f_auto/ 3 KB
4 KB 39ms
35ms Image
image/webp 2600:9000:223f:7c00:d:a7d1:b5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onemg.gumlet.io/a_ignore,w_150,h_150,c_fit,q_auto,f_auto/90722eb9-89d6-4d0c-b38a-4962b2aeeb29.png

Requested by

Host: www.1mg.com
URL: https://www.1mg.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:7c00:d:a7d1:b5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

6cc2f04e17b6ecc99628aa90e8ef551cb1fb309726263e40f62ac5b74ef2958c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.1mg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-gumlet-pc: MISS
date: Fri, 02 Jun 2023 06:00:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
nel: {'report_to': 'gumlet-nel', 'max_age': 604800, 'success_fraction': 0.005, 'response_headers':['content-length'] }
x-gumlet-oc: HIT
x-gumlet-reqid: ZHmFbnehF1f5sRza
x-amz-cf-pop: FRA56-P5
age: 79692
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-gumlet-runtime: 0.673
alt-svc: h3=":443"; ma=86400
content-length: 2972
surrogate-key: onemg.gumlet.io 2023-06-02
etag: "ad8c6dox80xg"
access-control-max-age: 3600
report-to: {'group': 'gumlet-nel', 'max_age': 604800, 'endpoints': [{'url': 'https://nel.gumlytics.com/report'}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
vary: accept
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id: ZVd2gTHY9gcaqwzFSKdxIb-db0iMd4rkBhB20NixtsOZfTdtelD8uw==

GET
H2 200 3523e29c-e794-40df-9b06-68d31867af5b.png
onemg.gumlet.io/a_ignore,w_150,h_150,c_fit,q_auto,f_auto/ 3 KB
4 KB 41ms
38ms Image
image/webp 2600:9000:223f:7c00:d:a7d1:b5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onemg.gumlet.io/a_ignore,w_150,h_150,c_fit,q_auto,f_auto/3523e29c-e794-40df-9b06-68d31867af5b.png

Requested by

Host: www.1mg.com
URL: https://www.1mg.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:7c00:d:a7d1:b5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

4608ec525138adb3319e7701f26397b7ca04d0f57775d6cd6a16d98649ef8377

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.1mg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-gumlet-pc: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 02 Jun 2023 06:01:21 GMT
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
nel: {'report_to': 'gumlet-nel', 'max_age': 604800, 'success_fraction': 0.005, 'response_headers':['content-length'] }
x-gumlet-reqid: 647985b0a408ee1ff978a688
x-amz-cf-pop: FRA56-P5
age: 79626
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-gumlet-runtime: 0.982
alt-svc: h3=":443"; ma=86400
content-length: 2868
surrogate-key: onemg.gumlet.io 2023-06-02
etag: "wggktb0h5tkf"
access-control-max-age: 3600
report-to: {'group': 'gumlet-nel', 'max_age': 604800, 'endpoints': [{'url': 'https://nel.gumlytics.com/report'}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
vary: accept
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id: 2lL6eTM6icpJEQ5Weyy0YZl9EXOOc_QqApGNWJap3QPbb3qNS-cHHQ==

GET
H2 200 d8a59649-9c2d-428b-adb2-0e70dc887999.png
onemg.gumlet.io/a_ignore,w_150,h_150,c_fit,q_auto,f_auto/ 2 KB
3 KB 56ms
53ms Image
image/webp 2600:9000:223f:7c00:d:a7d1:b5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onemg.gumlet.io/a_ignore,w_150,h_150,c_fit,q_auto,f_auto/d8a59649-9c2d-428b-adb2-0e70dc887999.png

Requested by

Host: www.1mg.com
URL: https://www.1mg.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:7c00:d:a7d1:b5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

0c3c264c42fd38233750081940672cc7a28dc911dff84eff35ae32abb9a92229

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.1mg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-gumlet-pc: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 30 May 2023 06:08:10 GMT
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
nel: {'report_to': 'gumlet-nel', 'max_age': 604800, 'success_fraction': 0.005, 'response_headers':['content-length'] }
x-gumlet-reqid: 647592cae81431ca7b1d46c0
x-amz-cf-pop: FRA56-P5
age: 338417
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-gumlet-runtime: 0.388
alt-svc: h3=":443"; ma=86400
content-length: 2410
surrogate-key: onemg.gumlet.io 2023-05-30
etag: "2el9tj36axdv7"
access-control-max-age: 3600
report-to: {'group': 'gumlet-nel', 'max_age': 604800, 'endpoints': [{'url': 'https://nel.gumlytics.com/report'}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
vary: accept
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id: ZWQrWXW_-HbEHw06TV42UGenjaOZTP4_De_JZSwrV2LWgiCUtKdnfQ==

GET
H2 200 5bb790b7-f7e0-488d-b9c6-38b9d36dd6c1.png
onemg.gumlet.io/a_ignore,w_150,h_150,c_fit,q_auto,f_auto/ 2 KB
3 KB 55ms
52ms Image
image/webp 2600:9000:223f:7c00:d:a7d1:b5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onemg.gumlet.io/a_ignore,w_150,h_150,c_fit,q_auto,f_auto/5bb790b7-f7e0-488d-b9c6-38b9d36dd6c1.png

Requested by

Host: www.1mg.com
URL: https://www.1mg.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:7c00:d:a7d1:b5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

ba1fc3f5796ff01b71a37a77a518b67037bb8c90ded800dc6ae642b9b189ff79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.1mg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-gumlet-pc: MISS
date: Fri, 02 Jun 2023 06:00:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
nel: {'report_to': 'gumlet-nel', 'max_age': 604800, 'success_fraction': 0.005, 'response_headers':['content-length'] }
x-gumlet-oc: HIT
x-gumlet-reqid: ZHmFcNO+2vq1SVT9
x-amz-cf-pop: FRA56-P5
age: 79689
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-gumlet-runtime: 1.38
alt-svc: h3=":443"; ma=86400
content-length: 2086
surrogate-key: onemg.gumlet.io 2023-06-02
etag: "31m4z1nueuy13"
access-control-max-age: 3600
report-to: {'group': 'gumlet-nel', 'max_age': 604800, 'endpoints': [{'url': 'https://nel.gumlytics.com/report'}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
vary: accept
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id: o-8Jfgzwid3IuEP_MlOUHpHjvku83ApwSbw52jEEzDzNcSe7y8aT2g==

GET
H2 200 38ebe2b0-08c6-475c-9e4e-876c9cb7b402.png
onemg.gumlet.io/a_ignore,w_150,h_150,c_fit,q_auto,f_auto/ 3 KB
4 KB 56ms
53ms Image
image/webp 2600:9000:223f:7c00:d:a7d1:b5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onemg.gumlet.io/a_ignore,w_150,h_150,c_fit,q_auto,f_auto/38ebe2b0-08c6-475c-9e4e-876c9cb7b402.png

Requested by

Host: www.1mg.com
URL: https://www.1mg.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:7c00:d:a7d1:b5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

b1da6e401d673ef31777dfef7b670abf1acf54608535740a9fcba713e67a542d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.1mg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-gumlet-pc: MISS
date: Fri, 02 Jun 2023 06:00:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
nel: {'report_to': 'gumlet-nel', 'max_age': 604800, 'success_fraction': 0.005, 'response_headers':['content-length'] }
x-gumlet-oc: HIT
x-gumlet-reqid: ZHmFb0c55M8yLqzD
x-amz-cf-pop: FRA56-P5
age: 79691
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-gumlet-runtime: 0.55
alt-svc: h3=":443"; ma=86400
content-length: 3060
surrogate-key: onemg.gumlet.io 2023-06-02
etag: "zu1ygtyvwc5d"
access-control-max-age: 3600
report-to: {'group': 'gumlet-nel', 'max_age': 604800, 'endpoints': [{'url': 'https://nel.gumlytics.com/report'}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
vary: accept
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id: 6yDQS04BVK9ZjFctZMq9WzPiVIgs2_MaYBfd-rVBttlmg-yPp7c0LA==

GET
H2 200 e1291dcf-f398-4cb9-b151-bcd6f1fe7b57.png
onemg.gumlet.io/a_ignore,w_150,h_150,c_fit,q_auto,f_auto/ 3 KB
4 KB 56ms
54ms Image
image/webp 2600:9000:223f:7c00:d:a7d1:b5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onemg.gumlet.io/a_ignore,w_150,h_150,c_fit,q_auto,f_auto/e1291dcf-f398-4cb9-b151-bcd6f1fe7b57.png

Requested by

Host: www.1mg.com
URL: https://www.1mg.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:7c00:d:a7d1:b5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

7b7ba0249d75f288d37e5879ee8a886dd7dbf86b34433b22592d6e9368cd657b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.1mg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-gumlet-pc: MISS
date: Fri, 02 Jun 2023 06:00:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
nel: {'report_to': 'gumlet-nel', 'max_age': 604800, 'success_fraction': 0.005, 'response_headers':['content-length'] }
x-gumlet-oc: HIT
x-gumlet-reqid: ZHmFcDOhlqj7wuDv
x-amz-cf-pop: FRA56-P5
age: 79690
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-gumlet-runtime: 0.734
alt-svc: h3=":443"; ma=86400
content-length: 2986
surrogate-key: onemg.gumlet.io 2023-06-02
etag: "14c0jxsd0z3lt"
access-control-max-age: 3600
report-to: {'group': 'gumlet-nel', 'max_age': 604800, 'endpoints': [{'url': 'https://nel.gumlytics.com/report'}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
vary: accept
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id: Pj7_5Qdrv2TfA1PDdxxXazSzd1Ih4IO56fPzxNTSRjI429KsXgjYMA==

GET
H2 200 watch_icon.svg
assets.1mg.com/hkp/1.0.0/static/images/ 765 B
634 B 39ms
36ms Image
image/svg+xml 2606:4700:10::6814:d732
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.1mg.com/hkp/1.0.0/static/images/watch_icon.svg
Requested by: Host: www.1mg.com
URL: https://www.1mg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:d732 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf4084fed3de0377f36385aca1ed62af8daa37cc4756b6a1640e874011824284

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.1mg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 04:08:27 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 02 Jun 2023 17:34:39 GMT
server: cloudflare
x-amz-request-id: D47Q72N31GPM2DMH
age: 36452
etag: W/"2f2f22924c12c765da8b46fe19b64c6c"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 7d151334bec9bae5-MXP
x-amz-id-2: +D0wgCp0EVXbZZG92wx07xPVvAmhRS6PbHd+hJo0840R5SdgPZoTWZHgciBd4aEt4RNW0/kxYrk=

GET
H2 200 31303ed7-be3f-4840-be58-ea2ebf5d7fcc_1660815255.jpg
onemg.gumlet.io/ 147 KB
148 KB 260ms
258ms Image
application/x-www-form-urlencoded 2600:9000:223f:7c00:d:a7d1:b5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onemg.gumlet.io/31303ed7-be3f-4840-be58-ea2ebf5d7fcc_1660815255.jpg?w=1067&h=250&format=auto

Requested by

Host: www.1mg.com
URL: https://www.1mg.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:7c00:d:a7d1:b5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

b390abb00c8303f368578e1c09798505b1b9fe8d9dbb8808534998a1c0c5947b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.1mg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-gumlet-pc: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 03 Jun 2023 04:08:27 GMT
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
nel: {'report_to': 'gumlet-nel', 'max_age': 604800, 'success_fraction': 0.005, 'response_headers':['content-length'] }
x-gumlet-reqid: 647abcbb4dbd8bd597dc9b0e
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
x-gumlet-runtime: 0.016
alt-svc: h3=":443"; ma=86400
content-length: 150330
surrogate-key: onemg.gumlet.io 2023-03-14
etag: "31lmapxqqyqub"
access-control-max-age: 3600
report-to: {'group': 'gumlet-nel', 'max_age': 604800, 'endpoints': [{'url': 'https://nel.gumlytics.com/report'}]}
content-type: application/x-www-form-urlencoded
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id: iakXM0RKfy1Ys89DE9UhnLQ4n8dLGP6hOouLAJTO_336Lm5coH65Mw==

OPTIONS
H2 200 identify
rudderapi.1mg.com/v1/ Frame 0
0 484ms
475ms Preflight 2606:4700:10::6814:d732
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rudderapi.1mg.com/v1/identify
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:d732 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: anonymousid,authorization,content-type
Access-Control-Request-Method: POST
Origin: https://www.1mg.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Anonymousid, Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: https://www.1mg.com
access-control-max-age: 900
cf-cache-status: DYNAMIC
cf-ray: 7d151334fb8fbab5-MXP
content-length: 0
date: Sat, 03 Jun 2023 04:08:28 GMT
server: cloudflare
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

OPTIONS
H2 200 page
rudderapi.1mg.com/v1/ Frame 0
0 494ms
493ms Preflight 2606:4700:10::6814:d732
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rudderapi.1mg.com/v1/page
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:d732 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: anonymousid,authorization,content-type
Access-Control-Request-Method: POST
Origin: https://www.1mg.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Anonymousid, Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: https://www.1mg.com
access-control-max-age: 900
cf-cache-status: DYNAMIC
cf-ray: 7d151334fb90bab5-MXP
content-length: 0
date: Sat, 03 Jun 2023 04:08:28 GMT
server: cloudflare
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H2 200 identify Show response
rudderapi.1mg.com/v1/ 2 B
77 B 163ms
163ms XHR
text/plain 2606:4700:10::6814:d732
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rudderapi.1mg.com/v1/identify
Requested by: Host: cdn.rudderlabs.com
URL: https://cdn.rudderlabs.com/v1.1/rudder-analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:d732 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://www.1mg.com/
accept-language: it-IT,it;q=0.9
Authorization: Basic MVh3MHIzaDVVa0poVGQ3aTRNeVdZeWpEUUZaOg==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
AnonymousId: ZTg2YjA5NjMtZTNkNy00ZWIxLWFhYjktMjhkMTY0YTJmY2Rm
Content-Type: application/json

Response headers

date: Sat, 03 Jun 2023 04:08:28 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.1mg.com
access-control-allow-credentials: true
cf-ray: 7d151337fccdbab5-MXP
content-length: 2

POST
H2 200 page Show response
rudderapi.1mg.com/v1/ 2 B
56 B 165ms
163ms XHR
text/plain 2606:4700:10::6814:d732
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rudderapi.1mg.com/v1/page
Requested by: Host: cdn.rudderlabs.com
URL: https://cdn.rudderlabs.com/v1.1/rudder-analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:d732 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://www.1mg.com/
accept-language: it-IT,it;q=0.9
Authorization: Basic MVh3MHIzaDVVa0poVGQ3aTRNeVdZeWpEUUZaOg==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
AnonymousId: ZTg2YjA5NjMtZTNkNy00ZWIxLWFhYjktMjhkMTY0YTJmY2Rm
Content-Type: application/json

Response headers

date: Sat, 03 Jun 2023 04:08:28 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.1mg.com
access-control-allow-credentials: true
cf-ray: 7d1513381cd8bab5-MXP
content-length: 2

