URL: https://www.bluebird.com/
Submission: On March 04 via manual from CA — Scanned from CA

Summary

This website contacted 30 IPs in 2 countries across 29 domains to perform 75 HTTP transactions. The main IP is 45.60.11.91, located in United States and belongs to INCAPSULA, US. The main domain is www.bluebird.com. The Cisco Umbrella rank of the primary domain is 482245.
TLS certificate: Issued by Entrust Certification Authority - L1M on August 18th 2020. Valid for: 2 years.
This is the only time www.bluebird.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
29 45.60.11.91 19551 (INCAPSULA)
5 2600:1402:16:... 20940 (AKAMAI-ASN1)
3 52.26.90.13 16509 (AMAZON-02)
1 34.216.192.127 16509 (AMAZON-02)
2 18.205.241.19 14618 (AMAZON-AES)
1 1 54.205.17.116 14618 (AMAZON-AES)
1 52.1.244.253 14618 (AMAZON-AES)
6 104.123.233.248 16625 (AKAMAI-AS)
1 2600:9000:21d... 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
2 5 199.38.167.128 54312 (ROCKETFUEL)
1 142.251.40.194 15169 (GOOGLE)
3 54.161.40.243 14618 (AMAZON-AES)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2 142.250.176.194 15169 (GOOGLE)
1 199.38.167.129 54312 (ROCKETFUEL)
1 2 68.67.160.134 29990 (ASN-APPNEX)
1 2 173.223.56.123 16625 (AKAMAI-AS)
1 8.43.72.97 26667 (RUBICONPR...)
1 2 18.214.54.215 14618 (AMAZON-AES)
1 23.207.52.22 16625 (AKAMAI-AS)
1 18.235.211.71 14618 (AMAZON-AES)
1 1 13.225.71.91 16509 (AMAZON-02)
1 3 35.190.60.146 15169 (GOOGLE)
1 3.229.229.140 14618 (AMAZON-AES)
1 2 23.54.68.240 16625 (AKAMAI-AS)
1 2 192.35.249.120 11742 (SPOTX-IAD)
1 2600:1f18:612... 14618 (AMAZON-AES)
1 156.154.200.36 19907 (NEUSTAR-AS6)
1 52.49.5.47 16509 (AMAZON-02)
1 2 35.211.178.172 19527 (GOOGLE-2)
1 1 151.101.66.49 54113 (FASTLY)
75 30
Apex Domain
Subdomains
Transfer
31 bluebird.com
www.bluebird.com — Cisco Umbrella Rank: 482245
somni.bluebird.com — Cisco Umbrella Rank: 465086
2 MB
9 evidon.com
c.evidon.com — Cisco Umbrella Rank: 976
l.evidon.com — Cisco Umbrella Rank: 7805
33 KB
6 rfihub.com
20833175p.rfihub.com — Cisco Umbrella Rank: 737329
a.rfihub.com — Cisco Umbrella Rank: 2770
p.rfihub.com — Cisco Umbrella Rank: 631
8 KB
5 adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 515
107 KB
4 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 184
incommholdings.demdex.net — Cisco Umbrella Rank: 217922
6 KB
3 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 281
806 B
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
cm.g.doubleclick.net — Cisco Umbrella Rank: 176
2 KB
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 257
1 KB
2 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 480
1 KB
2 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 496
2 KB
2 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 899
1 KB
2 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 205
2 KB
2 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 878
sync-tm.everesttech.net — Cisco Umbrella Rank: 490
734 B
1 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 375
338 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 393
518 B
1 tremorhub.com
partners.tremorhub.com — Cisco Umbrella Rank: 940
183 B
1 addthis.com
x.dlx.addthis.com — Cisco Umbrella Rank: 980
191 B
1 rtactivate.com
bpi.rtactivate.com — Cisco Umbrella Rank: 1667
109 B
1 rezync.com
live.rezync.com — Cisco Umbrella Rank: 1633
787 B
1 serving-sys.com
bs.serving-sys.com — Cisco Umbrella Rank: 1182
105 B
1 media.net
contextual.media.net — Cisco Umbrella Rank: 469
613 B
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 289
740 B
1 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 437
672 B
1 google.ca
www.google.ca — Cisco Umbrella Rank: 8822
548 B
1 google.com
www.google.com — Cisco Umbrella Rank: 2
548 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 101
15 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 54
54 KB
1 rfihub.net
c1.rfihub.net — Cisco Umbrella Rank: 5644
6 KB
1 omtrdc.net
incommholdings.tt.omtrdc.net — Cisco Umbrella Rank: 246777
591 B
75 29
Domain Requested by
29 www.bluebird.com www.bluebird.com
6 c.evidon.com www.bluebird.com
c.evidon.com
5 assets.adobedtm.com www.bluebird.com
4 p.rfihub.com 2 redirects
3 idsync.rlcdn.com 1 redirects
3 l.evidon.com
3 dpm.demdex.net www.bluebird.com
2 x.bidswitch.net 1 redirects
2 sync.search.spotxchange.com 1 redirects
2 dsum-sec.casalemedia.com 1 redirects
2 ps.eyeota.net 1 redirects
2 ib.adnxs.com 1 redirects
2 cm.g.doubleclick.net 2 redirects
2 somni.bluebird.com www.bluebird.com
1 sync-tm.everesttech.net 1 redirects
1 beacon.krxd.net
1 aa.agkn.com
1 partners.tremorhub.com
1 x.dlx.addthis.com
1 bpi.rtactivate.com
1 live.rezync.com 1 redirects
1 bs.serving-sys.com
1 contextual.media.net
1 pixel.rubiconproject.com
1 stags.bluekai.com 1 redirects
1 a.rfihub.com
1 www.google.ca
1 www.google.com
1 googleads.g.doubleclick.net www.bluebird.com
1 www.googleadservices.com www.googletagmanager.com
1 20833175p.rfihub.com c1.rfihub.net
1 www.googletagmanager.com www.bluebird.com
1 c1.rfihub.net www.bluebird.com
1 incommholdings.tt.omtrdc.net www.bluebird.com
1 cm.everesttech.net 1 redirects
1 incommholdings.demdex.net www.bluebird.com
75 36