GET
H2 200 Fullstory.min.js Show response
cdn.rudderlabs.com/v1.1/js-integrations/ 6 KB
3 KB 26ms
26ms Script
text/javascript 2600:9000:214f:be00:16:a497:9700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rudderlabs.com/v1.1/js-integrations/Fullstory.min.js
Requested by: Host: cdn.rudderlabs.com
URL: https://cdn.rudderlabs.com/v1.1/rudder-analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:be00:16:a497:9700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f7365ca49223d2539984a5871fcf08589c55e804505647f008eecec38d63097a

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.1mg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:14:40 GMT
content-encoding: gzip
via: 1.1 c714e4f593454d65f62cf3fecf756a4c.cloudfront.net (CloudFront)
last-modified: Mon, 29 May 2023 08:59:11 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 3228
x-amz-server-side-encryption: AES256
etag: W/"4f4fe34d2fe0ef5c68cd831a421c0847"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: rLCRKMcd8Q8KXXy0_-VFVtU4KSWZqt_idRjuQNGieWH2pKpsnYYVyQ==

OPTIONS
H2 200 track
rudderapi.1mg.com/v1/ Frame 0
0 460ms
459ms Preflight 2606:4700:10::6814:d732
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rudderapi.1mg.com/v1/track
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:d732 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: anonymousid,authorization,content-type
Access-Control-Request-Method: POST
Origin: https://www.1mg.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Anonymousid, Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: https://www.1mg.com
access-control-max-age: 900
cf-cache-status: DYNAMIC
cf-ray: 7d151335abe7bab5-MXP
content-length: 0
date: Sat, 03 Jun 2023 04:08:28 GMT
server: cloudflare
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H2 200 track Show response
rudderapi.1mg.com/v1/ 2 B
56 B 181ms
181ms XHR
text/plain 2606:4700:10::6814:d732
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rudderapi.1mg.com/v1/track
Requested by: Host: cdn.rudderlabs.com
URL: https://cdn.rudderlabs.com/v1.1/rudder-analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:d732 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://www.1mg.com/
accept-language: it-IT,it;q=0.9
Authorization: Basic MVh3MHIzaDVVa0poVGQ3aTRNeVdZeWpEUUZaOg==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
AnonymousId: ZTg2YjA5NjMtZTNkNy00ZWIxLWFhYjktMjhkMTY0YTJmY2Rm
Content-Type: application/json

Response headers

date: Sat, 03 Jun 2023 04:08:28 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.1mg.com
access-control-allow-credentials: true
cf-ray: 7d1513388d02bab5-MXP
content-length: 2

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 427 KB
99 KB 137ms
67ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KR9MB8

Requested by

Host: www.1mg.com
URL: https://www.1mg.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7d4c25a7fc31f4ed93a933538aea682af4dc0e79e7df107922d9ba7c061c3220

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.1mg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 04:08:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 101304
x-xss-protection: 0
last-modified: Sat, 03 Jun 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 03 Jun 2023 04:08:27 GMT

GET
H2 200 mgsensor.js Show response
a.mgid.com/ 15 KB
5 KB 177ms
128ms Script
application/javascript 2606:4700:1::6813:864e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.mgid.com/mgsensor.js?d=1685765307829
Requested by: Host: www.1mg.com
URL: https://www.1mg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcc6b633543bcc378409b05b180dd30d3d8104624c0948612f7ea501b103fe25

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.1mg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 04:08:27 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: 8f5f3e6f-88e9-4dbc-a279-7591cbcd3457
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 7d1513364c715a43-MXP
alt-svc: h3=":443"; ma=86400

GET
H2 200 bat.js Show response
bat.bing.com/ 40 KB
12 KB 162ms
66ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.1mg.com
URL: https://www.1mg.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

679804e244b4127b7ecd99a513b57d6a4f91866410e16da69ce02f98f534051d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.1mg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Sat, 03 Jun 2023 04:08:27 GMT
last-modified: Thu, 11 May 2023 18:08:27 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E2CFBEF9F94344C2B6D92CD8C3727794 Ref B: FRAEDGE1207 Ref C: 2023-06-03T04:08:27Z
etag: "80df77953384d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 12183

GET
H3 200 inferredevents.js Show response
connect.facebook.net/signals/plugins/ 71 KB
21 KB 29ms
28ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/inferredevents.js?v=2.9.106

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0b56dd809f978c08d4d736c90412e7d66e54aa4059d2e0b2b79f444dd734200f

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.1mg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 03 Jun 2023 04:08:27 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 21675
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 5C0jmbC/fISrIcS8OrUnFZQaRtlySSYHUYNNiNNlqtGYoCxF1VorZWLc75fw8pLMFOeemw+BCEhLvz31rJtVwQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305300101/ 408 KB
126 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305300101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

325be98d467be29fd7b3d1c36f2e137806b171ca7d73ef3b535e198ec0bd1dc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.1mg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 12:28:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56382
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128806
x-xss-protection: 0
server: cafe
etag: 8074574313080668351
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 01 Jun 2024 12:28:45 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 33 B
59 B 115ms
40ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.1mg.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c6207e13be6c6414fd629989639b8670bb9a873c669afdcf6086e2ad3679831b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.1mg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 04:08:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
x-xss-protection: 0
expires: Sat, 03 Jun 2023 04:08:28 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 93ms
26ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1533315340292439&ev=PageView&dl=https%3A%2F%2Fwww.1mg.com%2F&rl=&if=false&ts=1685765307981&sw=1600&sh=1200&v=2.9.106&r=stable&ec=0&o=28&fbp=fb.1.1685765307979.1426715355&it=1685765307287&coo=false&exp=a1&rqm=GET

Requested by

Host: www.1mg.com
URL: https://www.1mg.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.1mg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 03 Jun 2023 04:08:28 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 fs.js Show response
edge.fullstory.com/s/ 248 KB
67 KB 84ms
17ms Script
application/javascript 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/fs.js
Requested by: Host: cdn.rudderlabs.com
URL: https://cdn.rudderlabs.com/v1.1/js-integrations/Fullstory.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 27ffcafcc00a23e92cd2ed2f18a862100cbc2e09eb7bce9e0662fb85a09ef0f4

Request headers

Referer: https://www.1mg.com/
Origin: https://www.1mg.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:43:13 GMT
content-encoding: br
age: 1515
x-guploader-uploadid: ADPycdumbQtIdIpDUsC1u7FYQ8DWvD2NXPC1sClzgL_-oCU8TKbvkz56t3kIYHutfWlS_iGd-_zVraZpM4KVDYcqrcDy6Q
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68228
last-modified: Wed, 31 May 2023 17:33:38 GMT
server: UploadServer
etag: "497387a475c29702771e4e72e0480c5f"
vary: Accept-Encoding
x-goog-generation: 1685554418094773
x-goog-hash: crc32c=FH1YzA==, md5=SXOHpHXClwJ3Hk5y4EgMXw==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 68228
accept-ranges: bytes
content-type: application/javascript
expires: Sat, 03 Jun 2023 04:43:13 GMT

GET
H2 204 5268488.js Show response
bat.bing.com/p/action/ 0
117 B 163ms
162ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5268488.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.1mg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Sat, 03 Jun 2023 04:08:27 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 46D14D7D304F4A1986C5B8797109A63D Ref B: FRAEDGE1207 Ref C: 2023-06-03T04:08:28Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
285 B 62ms
62ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5268488&Ver=2&mid=ab9b174f-3b74-466f-8151-ae0291feaa18&sid=4b16ef1001c411eebb0965cefdc39369&vid=4b17a4e001c411ee94326b367f497d77&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Online%20Pharmacy%20India%20%7C%20Buy%20Medicines%20from%20India%27s%20Trusted%20Medicine%20Store%3A%201mg.com&kw=online%20pharmacy,%20online%20medicine,%20medicine%20online,%20online%20medical%20store,%20buy%20medicine%20online,%20online%20pharmacy%20India,%20buy%20medicine%20online%20India,%20online%20chemist,%20online%20medicine%20purchase&p=https%3A%2F%2Fwww.1mg.com%2F&r=&lt=1872&evt=pageLoad&sv=1&rn=707370

Requested by

Host: www.1mg.com
URL: https://www.1mg.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.1mg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 03 Jun 2023 04:08:27 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 123AC534C14B49E4B1ED736BDA2A1196 Ref B: FRAEDGE1207 Ref C: 2023-06-03T04:08:28Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1x1.gif
a.mgid.com/ 43 B
129 B 147ms
146ms Image
image/gif 2606:4700:1::6813:864e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.mgid.com/1x1.gif?id=625948&type=c&tg=&r=https%3A%2F%2Fwww.1mg.com%2F&nv=1&clid=&clidv=0&d=1685765308040
Requested by: Host: www.1mg.com
URL: https://www.1mg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.1mg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 04:08:28 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7d1513374cfc5a43-MXP
alt-svc: h3=":443"; ma=86400
content-length: 43
content-type: image/gif

GET
H2 200 integrator.js Show response
adservice.google.it/adsid/ 107 B
531 B 168ms
44ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.it/adsid/integrator.js?domain=www.1mg.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305300101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.1mg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 04:08:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 118ms
39ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.1mg.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305300101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.1mg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 04:08:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 682 B
376 B 67ms
65ms XHR
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3384624119700515&correlator=3547073954569953&eid=31073865%2C31075060%2C31070233&output=ldjh&gdfp_req=1&vrg=202305300101&ptt=17&impl=fifs&iu_parts=67416580%2CDWEB_ROADBLOCK_900x493_PROD&enc_prev_ius=0%2F1&prev_iu_szs=900x493&ifi=1&adks=762095720&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1685765308174&lmt=1685765308&dlt=1685765306950&idt=1100&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.1mg.com%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=644&ohw=0&ga_vid=1070920478.1685765308&ga_sid=1685765308&ga_hid=2040038149&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305300101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6843d81056dc938b65860be3e398871fe61a5cf8e1d9d5262b2c9be5fd7de00f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.1mg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 04:08:28 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 346
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.1mg.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
e52e961b8bb7e1421041f035d13b3981.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 90B0 6 KB
3 KB 148ms
36ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e52e961b8bb7e1421041f035d13b3981.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305300101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.1mg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 03 Jun 2023 04:08:28 GMT
expires: Sun, 02 Jun 2024 04:08:28 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 137ms
28ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KR9MB8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.1mg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 03 Jun 2023 02:35:30 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 5578
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Sat, 03 Jun 2023 04:35:30 GMT

GET
H2 200 singular-gtm-interface.js Show response
web-sdk-cdn.singular.net/singular-gtm-interface/latest/ 5 KB
2 KB 196ms
30ms Script
application/javascript 2a02:26f0:780::210:ca7a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://web-sdk-cdn.singular.net/singular-gtm-interface/latest/singular-gtm-interface.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KR9MB8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::210:ca7a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 229b005e2be041608b705607939624dfc0758f970a29d2c766bc53018c1d9fb4

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.1mg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 04:08:28 GMT
content-encoding: gzip
last-modified: Tue, 22 Jun 2021 12:44:26 GMT
x-amz-cf-pop: FRA2-C1
etag: W/"02290290bd663376e4d6931dc9561ed0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1
server-timing: cdn-cache; desc=REVALIDATE, edge; dur=4, origin; dur=2, ak_p; desc="468268_34654838_55468873_608_684_30_0";dur=1
content-length: 1177
x-amz-cf-id: ob48Ih2hfpUDIkOGUWsjkIDgRrJmF7qWmU0Ts6MeO3aWRBZxpm1b5g==

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 67 KB
22 KB 144ms
37ms Script
text/javascript 2600:9000:225e:a200:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KR9MB8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:a200:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 226c9a2c80c75e3c5d7d197c484adb7d63e6ea36270af348bc223be73e8cd059

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.1mg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

X-Amz-Version-Id: 7FBoqqSL1b96.AgPH.JEYo4TSgYS0kb0
Content-Encoding: gzip
Via: 1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
Date: Sat, 03 Jun 2023 03:43:48 GMT
Age: 1486
X-Amz-Cf-Pop: FRA60-P4
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 09 May 2023 21:27:29 GMT
Server: AmazonS3
Etag: W/"7866810a321f41ea101e7bcfaa572323"
Vary: Accept-Encoding
Access-Control-Max-Age: 600
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: 17_B6XDghAt1LiUT_dJ9cJggXHdk65mZLHudd1DRdtZ-xtBZfiakyg==

GET
H2 200 settings Show response
www.notifyvisitors.com/ext/v1/ 24 KB
7 KB 344ms
231ms Script
text/html 2600:9000:2156:6200:14:81fb:1e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.notifyvisitors.com/ext/v1/settings?bid_e=1948D672A79F22D332F654FB766E7DC2&bid=2023&t=420&iFrame=false&trafficSource=&link_referrer=&pageUrl=https%3A%2F%2Fwww.1mg.com%2F&path=%2F&domain=https%3A%2F%2Fwww.1mg.com&gmOffset=0&screenWidth=1600&screenHeight=1200&isPwa=0&cookieData=VISITOR-ID%3Dcc3fc313-70f8-4c92-ccf0-890f693cb554_acce55_1685765306%3B%20city%3DNew%2520Delhi%3B%20abVisitorId%3D594580%3B%20abExperimentShow%3Dfalse%3B%20amoSessionId%3Dd1b60573-7591-4cc5-9ccd-4977562ad16b%3B%20_csrf%3DA8Q9_gScRbNz3ShSPeOILIU9%3B%20isLocaleRedirect%3Dfalse%3B%20isLocaleUIChange%3Dfalse%3B%20rl_group_id%3DRudderEncrypt%253AU2FsdGVkX1%252BuZsiuOk9o%252BwWwQypucilmQk7M7Qg71nc%253D%3B%20rl_group_trait%3DRudderEncrypt%253AU2FsdGVkX1%252BQvck0OYH4Dv2yQBfuKKaEjzCxNkrVmWg%253D%3B%20rl_anonymous_id%3DRudderEncrypt%253AU2FsdGVkX1%252BVtinhRQqLJ4HiHilsPV23UsNXsv7kQ3AmkQYWZB99LLAtKtf6l2ZhfBJboY9gIykTpXSu6CRyjw%253D%253D%3B%20rl_page_init_referrer%3DRudderEncrypt%253AU2FsdGVkX1%252BWg%252FlOp8JJdkbreLo2vK6zFxVOXdDYvWw%253D%3B%20rl_page_init_referring_domain%3DRudderEncrypt%253AU2FsdGVkX1%252BpsLymNVFwN%252Bg%252BSYZoLfvAHAiCVHwiwtw%253D%3B%20rl_user_id%3DRudderEncrypt%253AU2FsdGVkX19WKkwLWZyl3d0%252BaAHefwP%252FqnpoDFu24o9pcuPQyU2%252FKTwV8%252B0U8FNuuDRlX4Z3Dl47F3Ta1nH5UqM7%252F6zoZn1A9CrUf4mdcZw%253D%3B%20rl_trait%3DRudderEncrypt%253AU2FsdGVkX181uRxbvKamNxMuFmnM2iA3mVc6SC0iPKaenW4b85sTu2zY1bKxJF5MYyWoCFv7Z17WgBIJoZFAgA%253D%253D%3B%20rl_session%3DRudderEncrypt%253AU2FsdGVkX1%252BmJG6cLmv%252BksF53OXQHRBu26l%252Flm2CMKKZYUimjqc4lZcBwNfBmA9M6hxkrX0RSRtE4hoXDvQmj8u%252B%252BEUsN%252B8zc7W4hIWlQr6WAS1Jw3yyPFR8A1M4Kv5PMd4tC3%252FBtxgVmdyCn7GcGQ%253D%253D%3B%20geolocation%3Dfalse%3B%20_fbp%3Dfb.1.1685765307979.1426715355%3B%20_uetsid%3D4b16ef1001c411eebb0965cefdc39369%3B%20_uetvid%3D4b17a4e001c411ee94326b367f497d77%3B%20MgidSensorNVis%3D1%3B%20MgidSensorHref%3Dhttps%3A%2F%2Fwww.1mg.com%2F%3B%20AWSALBTG%3DwyPC8ZlcXSGDby7E51ylI1V%2Fa4WuwUwdirKZtQRpSb56KOrTSzNmYj9y8gibkVAMX6DCpfuK1k8tBj80HgxS9KrjPTf3Q8FpRhuHYmWnyMY6XQebZw9DMeJE6Z7NF0qRGmFghhYFf00NNbEiDYoxs5Mnko2FNneEtLhqikhRSSjs%3B%20AWSALBTGCORS%3DwyPC8ZlcXSGDby7E51ylI1V%2Fa4WuwUwdirKZtQRpSb56KOrTSzNmYj9y8gibkVAMX6DCpfuK1k8tBj80HgxS9KrjPTf3Q8FpRhuHYmWnyMY6XQebZw9DMeJE6Z7NF0qRGmFghhYFf00NNbEiDYoxs5Mnko2FNneEtLhqikhRSSjs%3B%20_gcl_au%3D1.1.1767335724.1685765308&ruleData=%7B%22city%22%3A%22New%20Delhi%22%7D&storage=%7B%22session%22%3A%7B%7D%2C%22local%22%3A%7B%7D%7D&

Requested by

Host: www.1mg.com
URL: https://www.1mg.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:6200:14:81fb:1e80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

6929a369a3847f998d5344e3bfefa7f8fcbd23a47854993f529599dfaa6a966c

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.1mg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 04:08:28 GMT
content-encoding: gzip
via: 1.1 9eb0e845437929074828e0cf53f179ae.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA50-C1
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
x-amz-cf-id: -C7nPMIMrB6mqe7ajy6Hg2pcm2w7t1-yCy5dy98Ht5xCZzi8mjQmCw==
x-xss-protection: 1; mode=block

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 358 KB
120 KB 149ms
37ms Script
text/javascript 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KR9MB8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1f7d57c54a2f168df796106063e89d2c6dc208ceeb2fca5257ed9297ec2bf88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.1mg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 04:08:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122262
x-xss-protection: 0
expires: Sat, 03 Jun 2023 04:08:28 GMT

GET
H2 200 ld.js Show response
static.criteo.net/js/ld/ 45 KB
15 KB 157ms
46ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/ld.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KR9MB8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ab26e787fa89d35aced53de24ee22db847af08d248be4ae79ac5067ecb476557

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.1mg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 04:08:28 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 17 May 2023 12:05:15 GMT
server: nginx
etag: W/"6464c2fb-b219"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 04 Jun 2023 04:08:28 GMT

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 22 KB
7 KB 155ms
41ms Script
application/x-javascript 23.32.185.60
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: www.1mg.com
URL: https://www.1mg.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-60.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4ad5f5e1be2bfad0b36f324d134a09956a3bb0c2c6b824b20a237a1f8c96cfd2

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.1mg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Sat, 03 Jun 2023 04:08:28 GMT
Content-Encoding: gzip
Last-Modified: Thu, 04 May 2023 06:28:15 GMT
Server: AkamaiNetStorage
ETag: "5eb6cb81dec36b8e936c154fb603efbb:1683181933.901167"
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-RG: EU
Cache-Control: max-age=1200
X-CC: IT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6835
Expires: Sat, 03 Jun 2023 04:28:28 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 255 KB
86 KB 44ms
39ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-NPGHGVF7FB&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KR9MB8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

240beaf6dceec1738d706cc5618de6f569d517fb5cd1b31f0246dafa70017667

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.1mg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 04:08:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 87985
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 03 Jun 2023 04:08:28 GMT

GET
H2 200 web Show response
edge.fullstory.com/s/settings/11EGJ5/v1/ 40 KB
8 KB 18ms
17ms XHR
application/json 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/settings/11EGJ5/v1/web
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: fdfdd1f363a794dc95d7f15141f883c59d872ca83c5a8a7b67c1794071905234

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.1mg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 04:03:52 GMT
content-encoding: gzip
age: 276
x-guploader-uploadid: ADPycdu_kk0LQSDSok4Jnnd1m56nlXziWmGPvttrJNxtI0wvAV8ntClcnbsvEN5BtMzOumeS2-qezGIYNCOakYtDL4gm-w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8307
last-modified: Sat, 03 Jun 2023 04:02:44 GMT
server: UploadServer
etag: "7954e89356ef39544ded4774a189a6a9"
x-goog-generation: 1685764964841019
x-goog-hash: crc32c=6vAz2Q==, md5=eVTok1bvOVRN7Ud0oYmmqQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public,max-age=900,no-transform
x-goog-stored-content-length: 8307
accept-ranges: bytes
content-type: application/json
expires: Sat, 03 Jun 2023 04:18:52 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
251 B 218ms
32ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-1HF6RR2VT7&gtm=45je35v0&_p=2040038149&cid=1070920478.1685765308&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1685765308&sct=1&seg=0&dl=https%3A%2F%2Fwww.1mg.com%2F&dt=Online%20Pharmacy%20India%20%7C%20Buy%20Medicines%20from%20India%27s%20Trusted%20Medicine%20Store%3A%201mg.com&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NPGHGVF7FB&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.1mg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 04:08:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.1mg.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 212ms
33ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-NPGHGVF7FB&gtm=45je35v0&_p=2040038149&cid=1070920478.1685765308&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1685765308&sct=1&seg=0&dl=https%3A%2F%2Fwww.1mg.com%2F&dt=Online%20Pharmacy%20India%20%7C%20Buy%20Medicines%20from%20India%27s%20Trusted%20Medicine%20Store%3A%201mg.com&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NPGHGVF7FB&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.1mg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 04:08:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.1mg.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 74 B
436 B 201ms
34ms XHR
application/json 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a633abf6ef85a1bf221e75979146c4c7f7a6164732a6a981180a84cf44ced8bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.1mg.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 03 Jun 2023 04:08:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.1mg.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94
x-xss-protection: 0

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/exp/U4ZFS2QH4VB65A54O43AEQ/ 42 B
799 B 27ms
26ms Script
application/javascript 2600:9000:225e:a200:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/U4ZFS2QH4VB65A54O43AEQ/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:a200:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f51a75f2ede4c5e0457f05d60bfa39290b59348a71cdae4cc701236e6f552ad9

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.1mg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

X-Amz-Version-Id: KyIrhSLCTmg5y26wHZCPhkYnYDOGt.kB
Date: Fri, 02 Jun 2023 20:11:58 GMT
Via: 1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
Age: 28593
X-Amz-Cf-Pop: FRA60-P4
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 42
Last-Modified: Tue, 21 Mar 2023 16:36:07 GMT
Server: AmazonS3
Etag: "2ff5e20519778d0385c77e7f6e12de10"
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: cUe-FMR3hNmEz1fYa75NNeePNJJCw9KcM-T7F5vOk_Ek63bHlr0S7g==

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/pre/
Redirect Chain

https://s.adroll.com/j/pre/U4ZFS2QH4VB65A54O43AEQ/6PFMKMAZXFGFLMSXPCJHFF/fpconsent.js
https://s.adroll.com/j/pre/index.js

0
756 B

28ms
25ms

Script
application/javascript

2600:9000:225e:a200:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/index.js
Requested by: Host: www.1mg.com
URL: https://www.1mg.com/
Protocol: HTTP/1.1
Server: 2600:9000:225e:a200:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.1mg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

X-Amz-Version-Id: nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Date: Fri, 02 Jun 2023 23:28:13 GMT
Via: 1.1 6b25d4ce9efa3f2699980e1915129606.cloudfront.net (CloudFront)
Age: 16830
X-Amz-Cf-Pop: FRA60-P4
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Last-Modified: Wed, 15 Jan 2020 23:54:18 GMT
Server: AmazonS3
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Vary: Accept-Encoding
Access-Control-Max-Age: 600
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: qdKAs4ALCKv9NydMXsCuVJxlDxp7uhrrY92K23U9_vxOlaOfNjq-uQ==

Redirect headers

Date: Fri, 02 Jun 2023 19:48:32 GMT
Via: 1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
Age: 29995
X-Amz-Cf-Pop: FRA60-P4
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Access-Control-Allow-Origin: *
Location: https://s.adroll.com/j/pre/index.js
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: YzYqqVbcyIbOJAWTqHY7AdKBSkOUOpSVpNmar3CXl6qnE8Z_lBPYhA==

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/pre/U4ZFS2QH4VB65A54O43AEQ/6PFMKMAZXFGFLMSXPCJHFF/ 4 KB
3 KB 75ms
26ms Script
text/javascript 2600:9000:225e:a200:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/U4ZFS2QH4VB65A54O43AEQ/6PFMKMAZXFGFLMSXPCJHFF/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:a200:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0cb0a48c76b0f668105a76c39481285b24b12dadca2090687a984f7210688025

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.1mg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

X-Amz-Version-Id: VR3yuPek3VO8rGdwJlYGXvhjlXd.aoND
Content-Encoding: gzip
Via: 1.1 6b25d4ce9efa3f2699980e1915129606.cloudfront.net (CloudFront)
Date: Sat, 03 Jun 2023 04:03:40 GMT
Age: 297
X-Amz-Cf-Pop: FRA60-P4
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 23 May 2023 11:54:28 GMT
Server: AmazonS3
Etag: W/"a7bb70ece1e3f0f3879dcfca4857a770"
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Vary: Accept-Encoding
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: junxHR70MVC7ePWqPsrkPcs13A2UlFfLM6ApKRvdop7eaOcRzPbJ7g==

GET
H2 200 singular-sdk.js Show response
web-sdk-cdn.singular.net/singular-sdk/latest/ 152 KB
46 KB 32ms
32ms Script
application/javascript 2a02:26f0:780::210:ca7a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://web-sdk-cdn.singular.net/singular-sdk/latest/singular-sdk.js
Requested by: Host: web-sdk-cdn.singular.net
URL: https://web-sdk-cdn.singular.net/singular-gtm-interface/latest/singular-gtm-interface.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::210:ca7a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 5ea7bee791b84aac39f104481bd020d861306f950a33905b3a3791f992de13b6

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.1mg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 04:08:28 GMT
content-encoding: gzip
last-modified: Tue, 07 Feb 2023 09:19:49 GMT
x-amz-cf-pop: FRA2-C1
etag: W/"1bc70f5b9c5b24a21158ebef4a43a3d0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1
server-timing: cdn-cache; desc=REVALIDATE, edge; dur=3, origin; dur=3, ak_p; desc="468268_34654838_55468924_609_744_29_0";dur=1
content-length: 46177
x-amz-cf-id: trBm6SlQ6ynfCTnQ-5E9guPSjGzr_3FC5hNfFGQNUzlXNN8LlQ0yfw==

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ 35 B
194 B 455ms
112ms Script
application/javascript 64.202.112.63
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.outbrain.com/cachedClickId?marketerId=00e24da221b37503a574c2af5a35cfc270
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.63 Chicago, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.1mg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Sat, 03 Jun 2023 04:08:29 GMT
X-TraceId: 13ee7ea38d12d29467b679ae1193a755
Content-Length: 35
Content-Type: application/javascript

GET
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 53 B
225 B 454ms
111ms Image
image/gif 64.202.112.63
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.outbrain.com/unifiedPixel?optOut=false&bust=034529059511380145&referrer=&cht=gtm&marketerId=00e24da221b37503a574c2af5a35cfc270&name=PAGE_VIEW&dl=https%3A%2F%2Fwww.1mg.com%2F&g=1&obApiVersion=1.1&obtpVersion=2.0.5
Requested by: Host: www.1mg.com
URL: https://www.1mg.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.63 Chicago, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.1mg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Sat, 03 Jun 2023 04:08:29 GMT
Cache-Control: no-cache
X-TraceId: 12b39ddbff4a0d40400283af167cef14
Content-Length: 53
Content-Type: image/gif;

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 76 KB
25 KB 176ms
46ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KR9MB8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8739cf8b30f6363b20649d753359e8a819c4afb04660555c77bfd8b88c2b9bbe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.1mg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 04:08:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25281
x-xss-protection: 0
server: cafe
etag: 118 / 19511 / 31075036 / config-hash: 2362657388836249790
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 03 Jun 2023 04:08:28 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 3588 15 KB
6 KB 486ms
55ms Document
text/html 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=www.1mg.com&origin=onetag