This site contains links to these domains. Also see Links.

Domain
secure.bluebird.com
www.moneypass.com
fscarddisclosures.com
www.americanexpress.com
Subject Issuer Validity Valid
www.bluebird.com
Entrust Certification Authority - L1M
2020-08-18 -
2022-08-18
2 years crt.sh
assets.adobedtm.com
DigiCert TLS RSA SHA256 2020 CA1
2021-09-10 -
2022-09-10
a year crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1
2021-10-19 -
2022-11-19
a year crt.sh
somni.bluebird.com
DigiCert TLS RSA SHA256 2020 CA1
2021-11-12 -
2022-11-16
a year crt.sh
*.tt.omtrdc.net
DigiCert TLS RSA SHA256 2020 CA1
2021-10-11 -
2022-10-12
a year crt.sh
*.evidon.com
DigiCert SHA2 Secure Server CA
2021-05-30 -
2022-06-08
a year crt.sh
*.rfihub.net
Amazon
2021-12-29 -
2023-01-27
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2022-02-17 -
2022-05-12
3 months crt.sh
*.rfihub.com
Sectigo RSA Domain Validation Secure Server CA
2020-06-18 -
2022-06-18
2 years crt.sh
www.googleadservices.com
GTS CA 1C3
2022-02-17 -
2022-05-12
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-02-17 -
2022-05-12
3 months crt.sh
www.google.com
GTS CA 1C3
2022-02-17 -
2022-05-12
3 months crt.sh
*.google.ca
GTS CA 1C3
2022-02-17 -
2022-05-12
3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2021-03-30 -
2022-04-04
a year crt.sh
*.media.net
DigiCert SHA2 Secure Server CA
2022-02-20 -
2023-02-22
a year crt.sh
bs.serving-sys.com
Amazon
2021-05-20 -
2022-06-18
a year crt.sh
rtactivate.com
Amazon
2021-05-13 -
2022-06-11
a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA
2022-02-03 -
2023-02-25
a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA
2022-02-26 -
2023-03-01
a year crt.sh
*.tremorhub.com
Amazon
2021-06-27 -
2022-07-26
a year crt.sh
*.agkn.com
RapidSSL RSA CA 2018
2020-07-25 -
2022-09-18
2 years crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1
2021-11-03 -
2022-11-02
a year crt.sh