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.1mg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 03 Jun 2023 04:08:28 GMT
server: Kestrel
server-processing-duration-in-ticks: 330858
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 nv-banner-upl.js Show response
cdn.notifyvisitors.com/ext/js/ 52 KB
13 KB 138ms
28ms Script
application/javascript 2600:9000:223e:3600:1e:6c7e:cb00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.notifyvisitors.com/ext/js/nv-banner-upl.js
Requested by: Host: www.notifyvisitors.com
URL: https://www.notifyvisitors.com/ext/v1/settings?bid_e=1948D672A79F22D332F654FB766E7DC2&bid=2023&t=420&iFrame=false&trafficSource=&link_referrer=&pageUrl=https%3A%2F%2Fwww.1mg.com%2F&path=%2F&domain=https%3A%2F%2Fwww.1mg.com&gmOffset=0&screenWidth=1600&screenHeight=1200&isPwa=0&cookieData=VISITOR-ID%3Dcc3fc313-70f8-4c92-ccf0-890f693cb554_acce55_1685765306%3B%20city%3DNew%2520Delhi%3B%20abVisitorId%3D594580%3B%20abExperimentShow%3Dfalse%3B%20amoSessionId%3Dd1b60573-7591-4cc5-9ccd-4977562ad16b%3B%20_csrf%3DA8Q9_gScRbNz3ShSPeOILIU9%3B%20isLocaleRedirect%3Dfalse%3B%20isLocaleUIChange%3Dfalse%3B%20rl_group_id%3DRudderEncrypt%253AU2FsdGVkX1%252BuZsiuOk9o%252BwWwQypucilmQk7M7Qg71nc%253D%3B%20rl_group_trait%3DRudderEncrypt%253AU2FsdGVkX1%252BQvck0OYH4Dv2yQBfuKKaEjzCxNkrVmWg%253D%3B%20rl_anonymous_id%3DRudderEncrypt%253AU2FsdGVkX1%252BVtinhRQqLJ4HiHilsPV23UsNXsv7kQ3AmkQYWZB99LLAtKtf6l2ZhfBJboY9gIykTpXSu6CRyjw%253D%253D%3B%20rl_page_init_referrer%3DRudderEncrypt%253AU2FsdGVkX1%252BWg%252FlOp8JJdkbreLo2vK6zFxVOXdDYvWw%253D%3B%20rl_page_init_referring_domain%3DRudderEncrypt%253AU2FsdGVkX1%252BpsLymNVFwN%252Bg%252BSYZoLfvAHAiCVHwiwtw%253D%3B%20rl_user_id%3DRudderEncrypt%253AU2FsdGVkX19WKkwLWZyl3d0%252BaAHefwP%252FqnpoDFu24o9pcuPQyU2%252FKTwV8%252B0U8FNuuDRlX4Z3Dl47F3Ta1nH5UqM7%252F6zoZn1A9CrUf4mdcZw%253D%3B%20rl_trait%3DRudderEncrypt%253AU2FsdGVkX181uRxbvKamNxMuFmnM2iA3mVc6SC0iPKaenW4b85sTu2zY1bKxJF5MYyWoCFv7Z17WgBIJoZFAgA%253D%253D%3B%20rl_session%3DRudderEncrypt%253AU2FsdGVkX1%252BmJG6cLmv%252BksF53OXQHRBu26l%252Flm2CMKKZYUimjqc4lZcBwNfBmA9M6hxkrX0RSRtE4hoXDvQmj8u%252B%252BEUsN%252B8zc7W4hIWlQr6WAS1Jw3yyPFR8A1M4Kv5PMd4tC3%252FBtxgVmdyCn7GcGQ%253D%253D%3B%20geolocation%3Dfalse%3B%20_fbp%3Dfb.1.1685765307979.1426715355%3B%20_uetsid%3D4b16ef1001c411eebb0965cefdc39369%3B%20_uetvid%3D4b17a4e001c411ee94326b367f497d77%3B%20MgidSensorNVis%3D1%3B%20MgidSensorHref%3Dhttps%3A%2F%2Fwww.1mg.com%2F%3B%20AWSALBTG%3DwyPC8ZlcXSGDby7E51ylI1V%2Fa4WuwUwdirKZtQRpSb56KOrTSzNmYj9y8gibkVAMX6DCpfuK1k8tBj80HgxS9KrjPTf3Q8FpRhuHYmWnyMY6XQebZw9DMeJE6Z7NF0qRGmFghhYFf00NNbEiDYoxs5Mnko2FNneEtLhqikhRSSjs%3B%20AWSALBTGCORS%3DwyPC8ZlcXSGDby7E51ylI1V%2Fa4WuwUwdirKZtQRpSb56KOrTSzNmYj9y8gibkVAMX6DCpfuK1k8tBj80HgxS9KrjPTf3Q8FpRhuHYmWnyMY6XQebZw9DMeJE6Z7NF0qRGmFghhYFf00NNbEiDYoxs5Mnko2FNneEtLhqikhRSSjs%3B%20_gcl_au%3D1.1.1767335724.1685765308&ruleData=%7B%22city%22%3A%22New%20Delhi%22%7D&storage=%7B%22session%22%3A%7B%7D%2C%22local%22%3A%7B%7D%7D&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:3600:1e:6c7e:cb00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 65a848c817bbf71fd50b4c21dee270fd71831d419c2a3205637a129551a4a8bf

Request headers

Referer: https://www.1mg.com/
Origin: https://www.1mg.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 01:22:55 GMT
content-encoding: gzip
via: 1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront), 1.1 bb3ac1595bb014e3b09608a0358d33da.cloudfront.net (CloudFront)
last-modified: Mon, 15 May 2023 11:23:35 GMT
server: nginx
x-amz-cf-pop: FRA50-C1, FRA56-P4
age: 9933
etag: W/"64621637-d143"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=43200
x-amz-cf-id: idac6KrE7RUvg6bVhZBvzs1CcYkHWbidQXxF4M8VSJ-sP1U03mnIYA==
expires: Sat, 03 Jun 2023 13:22:55 GMT

GET
H2 200 U4ZFS2QH4VB65A54O43AEQ Show response
d.adroll.com/consent/check/ 453 B
546 B 161ms
50ms Script
application/javascript 2a05:d018:cc3:fe04:7b12:8510:f751:9a5d
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/U4ZFS2QH4VB65A54O43AEQ?pv=25324776945.967552&arrfrr=https%3A%2F%2Fwww.1mg.com%2F&_s=405bc6df10c030a0111fe333dbb79d8a&_b=2
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d018:cc3:fe04:7b12:8510:f751:9a5d Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: 25dfa9471f98d0d1ea20cb5df977e0730686761be54923ad884a96be5f77a545

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.1mg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 04:08:28 GMT
server: nginx/1.22.1
content-length: 453
content-type: application/javascript

POST
H2 200 publisher:getClientId Show response
ampcid.google.it/v1/ 3 B
365 B 151ms
40ms XHR
application/json 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.it/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.1mg.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 03 Jun 2023 04:08:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.1mg.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

POST
H2 200 event Show response
sdk-api-v1.singular.net/api/v1/ 18 B
254 B 190ms
189ms XHR
application/x-javascript 95.101.54.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk-api-v1.singular.net/api/v1/event?current_device_time=1685765309&event_id=d8e7d9d1-c53f-4f8b-bea9-1a9f2dfd4445&conversion_event=true&k=SDID&a=ikshit&p=Web&i=www.1mg.com&screen_height=1200&screen_width=1600&sdk=WebSDK-v1.3.8&singular_instance_id=51a8b48c-3d0b-44a7-97ef-0888d22fe326&sdid=6c30109a-2858-4e2b-996c-4329efa59d1e&storage_type=local&timezone=GMT%2B0000&touchpoint_timestamp=1685765309&u=6c30109a-2858-4e2b-996c-4329efa59d1e&n=__PAGE_VISIT__&is_revenue_event=false&first=true&s=fbeccad0-7342-47ba-b4ae-85167682c2d6&is_first_visit=true&is_page_refreshed=false&sdid_persist_mode=off&os=Windows&lag=0&h=380e8b0f640b28b387e92c66c417f718a1280bc9
Requested by: Host: web-sdk-cdn.singular.net
URL: https://web-sdk-cdn.singular.net/singular-sdk/latest/singular-sdk.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.54.200 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-54-200.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8a49ea5083c8030f058182dcd6ae7da0960e68a0d762f71e8e8375f5732fb2fb

Request headers

Referer: https://www.1mg.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 04:08:29 GMT
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
access-control-allow-headers: Content-Type, Content-Length
content-length: 18
expires: Sat, 03 Jun 2023 04:08:29 GMT

OPTIONS
H2 200 event
sdk-api-v1.singular.net/api/v1/ Frame 0
0 359ms
207ms Preflight 95.101.54.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk-api-v1.singular.net/api/v1/event?current_device_time=1685765309&event_id=d8e7d9d1-c53f-4f8b-bea9-1a9f2dfd4445&conversion_event=true&k=SDID&a=ikshit&p=Web&i=www.1mg.com&screen_height=1200&screen_width=1600&sdk=WebSDK-v1.3.8&singular_instance_id=51a8b48c-3d0b-44a7-97ef-0888d22fe326&sdid=6c30109a-2858-4e2b-996c-4329efa59d1e&storage_type=local&timezone=GMT%2B0000&touchpoint_timestamp=1685765309&u=6c30109a-2858-4e2b-996c-4329efa59d1e&n=__PAGE_VISIT__&is_revenue_event=false&first=true&s=fbeccad0-7342-47ba-b4ae-85167682c2d6&is_first_visit=true&is_page_refreshed=false&sdid_persist_mode=off&os=Windows&lag=0&h=380e8b0f640b28b387e92c66c417f718a1280bc9
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.54.200 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-54-200.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.1mg.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-headers: Content-Type, Content-Length
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 0
date: Sat, 03 Jun 2023 04:08:29 GMT
expires: Sat, 03 Jun 2023 04:08:29 GMT
pragma: no-cache
vary: Accept-Encoding

GET
H/1.1 200
OK consent_tcfv2.js Show response
s.adroll.com/j/ 410 KB
55 KB 27ms
27ms Script
application/javascript 2600:9000:225e:a200:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/consent_tcfv2.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:a200:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 91144fbcc0e3f609b021e362ec29d2a9b58f15e840f229eb99ea2c04d927882b

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.1mg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

X-Amz-Version-Id: 44sIT20LqRj70wQHqyIoOw7etYYdjkbK
Content-Encoding: gzip
Via: 1.1 6b25d4ce9efa3f2699980e1915129606.cloudfront.net (CloudFront)
Date: Sat, 03 Jun 2023 04:08:29 GMT
Age: 56
X-Amz-Cf-Pop: FRA60-P4
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed, 04 May 2022 19:41:48 GMT
Server: AmazonS3
Etag: W/"0a7d0ea8d7d31b07e925fe340acf431b"
Vary: Accept-Encoding
Access-Control-Max-Age: 600
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Cache-Control: max-age=300, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: H90phAhmR3oVgtNfwq_abkXQhSf1r2CKH5wBDmDcSes-0-9s4vnagQ==

GET
H/1.1 200
OK nextroll-32x32.png
s.adroll.com/i/favicon/ 2 KB
2 KB 32ms
32ms Image
image/png 2600:9000:225e:a200:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.adroll.com/i/favicon/nextroll-32x32.png
Requested by: Host: www.1mg.com
URL: https://www.1mg.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:a200:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.1mg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

X-Amz-Version-Id: eTpwxbAIDHDUN.4tfrROIgU_pzKN9Xh0
Date: Fri, 02 Jun 2023 20:56:01 GMT
Via: 1.1 6b25d4ce9efa3f2699980e1915129606.cloudfront.net (CloudFront)
Age: 25991
X-Amz-Cf-Pop: FRA60-P4
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 1615
Last-Modified: Mon, 28 Jun 2021 18:19:21 GMT
Server: AmazonS3
Etag: "403a0a7dcf2d617e7ea852bfb9d11945"
Vary: Accept-Encoding
Access-Control-Max-Age: 600
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: Lg_Z6IT3EWOaYaxI1C5MpASPk8YsPl2KdufHisiJq6bim0iXj2FpzA==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
346 B 110ms
35ms XHR
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-21820217-6&cid=1070920478.1685765308&jid=583961272&gjid=1462970445&_gid=1575125256.1685765309&_u=YDDAiEABBAQCAEAAI~&z=492730577

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b4cd4f889e2c7dd71da12d2b0a29aa6346de2e5d8b3c882d7700d64c700f661d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.1mg.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 03 Jun 2023 04:08:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.1mg.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
144 B 45ms
34ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=2040038149&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.1mg.com%2F&ul=en-us&de=UTF-8&dt=Online%20Pharmacy%20India%20%7C%20Buy%20Medicines%20from%20India%27s%20Trusted%20Medicine%20Store%3A%201mg.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Home&ea=Page%20Load&_u=YDDACEABBAQCAGAAI~&jid=406195482&gjid=1748588528&cid=1070920478.1685765308&tid=UA-21820217-6&_gid=1575125256.1685765309&_r=1&_slc=1&gtm=45He35v0n71KR9MB8&z=133329635

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.1mg.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 04:08:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.1mg.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
193 B 38ms
31ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=2040038149&t=pageview&_s=1&dl=https%3A%2F%2Fwww.1mg.com%2F&ul=en-us&de=UTF-8&dt=Online%20Pharmacy%20India%20%7C%20Buy%20Medicines%20from%20India%27s%20Trusted%20Medicine%20Store%3A%201mg.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YDDAiEABBAQCAAAAI~&jid=583961272&gjid=1462970445&cid=1070920478.1685765308&tid=UA-21820217-6&_gid=1575125256.1685765309&gtm=45He35v0n71KR9MB8&cd1=cc3fc313-70f8-4c92-ccf0-890f693cb554_acce55_1685765306&cd4=0&cd7=default&cd20=New%20Delhi&cd33=Applicable%20%7C%20Not%20Shown&cd35=Applicable%20%7C%20Shown&cd47=Full&cd60=%22%22&z=1541016172

Requested by

Host: www.1mg.com
URL: https://www.1mg.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.1mg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 03:40:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 1657
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 55ms
37ms XHR
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-21820217-6&cid=1070920478.1685765308&jid=406195482&gjid=1748588528&_gid=1575125256.1685765309&_u=YDDACEABBAQCAGAAI~&z=1381627972

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b4cd4f889e2c7dd71da12d2b0a29aa6346de2e5d8b3c882d7700d64c700f661d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.1mg.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 03 Jun 2023 04:08:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.1mg.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 213ms
90ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-21820217-6&cid=1070920478.1685765308&jid=583961272&_u=YDDAiEABBAQCAEAAI~&z=142006148

Requested by

Host: www.1mg.com
URL: https://www.1mg.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.1mg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 04:08:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.it/ads/ 42 B
107 B 218ms
95ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.it/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-21820217-6&cid=1070920478.1685765308&jid=583961272&_u=YDDAiEABBAQCAEAAI~&z=142006148

Requested by

Host: www.1mg.com
URL: https://www.1mg.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.1mg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 04:08:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 214ms
91ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-21820217-6&cid=1070920478.1685765308&jid=406195482&_u=YDDACEABBAQCAGAAI~&z=434312775

Requested by

Host: www.1mg.com
URL: https://www.1mg.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.1mg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 04:08:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.it/ads/ 42 B
408 B 215ms
92ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.it/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-21820217-6&cid=1070920478.1685765308&jid=406195482&_u=YDDACEABBAQCAGAAI~&z=434312775

Requested by

Host: www.1mg.com
URL: https://www.1mg.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.1mg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 04:08:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 3588
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=1mg.com&sn=ChromeSyncframe&so=0&topUrl=www.1mg.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=LiJ_h3xaZUUrUjhxZUxOdG9TV1o1V0pOQWgraGdBZS8wU3BRSUViMDBLL0NISjd0ckx1NjlIMGNTU0wyRnNKdTlqeW9VRnNkZW9tOUNwS09wcU9Hb24wMGhPUWhVNlpvMlMxYUo4V1NTSUpIYXdaSG5HS1VrclF5a01tOG...

428 B
655 B

125ms
32ms

Fetch
application/json

178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=LiJ_h3xaZUUrUjhxZUxOdG9TV1o1V0pOQWgraGdBZS8wU3BRSUViMDBLL0NISjd0ckx1NjlIMGNTU0wyRnNKdTlqeW9VRnNkZW9tOUNwS09wcU9Hb24wMGhPUWhVNlpvMlMxYUo4V1NTSUpIYXdaSG5HS1VrclF5a01tOG9nT3cyeVZtZ1pTNWhyemdWMzZ2YTNOdmc2QU53RXVvdFY0OXpvMlFrRkFvUTZiKytlTEFsOGUxT2dGUGp5SmZtTVVGT1NnY1YwQ0lkYmFPQWduSzc2czJNZ2pMNUV2dEdhNVJ5N3l4U0IwNlV6bUphSXZLbHRFeTZydVNkUlhtU0xmVHl5QTFpYzE4VUVqcjdFQzlRaTFhazQwVFgrUT09fA&cppv=2

Requested by

Host: www.1mg.com
URL: https://www.1mg.com/

Protocol

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

5891cb525908a7736408e15eeb63a027934e6c22d74b32cff4cd27e08d2ee90e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 04:08:29 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1265030
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 03 Jun 2023 04:08:28 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=LiJ_h3xaZUUrUjhxZUxOdG9TV1o1V0pOQWgraGdBZS8wU3BRSUViMDBLL0NISjd0ckx1NjlIMGNTU0wyRnNKdTlqeW9VRnNkZW9tOUNwS09wcU9Hb24wMGhPUWhVNlpvMlMxYUo4V1NTSUpIYXdaSG5HS1VrclF5a01tOG9nT3cyeVZtZ1pTNWhyemdWMzZ2YTNOdmc2QU53RXVvdFY0OXpvMlFrRkFvUTZiKytlTEFsOGUxT2dGUGp5SmZtTVVGT1NnY1YwQ0lkYmFPQWduSzc2czJNZ2pMNUV2dEdhNVJ5N3l4U0IwNlV6bUphSXZLbHRFeTZydVNkUlhtU0xmVHl5QTFpYzE4VUVqcjdFQzlRaTFhazQwVFgrUT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 267520
content-length: 0
expires: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 106ms
43ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202305300101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305300101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

079af7ed8d64ecf9be7ca6aec306824bd846dc5697e791c65d66153126e1a807

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.1mg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 04:08:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11175
x-xss-protection: 0

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ Frame 16EC 87 KB
31 KB 85ms
26ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: cdn.notifyvisitors.com
URL: https://cdn.notifyvisitors.com/ext/js/nv-banner-upl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.1mg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 02:52:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4552
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31021
x-xss-protection: 0
last-modified: Fri, 08 May 2020 07:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 02 Jun 2024 02:52:37 GMT

POST
H2 204 rum Show response
www.1mg.com/cdn-cgi/ 0
168 B 34ms
33ms XHR
text/plain 2606:4700:10::6814:d732
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.1mg.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:d732 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.1mg.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
content-type: application/json

Response headers

date: Sat, 03 Jun 2023 04:08:29 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.1mg.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 7d151340bb86bae5-MXP

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 96ms
36ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305300101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.1mg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 04:08:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 03 Jun 2023 04:08:29 GMT

GET
H2

200

event Show response
widget.as.criteo.com/
Redirect Chain

https://sslwidget.criteo.com/event?a=51601&v=5.16.1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=pZp2V19zU2tEUjdwZnNYd3p3TXNvTnVsN3ltcWJiZFdBRHhqTk9HVlRq...
https://widget.as.criteo.com/event?a=51601&v=5.16.1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=pZp2V19zU2tEUjdwZnNYd3p3TXNvTnVsN3ltcWJiZFdBRHhqTk9HVlRq...

8 KB
4 KB

881ms
286ms

Script
application/x-javascript

182.161.74.16
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.as.criteo.com/event?a=51601&v=5.16.1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=pZp2V19zU2tEUjdwZnNYd3p3TXNvTnVsN3ltcWJiZFdBRHhqTk9HVlRqTUVEWktvcWpkWUklMkZjM0R0bGJRUHlIS01Gek9TUUpWejlEZzN4ODMxbHNGQVclMkJsNWNZaHhvWlM4SGpEdTZ3ZDMlMkZHS1B4dGpqblg4VjB6aHUxZSUyRjNxM2NzTWdEemVxdXpCWDN0VHVjVFAwR1ZsSDQ0USUzRCUzRA&tld=1mg.com&fu=https%253A%252F%252Fwww.1mg.com%252F&ceid=a4a0ac81-4374-4d0b-a59c-a1671c3440cc&dtycbr=96745

Protocol

Server

182.161.74.16 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

6ef4a7edf32bc1ed0fe0955e585c60061c55ab10b3fd0b328582d1160d292a45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.1mg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 04:08:30 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
content-type: application/x-javascript
access-control-allow-origin: *
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 9289311
timing-allow-origin: *
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 03 Jun 2023 04:08:29 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://widget.as.criteo.com/event?a=51601&v=5.16.1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=pZp2V19zU2tEUjdwZnNYd3p3TXNvTnVsN3ltcWJiZFdBRHhqTk9HVlRqTUVEWktvcWpkWUklMkZjM0R0bGJRUHlIS01Gek9TUUpWejlEZzN4ODMxbHNGQVclMkJsNWNZaHhvWlM4SGpEdTZ3ZDMlMkZHS1B4dGpqblg4VjB6aHUxZSUyRjNxM2NzTWdEemVxdXpCWDN0VHVjVFAwR1ZsSDQ0USUzRCUzRA&tld=1mg.com&fu=https%253A%252F%252Fwww.1mg.com%252F&ceid=a4a0ac81-4374-4d0b-a59c-a1671c3440cc&dtycbr=96745
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2073671
timing-allow-origin: *
content-length: 0
expires: 0

GET
H2 200 updateViews Show response
www.notifyvisitors.com/user/notifications_v2/ 154 B
481 B 290ms
289ms Script
text/html 2600:9000:2156:6200:14:81fb:1e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.notifyvisitors.com/user/notifications_v2/updateViews?brandid=2023&notificationid=13453&cookieData=%20_nv_sess%3D173339004.1685765308.SXSCVc8WnJokmw5lMBAjWvsq5oQu9kogoe6C0XChPTcYHrj0oI%3B%20_nv_uid%3D173339004.1685765308.9cee366f-874f-4662-ba8b-ba4d4efb764a.1685765308.1685765308.1.0%3B%20_nv_utm%3D173339004.1685765308.1.1.dXRtc3JjPShkaXJlY3QpfHV0bWNjbj0oZGlyZWN0KXx1dG1jbWQ9KG5vbmUpfHV0bWN0cj0obm90IHNldCl8dXRtY2N0PShub3Qgc2V0KXxnY2xpZD0obm90IHNldCk%3D%3B%20_nv_did%3D173339004.1685765308.2001%3Aac8%3A24%3A44%3A%3A117eodb%3B%20_nv_hit%3D173339004.1685765308.cHZpZXc9MQ%3D%3D%3B%20_nv_banner_x%3D13453&js_callback=nvbanner_json1

Requested by

Host: cdn.notifyvisitors.com
URL: https://cdn.notifyvisitors.com/ext/js/nv-banner-upl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:6200:14:81fb:1e80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

6dd0b723cc05be223b546111137365c88bcd7909fdba45b97695c38a0069ef7f

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.1mg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 04:08:29 GMT
content-encoding: gzip
via: 1.1 9eb0e845437929074828e0cf53f179ae.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA50-C1
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
x-amz-cf-id: Gk03e_c3IDjtsLZWEtFBBXtjkIZrA-EfgkHOR0zYAsuojiX_Ekk3hg==
x-xss-protection: 1; mode=block

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3825 13 KB
5 KB 28ms
25ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.1mg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

accept-ranges: bytes
age: 41812
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 02 Jun 2023 16:31:37 GMT
expires: Sat, 01 Jun 2024 16:31:37 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame D4B5 783 B
968 B 38ms
36ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4e7cb6579125a71df6f931ddfa56b42696875ec48835a4f11acd87774588a7a2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-keYW6uuCl9ogRnJRlYwI_g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.1mg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-keYW6uuCl9ogRnJRlYwI_g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 03 Jun 2023 04:08:29 GMT
expires: Sat, 03 Jun 2023 04:08:29 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D4B5 0
0 132ms
76ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202305300101&jk=3384624119700515&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

GET
H3 200 021tMgbmWdpib38qUft40v3Y3wOFK7xcDKTuj95SMW0.js Show response
pagead2.googlesyndication.com/bg/ Frame 3825 37 KB
14 KB 82ms
29ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/021tMgbmWdpib38qUft40v3Y3wOFK7xcDKTuj95SMW0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d36d6d3206e659da626f7f2a51fb78d2fdd8df03852bbc5c0ca4ee8fde52316d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 10:09:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64712
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14684
x-xss-protection: 0
last-modified: Tue, 30 May 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 01 Jun 2024 10:09:57 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3825 0
10 B 26ms
26ms Image
text/plain 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?VzbXYA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 04:08:30 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 200 page Show response
rs.fullstory.com/rec/ 39 KB
8 KB 457ms
401ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/page
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: a8428264582bf2a0d0b9c1bca152b20d9a44ca251514cd16da01eaa690b048b6

Request headers

Referer: https://www.1mg.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.1mg.com
date: Sat, 03 Jun 2023 04:08:30 GMT
content-encoding: gzip
access-control-allow-credentials: true
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/json; charset=utf-8

GET
H2 200 integrations Show response
rs.fullstory.com/rec/ 12 KB
13 KB 151ms
151ms Script
text/javascript 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/integrations?OrgId=11EGJ5
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: d1b9cb45ce0c1d9fddaf61c532b7f9375e1903cfa09f62db65d4653d0cc06877

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.1mg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 04:08:30 GMT
via: 1.1 google
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/javascript; charset=utf-8

GET
H3 200 fs.js Show response
edge.fullstory.com/s/ Frame 16EC 248 KB
67 KB 21ms
20ms Script
application/javascript 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/fs.js
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 27ffcafcc00a23e92cd2ed2f18a862100cbc2e09eb7bce9e0662fb85a09ef0f4

Request headers

Referer: https://www.1mg.com/
Origin: https://www.1mg.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:43:13 GMT
content-encoding: br
age: 1517
x-guploader-uploadid: ADPycdumbQtIdIpDUsC1u7FYQ8DWvD2NXPC1sClzgL_-oCU8TKbvkz56t3kIYHutfWlS_iGd-_zVraZpM4KVDYcqrcDy6Q
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68228
last-modified: Wed, 31 May 2023 17:33:38 GMT
server: UploadServer
etag: "497387a475c29702771e4e72e0480c5f"
vary: Accept-Encoding
x-goog-generation: 1685554418094773
x-goog-hash: crc32c=FH1YzA==, md5=SXOHpHXClwJ3Hk5y4EgMXw==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 68228
accept-ranges: bytes
content-type: application/javascript
expires: Sat, 03 Jun 2023 04:43:13 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 65ms
64ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202305300101&jk=3384624119700515&bg=!dnWldSHNAAY9J7QfHSc7ADkAdvg8Wtm-Hq8CNiYJEJCa1AMkSjkNBA-FgQWNqLDXhlBOaDniYlyYsflqrOWglplVgjaYb243pZwCAAAA6lIAAAADaAEHCgATCm_XJ9q9KINix8c-5Q-8WjlLNZkC1Piqa2GZhbXhWFA8vFtv_eghYi9JJTiQPLHrGXuJM148EzyO0lTUWvFHd0HH-8KdpsNDMobvd066ppQtA3LktOD4yEmhs0INXcqajq_SOLRzVLJpyM8EwdBwLapk10cImcu-MzBQZsTj64cXRN56haoIGIydOO98WcrG2vzC7soIiWHUSzeKfZKsl4rpvWHRF4Uv6Yjclv6pNiabpNBQKprgd_pUdy6nrhHmjv3rHshUdNGnFHHb6watJ2KmX2IxEWSagqk9V1wwNigm6MibFtYZtqjhnQrrjfclU9QV69Lwaktt664rLMPtUFa9DxHeV7WNNiBOskR7lz_FsrjgK-VtiBV57mPpjvyQEIkgtMT2HsuQSZgDocXjLEoa0Dxw_EW1b2Pn6VqrQeLYZJPbUO7BUSJL8Qz0JRgS2k9HY-aV2X50IMIzf6BQh7_ESz0dNW1L-_g5Oh-fzoV6fRbQ9DGnBTnA1T68i4oPxuENjpnwCQMN0xtwk5TMmuCizw3suN7SxOV5_BtT55HXYPufmUDYwdLKH53-LDYn4ulUZPvSba9wWhE56Fg57M4vdtGoV7YxZ_oib3UVhRaMgpqr31RkaC-5NZu3YXTx6Ii9tO0qXk9THwltXbdFh7Fj7gBOtqdE5DcSWeKr2cHO9DpBXBTVY2Z1SAO1WtugwS1NNN59ZXXvuVeG-6Of2CUrNvQcHfpllGfimVQ84ZYoHHxbrVCle2MnKwHsX5MIxmn-S3mdBeLRpRKqeO1Rk8Jje2Oh2G5-HVsKHJH09U7rH5ZT8FUSjEgPWFTQu52hW8Xoey9i_-i9e7vIOy4UAirpdcI_AdNmXDo0ys1JqiKiDRWrQgxfBi81My4T0kZLCMvFB-ycLLds22PQHmy04OLGnA1Nx7MMmKbp1vdN9FK-gWEeAyNIzuVU3z3sS5DIF1h0PfD_hSVdnuL9TVpAYubPixMtniMTO_c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.1mg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

GET
H2

200

sync
x.bidswitch.net/ul_cb/ Frame FEED
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-cLjpa4d9tizz_y2mJGmHNyGFISjYiwimt9sqbA&expires=30
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-cLjpa4d9tizz_y2mJGmHNyGFISjYiwimt9sqbA&expires=30

43 B
345 B

29ms
29ms

Image
image/gif

3.126.160.30
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-cLjpa4d9tizz_y2mJGmHNyGFISjYiwimt9sqbA&expires=30
Protocol: H2
Server: 3.126.160.30 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-160-30.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 04:08:31 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-cLjpa4d9tizz_y2mJGmHNyGFISjYiwimt9sqbA&expires=30
date: Sat, 03 Jun 2023 04:08:31 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame FEED
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-MsYmsYd9tizz_y2mJGmHNyGFIShTh-ORIHcA6g&google_cm&google_hm=ay1Nc1ltc1lkOXRpenpfeTJtSkdtSE55R0ZJU2hUaC1PU...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-MsYmsYd9tizz_y2mJGmHNyGFIShTh-ORIHcA6g&google_gid=CAESEOOVwUIrTSm2NqeozIsgNC8&google_cver=1&google_ula=913071,0

43 B
369 B

35ms
34ms

Image
image/gif

178.250.7.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-MsYmsYd9tizz_y2mJGmHNyGFIShTh-ORIHcA6g&google_gid=CAESEOOVwUIrTSm2NqeozIsgNC8&google_cver=1&google_ula=913071,0

Protocol

Server

178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 04:08:30 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 623942
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 03 Jun 2023 04:08:31 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-MsYmsYd9tizz_y2mJGmHNyGFIShTh-ORIHcA6g&google_gid=CAESEOOVwUIrTSm2NqeozIsgNC8&google_cver=1&google_ula=913071,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame FEED
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=1410289253550211040

43 B
370 B

36ms
35ms

Image
image/gif

178.250.7.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=1410289253550211040

Protocol

Server

178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 04:08:30 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1044186
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Sat, 03 Jun 2023 04:08:31 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 192.145.127.213; 192.145.127.213; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 2469a33e-b412-40e5-9d1f-d518c5fd6f1f
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=1410289253550211040
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

bounce
secure.adnxs.com/ Frame FEED
Redirect Chain

https://secure.adnxs.com/setuid?entity=52&code=k-z_rLYId9tizz_y2mJGmHNyGFISgCUwH5_zl9PA
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-z_rLYId9tizz_y2mJGmHNyGFISgCUwH5_zl9PA

43 B
1 KB

35ms
35ms

Image
image/gif

185.89.210.20
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-z_rLYId9tizz_y2mJGmHNyGFISgCUwH5_zl9PA

Protocol

HTTP/1.1

Server

185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 03 Jun 2023 04:08:31 GMT
AN-X-Request-Uuid: 238994a7-b710-4b4e-84ab-1f603337cc5f
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 192.145.127.213; 192.145.127.213; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 03 Jun 2023 04:08:31 GMT
AN-X-Request-Uuid: 962ed1d0-509b-4af7-8ffc-376ea0eccd9d
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-z_rLYId9tizz_y2mJGmHNyGFISgCUwH5_zl9PA
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 192.145.127.213; 192.145.127.213; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cksync.php
contextual.media.net/ Frame FEED 61 B
793 B 147ms
64ms Image
image/gif 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-UIdxO4d9tizz_y2mJGmHNyGFIShLkdKLq8t6rA

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Sat, 03 Jun 2023 04:08:31 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 61
x-mnet-hl2: E
expires: Sat, 03 Jun 2023 04:08:31 GMT

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame FEED 0
239 B 147ms
26ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-Cr-zmYd9tizz_y2mJGmHNyGFISi2dKxBL-45uA&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: f5982f4f9cc79eb2b489dda8b92e3144
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 204 v1
match.sharethrough.com/sync/ Frame FEED 0
357 B 119ms
29ms Image
text/plain 18.193.218.55
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-c1jlIod9tizz_y2mJGmHNyGFIShMax4Vd2zVfg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.218.55 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-218-55.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 04:08:31 GMT

GET
H2 200 /
rtb-csync.smartadserver.com/redir/ Frame FEED 43 B
114 B 225ms
38ms Image
image/gif 185.86.139.93
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-pNuwE4d9tizz_y2mJGmHNyGFISjyWgf41S7KWw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.93 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 04:08:31 GMT
content-type: image/gif

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame FEED 0
99 B 168ms
41ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-Gk4D14d9tizz_y2mJGmHNyGFISiDO6iQ8MeYMg
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 04:08:31 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 39815

GET
H2 200 um
criteo-sync.teads.tv/ Frame FEED 23 B
163 B 145ms
50ms Image
image/gif 2.18.161.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-8-OGYod9tizz_y2mJGmHNyGFISgy0SBz5Ewyag
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-161-51.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

expires: Sat, 03 Jun 2023 04:08:31 GMT
pragma: no-cache
date: Sat, 03 Jun 2023 04:08:31 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

GET
H2 200 xuid
eb2.3lift.com/ Frame FEED 37 B
140 B 94ms
27ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-ico_c4d9tizz_y2mJGmHNyGFISg8NLo-A2ulkw&dongle=013b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 04:08:31 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2

204

sync
ups.analytics.yahoo.com/ups/58301/ Frame FEED
Redirect Chain

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-KRHh7Yd9tizz_y2mJGmHNyGFISh8o-u4jKoR0Q
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-KRHh7Yd9tizz_y2mJGmHNyGFISh8o-u4jKoR0Q&verify=true

0
121 B

29ms
29ms

Image
text/plain

3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-KRHh7Yd9tizz_y2mJGmHNyGFISh8o-u4jKoR0Q&verify=true

Protocol

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.57 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 04:08:31 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-KRHh7Yd9tizz_y2mJGmHNyGFISh8o-u4jKoR0Q&verify=true
date: Sat, 03 Jun 2023 04:08:31 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 pixel
cm.adform.net/ Frame FEED 43 B
163 B 134ms
39ms Image
image/gif 37.157.3.30
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-kiA90Id9tizz_y2mJGmHNyGFISgxWxVYBALEsg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 04:08:31 GMT
last-modified: Fri, 07 Feb 2020 08:03:24 GMT
server: nginx
accept-ranges: bytes
etag: "5e3d19cc-2b"
content-length: 43
content-type: image/gif

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame FEED 49 B
235 B 123ms
36ms Image
image/gif 185.255.84.152
IGUANE-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-1b-5Z4d9tizz_y2mJGmHNyGFIShCZ4nKBcLMnw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.152 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 04:08:30 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 1
content-length: 49
expires: 0

GET
H/1.1

200
OK

rum
r.casalemedia.com/ Frame FEED
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-VBxIJ4d9tizz_y2mJGmHNyGFIShYVk_IGyrgxQ
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-VBxIJ4d9tizz_y2mJGmHNyGFIShYVk_IGyrgxQ&C=1

43 B
766 B

26ms
25ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-VBxIJ4d9tizz_y2mJGmHNyGFIShYVk_IGyrgxQ&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 03 Jun 2023 04:08:31 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Sat, 03 Jun 2023 04:08:31 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=20&external_user_id=k-VBxIJ4d9tizz_y2mJGmHNyGFIShYVk_IGyrgxQ&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame FEED
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=ZaEnQuJN2FZRvsARPd4cRyP81oPtMt31
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=ZaEnQuJN2FZRvsARPd4cRyP81oPtMt31

42 B
942 B

51ms
51ms

Image
image/gif

3.248.155.70
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=ZaEnQuJN2FZRvsARPd4cRyP81oPtMt31

Protocol

HTTP/1.1

Server

3.248.155.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-248-155-70.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v048-0d3695a9b.edge-irl1.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: cMMmrIS4RAI=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v048-08db0995a.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: D6YG7YC7QgU=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=ZaEnQuJN2FZRvsARPd4cRyP81oPtMt31
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200 9.gif
id5-sync.com/s/966/ Frame FEED 43 B
1 KB 95ms
28ms Image
image/gif 162.19.138.82
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/966/9.gif?puid=k-CD-LTYd9tizz_y2mJGmHNyGFISjRz7axuX2wVA

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.82 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31532337.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Sat, 03 Jun 2023 04:08:30 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame FEED
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-0RKke4d9tizz_y2mJGmHNyGFISiLGe5wBeEmBA
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-0RKke4d9tizz_y2mJGmHNyGFISiLGe5wBeEmBA

43 B
447 B

51ms
51ms

Image
image/gif

34.253.4.201
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-0RKke4d9tizz_y2mJGmHNyGFISiLGe5wBeEmBA
Protocol: H2
Server: 34.253.4.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-4-201.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 03 Jun 2023 04:08:31 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-0RKke4d9tizz_y2mJGmHNyGFISiLGe5wBeEmBA
access-control-allow-origin: *
date: Sat, 03 Jun 2023 04:08:31 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 sync
matching.ivitrack.com/ Frame FEED 42 B
274 B 95ms
33ms Image
image/gif 34.117.157.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k-fpkp9Id9tizz_y2mJGmHNyGFISib4pBz2t57Hg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.157.117.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 04:08:30 GMT
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
server: istio-envoy
content-type: image/gif
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame FEED 0
878 B 92ms
28ms Image
text/html 35.157.206.233
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-pSE9Mod9tizz_y2mJGmHNyGFIShRGNgW3a8ySQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.206.233 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-206-233.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 04:08:31 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame FEED 0
145 B 446ms
107ms Image
text/plain 64.202.112.63
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-Pu0DZ4d9tizz_y2mJGmHNyGFIShw084_7_gH_Q&initiator=partner
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.63 Chicago, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Sat, 03 Jun 2023 04:08:31 GMT
Cache-Control: no-cache
X-TraceId: d51fde3c817a8fca49981f0f1f27c68e
Content-Length: 0

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame FEED 42 B
585 B 131ms
33ms Image
image/gif 185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-mZJsOYd9tizz_y2mJGmHNyGFISjYrBICLqCqEg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sat, 03 Jun 2023 04:08:30 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame FEED 43 B
399 B 452ms
141ms Image
image/gif 2600:1f18:612b:4280:9c57:55f3:743f:20f9
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k-OV-xFod9tizz_y2mJGmHNyGFISjO2p8Va_aVGg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4280:9c57:55f3:743f:20f9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Sat, 03 Jun 2023 04:08:31 GMT
server: nginx
content-type: image/gif

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame FEED 0
235 B 129ms
45ms Image
text/plain 23.215.16.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-3ssuB4d9tizz_y2mJGmHNyGFISjZ7-9P4QCx2Q
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.215.16.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-215-16-120.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 03 Jun 2023 04:08:31 GMT
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Expires: Fri, 02 Jun 2023 04:08:31 GMT

GET
H2 200 sync
sync-criteo.ads.yieldmo.com/ Frame FEED 0
38 B 230ms
48ms Image
text/plain 54.77.194.148
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-d5oopYd9tizz_y2mJGmHNyGFIShY0pgslFAvNw&pn_id=criteo&ext=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.194.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-194-148.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 04:08:31 GMT
content-length: 0

GET
H3 200 latest.js Show response
edge.fullstory.com/datalayer/v4/ 42 KB
12 KB 52ms
17ms Script
application/javascript 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/datalayer/v4/latest.js
Requested by: Host: rs.fullstory.com
URL: https://rs.fullstory.com/rec/integrations?OrgId=11EGJ5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 0f1996871ba77386a475fac0db6489b0241c9a839f2e3c3f631aed26006848df

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.1mg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:10:07 GMT
content-encoding: gzip
age: 3503
x-guploader-uploadid: ADPycdt_1LiXcc6V5MD2U_H2abEx6G4WotGqLfmkbVXPX6p2Wtk6EDhOVkHWte2sTtS8djDs983PERV2HKgrIMKTu1Y_tw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11918
last-modified: Wed, 19 Apr 2023 13:01:04 GMT
server: UploadServer
etag: "7daa3363eff24e398907e4735734e262"
x-goog-generation: 1681909264405910
x-goog-hash: crc32c=pXmtYw==, md5=faozY+/yTjmJB+RzVzTiYg==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 11918
accept-ranges: bytes
content-type: application/javascript
expires: Sat, 03 Jun 2023 04:10:07 GMT

GET
H3 200 fs.js Show response
edge.fullstory.com/s/ Frame 424F 248 KB
67 KB 18ms
17ms Script
application/javascript 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/fs.js
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 27ffcafcc00a23e92cd2ed2f18a862100cbc2e09eb7bce9e0662fb85a09ef0f4

Request headers

Referer: https://www.1mg.com/
Origin: https://www.1mg.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:43:13 GMT
content-encoding: br
age: 1518
x-guploader-uploadid: ADPycdumbQtIdIpDUsC1u7FYQ8DWvD2NXPC1sClzgL_-oCU8TKbvkz56t3kIYHutfWlS_iGd-_zVraZpM4KVDYcqrcDy6Q
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68228
last-modified: Wed, 31 May 2023 17:33:38 GMT
server: UploadServer
etag: "497387a475c29702771e4e72e0480c5f"
vary: Accept-Encoding
x-goog-generation: 1685554418094773
x-goog-hash: crc32c=FH1YzA==, md5=SXOHpHXClwJ3Hk5y4EgMXw==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 68228
accept-ranges: bytes
content-type: application/javascript
expires: Sat, 03 Jun 2023 04:43:13 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame FEED
Redirect Chain

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=kr1Mj9LgKZWml99S7IYW6FkcU0oCq2lF

0
338 B

174ms
48ms

Image
text/plain

99.80.94.143
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=kr1Mj9LgKZWml99S7IYW6FkcU0oCq2lF
Protocol: H2
Server: 99.80.94.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-94-143.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-served-by: beacon-n014-dub-prod.krxd.net
date: Sat, 03 Jun 2023 04:08:31 GMT
cache-control: private, no-cache, no-store
x-request-time: D=33 t=1685765311
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=kr1Mj9LgKZWml99S7IYW6FkcU0oCq2lF
date: Sat, 03 Jun 2023 04:08:30 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 603657
content-length: 0

GET
H2

200

cs
s.thebrighttag.com/ Frame FEED
Redirect Chain

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=XvDi0XltbbQXMB8btAWuKalO3DtN39Wa

35 B
268 B

381ms
119ms

Image
image/gif

52.15.58.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=XvDi0XltbbQXMB8btAWuKalO3DtN39Wa
Protocol: H2
Server: 52.15.58.80 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-15-58-80.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 04:08:31 GMT
x-bt-requestid: 4d549270-01c4-11ee-955e-0000ac17014b
server: nginx
content-type: image/gif
access-control-allow-origin
p3p: CP=NOI DSP COR NID
cache-control: private, must-revalidate
content-length: 35
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=XvDi0XltbbQXMB8btAWuKalO3DtN39Wa
date: Sat, 03 Jun 2023 04:08:30 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 634122
content-length: 0

POST
H3 200 bundle Show response
rs.fullstory.com/rec/ 29 B
43 B 569ms
360ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/bundle?OrgId=11EGJ5&UserId=4619441697468416&SessionId=6031551463698432&PageId=3295950725955795691&Seq=1&PageStart=1685765310354&PrevBundleTime=0&LastActivity=539&IsNewSession=true
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 0641dcf027b338284206e5978fc91ac692babc9ae506ac93bdd352ac158ee9fe

Request headers

Referer: https://www.1mg.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.1mg.com
date: Sat, 03 Jun 2023 04:08:32 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
content-type: application/json; charset=utf-8

GET
H3 200 c9393389-6ff0-45cc-831b-015b03090c03_1685702412.jpg
onemg.gumlet.io/ 46 KB
47 KB 32ms
32ms Image
application/x-www-form-urlencoded 2600:9000:223f:7c00:d:a7d1:b5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onemg.gumlet.io/c9393389-6ff0-45cc-831b-015b03090c03_1685702412.jpg?w=1067&h=250&format=auto

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:223f:7c00:d:a7d1:b5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

6b3c74a91126e3d574d936f6f7e1c35f12990f707762abc17de482f7625091da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.1mg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-gumlet-pc: MISS
date: Fri, 02 Jun 2023 11:27:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 d4744f6f4cb683596fb4a26e59b2aba8.cloudfront.net (CloudFront)
nel: {'report_to': 'gumlet-nel', 'max_age': 604800, 'success_fraction': 0.005, 'response_headers':['content-length'] }
x-gumlet-oc: HIT
age: 60042
x-amz-cf-pop: FRA56-P5
x-gumlet-reqid: ZHnSNtr1Jy7ubzhc
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-gumlet-runtime: 0.009
alt-svc: h3=":443"; ma=86400
content-length: 47020
surrogate-key: onemg.gumlet.io 2023-06-02
etag: "2khmofxdv5vsf"
access-control-max-age: 3600
report-to: {'group': 'gumlet-nel', 'max_age': 604800, 'endpoints': [{'url': 'https://nel.gumlytics.com/report'}]}
content-type: application/x-www-form-urlencoded
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id: wY8bZiPQWnhuicc8csNAL90wjYmJEeYhOp490PkcXGAB4WBI5ozsbQ==

POST
H2 200 track Show response
rudderapi.1mg.com/v1/ 2 B
79 B 171ms
171ms XHR
text/plain 2606:4700:10::6814:d732
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rudderapi.1mg.com/v1/track
Requested by: Host: cdn.rudderlabs.com
URL: https://cdn.rudderlabs.com/v1.1/rudder-analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:d732 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://www.1mg.com/
accept-language: it-IT,it;q=0.9
Authorization: Basic MVh3MHIzaDVVa0poVGQ3aTRNeVdZeWpEUUZaOg==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
AnonymousId: ZTg2YjA5NjMtZTNkNy00ZWIxLWFhYjktMjhkMTY0YTJmY2Rm
Content-Type: application/json

Response headers

date: Sat, 03 Jun 2023 04:08:34 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.1mg.com
access-control-allow-credentials: true
cf-ray: 7d15135bddc3bab5-MXP
content-length: 2

OPTIONS
H2 200 track
rudderapi.1mg.com/v1/ Frame 0
0 142ms
142ms Preflight 2606:4700:10::6814:d732
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rudderapi.1mg.com/v1/track
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:d732 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: anonymousid,authorization,content-type
Access-Control-Request-Method: POST
Origin: https://www.1mg.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Anonymousid, Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: https://www.1mg.com
access-control-max-age: 900
cf-cache-status: DYNAMIC
cf-ray: 7d15135afd32bab5-MXP
content-length: 0
date: Sat, 03 Jun 2023 04:08:33 GMT
server: cloudflare
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST bundle
rs.fullstory.com/rec/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: rs.fullstory.com
URL: https://rs.fullstory.com/rec/bundle?OrgId=11EGJ5&UserId=4619441697468416&SessionId=6031551463698432&PageId=3295950725955795691&Seq=2&PageStart=1685765310354&PrevBundleTime=1685765312278&LastActivity=4520&IsNewSession=true

Verdicts & Comments Add Verdict or Comment

171 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

87 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.1mg.com/	1970-01-20 21:52:05	Name: VISITOR-ID Value: cc3fc313-70f8-4c92-ccf0-890f693cb554_acce55_1685765306
www.1mg.com/	1970-01-20 12:59:17	Name: city Value: New%20Delhi
www.1mg.com/	1970-01-20 21:52:05	Name: abVisitorId Value: 594580
www.1mg.com/	1970-01-20 21:52:05	Name: abExperimentShow Value: false
www.1mg.com/	1970-01-20 12:16:07	Name: amoSessionId Value: d1b60573-7591-4cc5-9ccd-4977562ad16b
www.1mg.com/	1969-12-31 23:59:59	Name: _csrf Value: A8Q9_gScRbNz3ShSPeOILIU9
www.1mg.com/	1969-12-31 23:59:59	Name: isLocaleRedirect Value: false
www.1mg.com/	1969-12-31 23:59:59	Name: isLocaleUIChange Value: false
.1mg.com/	1970-01-20 21:01:41	Name: rl_group_id Value: RudderEncrypt%3AU2FsdGVkX1%2BuZsiuOk9o%2BwWwQypucilmQk7M7Qg71nc%3D
.1mg.com/	1970-01-20 21:01:41	Name: rl_group_trait Value: RudderEncrypt%3AU2FsdGVkX1%2BQvck0OYH4Dv2yQBfuKKaEjzCxNkrVmWg%3D
.1mg.com/	1970-01-20 21:01:41	Name: rl_anonymous_id Value: RudderEncrypt%3AU2FsdGVkX1%2BVtinhRQqLJ4HiHilsPV23UsNXsv7kQ3AmkQYWZB99LLAtKtf6l2ZhfBJboY9gIykTpXSu6CRyjw%3D%3D
.1mg.com/	1970-01-20 21:01:41	Name: rl_page_init_referrer Value: RudderEncrypt%3AU2FsdGVkX1%2BWg%2FlOp8JJdkbreLo2vK6zFxVOXdDYvWw%3D
.1mg.com/	1970-01-20 21:01:41	Name: rl_page_init_referring_domain Value: RudderEncrypt%3AU2FsdGVkX1%2BpsLymNVFwN%2Bg%2BSYZoLfvAHAiCVHwiwtw%3D
.1mg.com/	1970-01-20 21:01:41	Name: rl_user_id Value: RudderEncrypt%3AU2FsdGVkX19WKkwLWZyl3d0%2BaAHefwP%2FqnpoDFu24o9pcuPQyU2%2FKTwV8%2B0U8FNuuDRlX4Z3Dl47F3Ta1nH5UqM7%2F6zoZn1A9CrUf4mdcZw%3D
.1mg.com/	1970-01-20 21:01:41	Name: rl_trait Value: RudderEncrypt%3AU2FsdGVkX181uRxbvKamNxMuFmnM2iA3mVc6SC0iPKaenW4b85sTu2zY1bKxJF5MYyWoCFv7Z17WgBIJoZFAgA%3D%3D
www.1mg.com/	1970-01-20 12:59:17	Name: geolocation Value: false
www.1mg.com/	1970-01-20 12:18:29	Name: session Value: c9mqiaXv1kU8d1P8mZzf4A.60yClxfitO11AYZwbFtG7XKkOPj47sHogE4Fnzl2A-RV864EnpFUeaSJDlKRJAZHfRYLIejQazna-by0owfuz3-CyoD1uKZC8VOf8q9HnW4EaO481yRZzP9S-lx_96gqPcLGbeo6vO9uKOMtwWIiEA.1685765307737.144000000.Q-EKJcrDnn2fMEfXwyojBRwjzoARmyYwLgDHqhiVVgI
.1mg.com/	1970-01-20 14:25:41	Name: _fbp Value: fb.1.1685765307979.1426715355
.mgid.com/	1970-01-20 12:16:07	Name: __cf_bm Value: xuVjUMkuk9_geLzrYg7LZCFT7wFUkEAdRk.67Jo_Kr8-1685765307-0-AcqzryjgGn//aMh8/tq9AQNeDdtA8z67bDDYnPvcrHVm/ee7jBqsGr3/e/aIMosPdOBwOoV0IWHrlYbDBt7EXn4=
.1mg.com/	1970-01-20 12:17:31	Name: _uetsid Value: 4b16ef1001c411eebb0965cefdc39369
.1mg.com/	1970-01-20 21:37:41	Name: _uetvid Value: 4b17a4e001c411ee94326b367f497d77
www.1mg.com/	1970-01-20 14:25:41	Name: MgidSensorNVis Value: 1
www.1mg.com/	1970-01-20 14:25:41	Name: MgidSensorHref Value: https://www.1mg.com/
.bing.com/	1970-01-20 21:37:41	Name: MUID Value: 024FC8E00A2A606622BADBC50BF86172
www.1mg.com/	1970-01-20 12:26:10	Name: AWSALBTG Value: wyPC8ZlcXSGDby7E51ylI1V/a4WuwUwdirKZtQRpSb56KOrTSzNmYj9y8gibkVAMX6DCpfuK1k8tBj80HgxS9KrjPTf3Q8FpRhuHYmWnyMY6XQebZw9DMeJE6Z7NF0qRGmFghhYFf00NNbEiDYoxs5Mnko2FNneEtLhqikhRSSjs
www.1mg.com/	1970-01-20 12:26:10	Name: AWSALBTGCORS Value: wyPC8ZlcXSGDby7E51ylI1V/a4WuwUwdirKZtQRpSb56KOrTSzNmYj9y8gibkVAMX6DCpfuK1k8tBj80HgxS9KrjPTf3Q8FpRhuHYmWnyMY6XQebZw9DMeJE6Z7NF0qRGmFghhYFf00NNbEiDYoxs5Mnko2FNneEtLhqikhRSSjs
.1mg.com/	1970-01-20 14:25:41	Name: _gcl_au Value: 1.1.1767335724.1685765308
.1mg.com/	1970-01-20 21:37:41	Name: __gads Value: ID=eba2d155ff044a48:T=1685765308:RT=1685765308:S=ALNI_MacGLez0IoEvMrYPYP6CqUHo96TLQ
.1mg.com/	1970-01-20 21:37:41	Name: __gpi Value: UID=00000c2b81e4eba6:T=1685765308:RT=1685765308:S=ALNI_MY1bPwrvRFrwV_YoTIKQM_vheQjRg
.1mg.com/	1970-01-20 21:52:05	Name: _ga_1HF6RR2VT7 Value: GS1.1.1685765308.1.0.1685765308.0.0.0
.1mg.com/	1970-01-20 21:52:05	Name: _ga_NPGHGVF7FB Value: GS1.1.1685765308.1.0.1685765308.0.0.0
.notifyvisitors.com/	1970-01-20 21:52:05	Name: nv_userdevice Value: 2001%3Aac8%3A24%3A44%3A%3A117eodb
.1mg.com/	1970-01-20 12:16:07	Name: _nv_sess Value: 173339004.1685765308.SXSCVc8WnJokmw5lMBAjWvsq5oQu9kogoe6C0XChPTcYHrj0oI
.1mg.com/	1970-01-20 21:52:05	Name: _nv_uid Value: 173339004.1685765308.9cee366f-874f-4662-ba8b-ba4d4efb764a.1685765308.1685765308.1.0
.1mg.com/	1970-01-20 16:38:53	Name: _nv_utm Value: 173339004.1685765308.1.1.dXRtc3JjPShkaXJlY3QpfHV0bWNjbj0oZGlyZWN0KXx1dG1jbWQ9KG5vbmUpfHV0bWN0cj0obm90IHNldCl8dXRtY2N0PShub3Qgc2V0KXxnY2xpZD0obm90IHNldCk=
.1mg.com/	1970-01-20 21:52:05	Name: _nv_did Value: 173339004.1685765308.2001:ac8:24:44::117eodb
.1mg.com/	1970-01-20 21:01:41	Name: singular_device_id Value: 6c30109a-2858-4e2b-996c-4329efa59d1e
.1mg.com/	1970-01-20 12:16:08	Name: AMP_TOKEN Value: %24NOT_FOUND
.1mg.com/	1970-01-20 21:52:05	Name: _ga Value: GA1.2.1070920478.1685765308
.1mg.com/	1970-01-20 12:17:31	Name: _gid Value: GA1.2.1575125256.1685765309
.1mg.com/	1970-01-20 12:16:05	Name: _dc_gtm_UA-21820217-6 Value: 1
.1mg.com/	1970-01-20 12:16:05	Name: _gat_UA-21820217-6 Value: 1
www.1mg.com/	1970-01-20 12:16:05	Name: outbrain_cid_fetch Value: true
.criteo.com/	1970-01-20 21:37:41	Name: uid Value: d6c2b1bf-31e5-4a43-88cf-032795804553
www.1mg.com/	1970-01-20 12:17:16	Name: shw_13453 Value: 1
.1mg.com/	1970-01-20 21:45:29	Name: cto_bundle Value: pZp2V19zU2tEUjdwZnNYd3p3TXNvTnVsN3ltcWJiZFdBRHhqTk9HVlRqTUVEWktvcWpkWUklMkZjM0R0bGJRUHlIS01Gek9TUUpWejlEZzN4ODMxbHNGQVclMkJsNWNZaHhvWlM4SGpEdTZ3ZDMlMkZHS1B4dGpqblg4VjB6aHUxZSUyRjNxM2NzTWdEemVxdXpCWDN0VHVjVFAwR1ZsSDQ0USUzRCUzRA
.1mg.com/	1970-01-20 16:35:17	Name: _nv_banner_x Value: 13453
.1mg.com/	1970-01-20 16:38:53	Name: _nv_hit Value: 173339004.1685765308.cHZpZXc9MXxidmlldz1bIjEzNDUzIl0=
.1mg.com/	1970-01-20 21:01:41	Name: fs_uid Value: #11EGJ5#4619441697468416:6031551463698432:::#/1717301308
.doubleclick.net/	1970-01-20 21:37:41	Name: IDE Value: AHWqTUlb5hkwF9KGFiNf8WEtp1NWj0JMV0e_2cQ1E_g9pCTBTSRHYCuIDZQLOZCB-a4
match.sharethrough.com/	1970-01-20 12:26:10	Name: AWSALBCORS Value: Oa/UbpMR4r73OyxBco/o9GY+Kzlz69TLPUsrJDq6tjWgz2/RW/Mqe9Jt1Fbpu2v1utEhFIBm83JvKfD7QpAVbHhXwrcRE14VIOfjo6qI/penIIYsoGfQw/a5uFbe
.media.net/	1970-01-20 21:01:41	Name: visitor-id Value: 3287669116091715000V10
.media.net/	1970-01-20 12:59:17	Name: data-c-ts Value: 1685765311
.media.net/	1970-01-20 12:59:17	Name: data-c Value: k-UIdxO4d9tizz_y2mJGmHNyGFIShLkdKLq8t6rA~~3
.adnxs.com/	1970-01-20 14:25:41	Name: anj Value: dTM7k!M4/rCxrEQF']wIg2InAj-ND!]tbPl@/D!9hy6]/Cv[/c?vaQ4[C]J_e8PmiS@do7pMXXig[26<LY'lvyyd1e]@`?13JQA/^e[bpRzqF1`*bfQf-:p2o
.adnxs.com/	1970-01-20 14:25:41	Name: uuid2 Value: 2584833393399912525
.bidswitch.net/	1970-01-20 21:01:41	Name: tuuid Value: 0b90890c-dea4-477e-8bd5-4d1d59e48ae4
.bidswitch.net/	1970-01-20 21:01:41	Name: c Value: 1685765311
.bidswitch.net/	1970-01-20 21:01:41	Name: tuuid_lu Value: 1685765311
.demdex.net/	1970-01-20 16:35:17	Name: demdex Value: 54103910314098206223865268868809104744
.id5-sync.com/	1970-01-20 12:16:05	Name: cf Value:
.id5-sync.com/	1970-01-20 12:16:05	Name: cip Value:
.id5-sync.com/	1970-01-20 12:16:05	Name: cnac Value:
.id5-sync.com/	1970-01-20 12:16:05	Name: car Value:
.id5-sync.com/	1970-01-20 12:16:05	Name: gdpr Value:
.id5-sync.com/	1970-01-20 12:16:05	Name: callback Value:
.yahoo.com/	1970-01-20 21:02:02	Name: A3 Value: d=AQABBL-8emQCENqqFemAv8x7Ms2f85Y-jQ0FEgEBAQEOfGSEZOe6Jm0A_eMAAA&S=AQAAAmk-1ekVqv-crvgdPECqv8A
.dpm.demdex.net/	1970-01-20 16:35:17	Name: dpm Value: 54103910314098206223865268868809104744
.analytics.yahoo.com/	1970-01-20 21:01:41	Name: IDSYNC Value: 18zh~2c04
.casalemedia.com/	1970-01-20 21:01:41	Name: CMID Value: ZHq8v8Vw4kDz86tzmDiUOwAA
.casalemedia.com/	1970-01-20 14:25:41	Name: CMPS Value: 3186
.casalemedia.com/	1970-01-20 14:25:41	Name: CMPRO Value: 3186
exchange.mediavine.com/	1970-01-20 12:36:14	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%224cfe0e00-01c4-11ee-8bdb-7f31010412bb%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 12:36:14	Name: mv_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%224cfe0e00-01c4-11ee-8bdb-7f31010412bb%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 12:36:14	Name: am_tokens Value: %7B%22mv_uuid%22%3A%224cfe0e00-01c4-11ee-8bdb-7f31010412bb%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 12:36:14	Name: am_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%224cfe0e00-01c4-11ee-8bdb-7f31010412bb%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 12:36:14	Name: criteo Value: %7B%22id%22%3A%22k-pSE9Mod9tizz_y2mJGmHNyGFIShRGNgW3a8ySQ%22%2C%22version%22%3A%22criteo%22%7D
.360yield.com/	1970-01-20 14:25:41	Name: tuuid Value: 1ecef0e4-1a92-4608-9cf8-d142103feb8a
.360yield.com/	1970-01-20 14:25:41	Name: tuuid_lu Value: 1685765311
.pubmatic.com/	1970-01-20 12:59:17	Name: KRTBCOOKIE_97 Value: 3385-uid:k-mZJsOYd9tizz_y2mJGmHNyGFISjYrBICLqCqEg&KRTB&23144-uid:k-mZJsOYd9tizz_y2mJGmHNyGFISjYrBICLqCqEg&KRTB&23286-uid:k-mZJsOYd9tizz_y2mJGmHNyGFISjYrBICLqCqEg&KRTB&23287-uid:k-mZJsOYd9tizz_y2mJGmHNyGFISjYrBICLqCqEg
.pubmatic.com/	1970-01-20 12:59:17	Name: PugT Value: 1685765310
.360yield.com/	1970-01-20 14:25:41	Name: um Value: !38,MPI878Y7zkC27ZMUdR9yR53SWWGpU1dzZ3rIldzK6wZl2q4OBL-VCyt0yEAaxm4T6SnS-nYT,1693541311
.360yield.com/	1970-01-20 14:25:41	Name: umeh Value: !38,0,1747973311,-1
.krxd.net/	1970-01-20 16:35:17	Name: _kuid_ Value: Pl63x0g0
.tremorhub.com/	1970-01-20 21:02:02	Name: tvid Value: bbf87bf1224f4a6b94e752828ba85fcf
.tremorhub.com/	1970-01-20 12:59:17	Name: tv_UICR Value: k-OV-xFod9tizz_y2mJGmHNyGFISjO2p8Va_aVGg
.1mg.com/	1970-01-20 21:01:41	Name: rl_session Value: RudderEncrypt%3AU2FsdGVkX19bXnVfvxS9%2BIelvAAcTdVzlAIT94EnczbBcRtlUbPya%2BVM4IlRlc1Q%2BlUOZ%2FCjqtr8FTbbjpAy%2BLWys%2BnQm2h1%2F0Kdrjz2KQi37NHz%2BJAYp6K7ej%2FWHxYe1vn2O9JcYb7raFi5Utj7eg%3D%3D

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://accounts.tatadigital.com/v2/tdl-sso-auth.js Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1mg.com
a.mgid.com
accounts.tatadigital.com
ad.360yield.com
ad.yieldlab.net
adservice.google.com
adservice.google.it
ajax.googleapis.com
ampcid.google.com
ampcid.google.it
amplify.outbrain.com
api.rudderlabs.com
assets.1mg.com
bat.bing.com
beacon.krxd.net
cdn.notifyvisitors.com
cdn.ravenjs.com
cdn.rudderlabs.com
cm.adform.net
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
d.adroll.com
dis.criteo.com
dpm.demdex.net
e52e961b8bb7e1421041f035d13b3981.safeframe.googlesyndication.com
eb2.3lift.com
edge.fullstory.com
exchange.mediavine.com
gum.criteo.com
ib.adnxs.com
id5-sync.com
imasdk.googleapis.com
match.sharethrough.com
matching.ivitrack.com
mug.criteo.com
onemg.gumlet.io
pagead2.googlesyndication.com
pixel.rubiconproject.com
r.casalemedia.com
region1.google-analytics.com
rs.fullstory.com
rtb-csync.smartadserver.com
rudderapi.1mg.com
s.adroll.com
s.thebrighttag.com
sdk-api-v1.singular.net
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
sslwidget.criteo.com
static.cloudflareinsights.com
static.criteo.net
stats.g.doubleclick.net
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.outbrain.com
tpc.googlesyndication.com
tr.outbrain.com
ups.analytics.yahoo.com
visitor.omnitagjs.com
web-sdk-cdn.singular.net
widget.as.criteo.com
www.1mg.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.it
www.googletagmanager.com
www.googletagservices.com
www.notifyvisitors.com
x.bidswitch.net
rs.fullstory.com
141.226.228.48
142.250.74.194
162.19.138.82
178.250.1.11
178.250.7.11
18.193.218.55
182.161.74.16
185.255.84.152
185.64.189.110
185.80.39.216
185.86.139.93
185.89.210.20
185.89.211.84
2.18.161.51
2.18.235.93
2001:4860:4802:32::36
23.215.16.120
23.32.185.60
2600:1f18:612b:4280:9c57:55f3:743f:20f9
2600:9000:214f:be00:16:a497:9700:93a1
2600:9000:2156:6200:14:81fb:1e80:93a1
2600:9000:223e:3600:1e:6c7e:cb00:93a1
2600:9000:223f:7c00:d:a7d1:b5c0:93a1
2600:9000:2251:d400:9:fddd:fc40:93a1
2600:9000:225e:a200:6:9280:1080:93a1
2606:4700:10::6814:d732
2606:4700:1::6813:864e
2606:4700::6810:3865
2620:1ec:c11::200
2a00:1450:4001:806::200a
2a00:1450:4001:808::200e
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:811::200e
2a00:1450:4001:827::2002
2a00:1450:4001:827::2003
2a00:1450:4001:828::2002
2a00:1450:4001:828::2004
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::2002
2a00:1450:4001:830::200e
2a00:1450:4001:831::2001
2a00:1450:4001:831::200a
2a00:1450:400c:c0c::9b
2a02:2638:d::2
2a02:2638:d::d
2a02:26f0:6c00::210:bb9a
2a02:26f0:780::210:ca7a
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a04:4e42::729
2a05:d018:cc3:fe04:7b12:8510:f751:9a5d
3.126.160.30
3.248.155.70
3.75.62.37
34.117.157.22
34.253.4.201
35.157.206.233
35.186.194.58
35.201.112.186
37.157.3.30
52.15.58.80
54.77.194.148
64.202.112.63
69.173.144.165
76.223.111.18
95.101.54.200
99.80.94.143
00ea35066ac2d3866e2b171191643fd38c03ec5f358237d0e89c13364641732d
029b8bb17fe0e69335f1af3f9977b36571c603b8452f160ff1cf77a4f1507801
02eee1baa62e5dfb787d85763f1b9893f082683a294b44fda6e572aeabca8392
0641dcf027b338284206e5978fc91ac692babc9ae506ac93bdd352ac158ee9fe
078d328ee62f15d109e34685630fa9b16df33ea641832b695c795abcce4c8778
079af7ed8d64ecf9be7ca6aec306824bd846dc5697e791c65d66153126e1a807
0b56dd809f978c08d4d736c90412e7d66e54aa4059d2e0b2b79f444dd734200f
0c3c264c42fd38233750081940672cc7a28dc911dff84eff35ae32abb9a92229
0caf64bbe8954fe9c2166955ec4e1842b2f0780fb0cbb76ed7d60ea0dc59dddd
0cb0a48c76b0f668105a76c39481285b24b12dadca2090687a984f7210688025
0f1996871ba77386a475fac0db6489b0241c9a839f2e3c3f631aed26006848df
13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
2022c830a028cdcffae1fd10f1b292f703d521b06d7cecb27e84068f71b1c99f
2261f01d5e3916154a5551b5abb0925d5f5a812151cd5812f20a3b9d3acb2edb
226c9a2c80c75e3c5d7d197c484adb7d63e6ea36270af348bc223be73e8cd059
229b005e2be041608b705607939624dfc0758f970a29d2c766bc53018c1d9fb4
240beaf6dceec1738d706cc5618de6f569d517fb5cd1b31f0246dafa70017667
25dfa9471f98d0d1ea20cb5df977e0730686761be54923ad884a96be5f77a545
27667b4c494fd35de941b87744d8e9821f231bc062fea44b39787293c1d7b14e
27ffcafcc00a23e92cd2ed2f18a862100cbc2e09eb7bce9e0662fb85a09ef0f4
325be98d467be29fd7b3d1c36f2e137806b171ca7d73ef3b535e198ec0bd1dc1
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3322cdd40962df77e2f84c1f17857684c17737725a8b8437a1eb0635214654e1
4608ec525138adb3319e7701f26397b7ca04d0f57775d6cd6a16d98649ef8377
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4ad5f5e1be2bfad0b36f324d134a09956a3bb0c2c6b824b20a237a1f8c96cfd2
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e7cb6579125a71df6f931ddfa56b42696875ec48835a4f11acd87774588a7a2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5891cb525908a7736408e15eeb63a027934e6c22d74b32cff4cd27e08d2ee90e
5ea7bee791b84aac39f104481bd020d861306f950a33905b3a3791f992de13b6
602358d68544ed2d54986ebd6ae716461cd6d68433e99f2e1ca63d2a284034c3
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4
65a848c817bbf71fd50b4c21dee270fd71831d419c2a3205637a129551a4a8bf
679804e244b4127b7ecd99a513b57d6a4f91866410e16da69ce02f98f534051d
6843d81056dc938b65860be3e398871fe61a5cf8e1d9d5262b2c9be5fd7de00f
6929a369a3847f998d5344e3bfefa7f8fcbd23a47854993f529599dfaa6a966c
6b3c74a91126e3d574d936f6f7e1c35f12990f707762abc17de482f7625091da
6cc2f04e17b6ecc99628aa90e8ef551cb1fb309726263e40f62ac5b74ef2958c
6dd0b723cc05be223b546111137365c88bcd7909fdba45b97695c38a0069ef7f
6ef4a7edf32bc1ed0fe0955e585c60061c55ab10b3fd0b328582d1160d292a45
6f993153efcc7420f89746666b7ad09cfa914fcd866ca4ed932ecd544b5d4016
6fbb6a98b74881cbd603dba92e6d65984529b1b91aaf54837bb32db47805742c
70b5da9ec7021d319b0feca1dd271703b35e4769a79693818f485887ee3cf014
7b7ba0249d75f288d37e5879ee8a886dd7dbf86b34433b22592d6e9368cd657b
7d4c25a7fc31f4ed93a933538aea682af4dc0e79e7df107922d9ba7c061c3220
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
865f91f404ba04e87dd6af045c0c912f587e9f042a8bfc10b74a92dd687f8868
8739cf8b30f6363b20649d753359e8a819c4afb04660555c77bfd8b88c2b9bbe
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a49ea5083c8030f058182dcd6ae7da0960e68a0d762f71e8e8375f5732fb2fb
8c2dae0d93380e1cca1ed3cb66cadab9659b6c215b2f9e1381ec5c31d5c3ab2f
91144fbcc0e3f609b021e362ec29d2a9b58f15e840f229eb99ea2c04d927882b
913d7e209b69e0165ba3c05335f9f69dc9c9ccdd3ffb69fcd659c7ac86cef79b
958205ec90ec2c96aef39cb092037e469cea821da49c4e30f738fe0ea4f47e36
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a633abf6ef85a1bf221e75979146c4c7f7a6164732a6a981180a84cf44ced8bb
a8428264582bf2a0d0b9c1bca152b20d9a44ca251514cd16da01eaa690b048b6
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
ab26e787fa89d35aced53de24ee22db847af08d248be4ae79ac5067ecb476557
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1da6e401d673ef31777dfef7b670abf1acf54608535740a9fcba713e67a542d
b390abb00c8303f368578e1c09798505b1b9fe8d9dbb8808534998a1c0c5947b
b4cd4f889e2c7dd71da12d2b0a29aa6346de2e5d8b3c882d7700d64c700f661d
b647bea7f12e0a8325f72c5c91b0cec0e3d5e190bd3ebb87b6bf95cd8dae68a1
ba1fc3f5796ff01b71a37a77a518b67037bb8c90ded800dc6ae642b9b189ff79
ba2e726dc38520a74390030be09ccce20a2b7d4df7c08a999376e70994e198a0
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355
bf4084fed3de0377f36385aca1ed62af8daa37cc4756b6a1640e874011824284
c6207e13be6c6414fd629989639b8670bb9a873c669afdcf6086e2ad3679831b
c864c9a32a3058b4f23b4bfa3ea536eb44427a0c4aa83506718b7a99272f73bd
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d1b9cb45ce0c1d9fddaf61c532b7f9375e1903cfa09f62db65d4653d0cc06877
d1f7d57c54a2f168df796106063e89d2c6dc208ceeb2fca5257ed9297ec2bf88
d36d6d3206e659da626f7f2a51fb78d2fdd8df03852bbc5c0ca4ee8fde52316d
d501083ad011d60eb9c00c0cbe55e185c040e52fc3cf83f4dc1655b449957496
d8ae99d64fb7c0abcfab535dcab09a8cd09f7034b4d64a60e7ee6bfe58c3a002
dcc6b633543bcc378409b05b180dd30d3d8104624c0948612f7ea501b103fe25
dd6e663a4005f3ac7523b608b6b0641dbcb43031f619b134432230444d5f7f5f
ddb459f341fe3717372b613db375fc1e2886da52acd6fc8eb06a4228ae60de54
df89109a4619b412c75d063662f307c519859e8f109030107a157ae1b6827714
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
ee53c344aa2dbd11917461416f67a476f818b1abd79b81533c81e3e0d57ccbe9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f51a75f2ede4c5e0457f05d60bfa39290b59348a71cdae4cc701236e6f552ad9
f7365ca49223d2539984a5871fcf08589c55e804505647f008eecec38d63097a
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f9d5b667c6b7e4e03152a7ecb28b091672b7112489fb3b7e1d95e1c76c5206ed
faade1f02ac7bd53335ec6fb3fd9ba1696c796e9a1d7362b25e7e59f33591dea
fd2c4520a3d59da0d21fbe3d009df84ff3e448c28f7c88807fc277038f7ae9ed
fdfdd1f363a794dc95d7f15141f883c59d872ca83c5a8a7b67c1794071905234

www.1mg.com Open in urlscan Pro 2606:4700:10::6814:d732 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

150 Requests

91 %HTTPS

51 %IPv6

49 Domains

74 Subdomains

67 IPs

10 Countries

2433 kBTransfer

7809 kBSize

87 Cookies

0 Outgoing links

Page URL History

Redirected requests

150 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.1mg.com Open in urlscan Pro
2606:4700:10::6814:d732 Public Scan

Screenshot
Live screenshot

Full Image

150
Requests

91 %
HTTPS

51 %
IPv6

49
Domains

74
Subdomains

67
IPs

10
Countries

2433 kB
Transfer

7809 kB
Size

87
Cookies

150 HTTP transactions
0 data transactions