This page contains 3 frames:

Primary Page: https://www.bluebird.com/
Frame ID: 1A0197FDFD3E1AAC9704CDF694D19401
Requests: 54 HTTP requests in this frame

Frame: https://incommholdings.demdex.net/dest5.html?d_nsid=0
Frame ID: D9C38E195CB5947D5645F60ED7818EAD
Requests: 1 HTTP requests in this frame

Frame: https://20833175p.rfihub.com/ca.html?ver=9&rb=44097&ca=20833175&_o=44097&_t=20833175&pe=https%3A%2F%2Fwww.bluebird.com%2F&pf=&ra=4888893084547554
Frame ID: 235A8FC1188626E8827DC626D9938274
Requests: 20 HTTP requests in this frame

Screenshot

Page Title

Welcome to Bluebird.

Detected technologies

Overall confidence: 100%
Detected patterns
  • /etc\.clientlibs/

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • c\.evidon\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • /_Incapsula_Resource

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • serving-sys\.com/

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

75
Requests

87 %
HTTPS

21 %
IPv6

29
Domains

36
Subdomains

30
IPs

2
Countries

2288 kB
Transfer

4557 kB
Size

43
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32
  • https://cm.everesttech.net/cm/dd?d_uuid=44179435795264487924074299301181289883 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YiJfbgAAAMcsBwQL
Request Chain 55
  • https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=OTc4NzU4ODc3MjYwMDcyMjg5&forward= HTTP 302
  • https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEEHdyALUdxd-n9B6X1J6q5Y&google_cver=1
Request Chain 56
  • https://ib.adnxs.com/setuid?entity=18&code=978758877260072289 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D978758877260072289
Request Chain 57
  • https://stags.bluekai.com/site/4722?id=978758877260072289&redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fbk_uuid%3D%24_BK_UUID%26forward%3D HTTP 302
  • https://p.rfihub.com/cm?bk_uuid=$_BK_UUID&forward=
Request Chain 60
  • https://p.rfihub.com/cm?pub=24472&in=1 HTTP 302
  • https://ps.eyeota.net/match?uid=978758877260072289&bid=omt9pi0 HTTP 302
  • https://ps.eyeota.net/match/bounce/?uid=978758877260072289&bid=omt9pi0
Request Chain 63
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=978758877260072289&referrer=https%3A%2F%2Fwww.bluebird.com%2F HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=0&userid=7977e572-ff49-4354-8818-740976235ede%3A1646419822.81&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D7977e572-ff49-4354-8818-740976235ede%253A1646419822.81 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=7977e572-ff49-4354-8818-740976235ede%3A1646419822.81 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEMRmpX2hviHQyrZV6SCpE8Y&google_cver=1
Request Chain 65
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=978758877260072289&forward= HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=978758877260072289&forward=&C=1
Request Chain 68
  • https://sync.search.spotxchange.com/partner?adv_id=7180&uid=978758877260072289&img=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7180&uid=978758877260072289&img=1&__user_check__=1&sync_id=f281ba1c-9beb-11ec-82ae-1b186c970103
Request Chain 72
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=978758877260072289&expires=30 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=978758877260072289&expires=30
Request Chain 73
  • https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=21653&userid=YiJfbgAAAMcsBwQL

75 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.bluebird.com/
49 KB
12 KB
Document
General
Full URL
https://www.bluebird.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.11.91 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Apache /
Resource Hash
d89812096da8766156bed9faec4dd6c232e9d7d0985c3f3f211c8f7309e8b049
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

date
Fri, 04 Mar 2022 18:50:21 GMT
content-type
text/html;charset=utf-8
server
Apache
x-dispatcher
dispatcher1eastus
x-vhost
publish
x-content-type-options
nosniff
last-modified
Thu, 03 Mar 2022 20:30:17 GMT
etag
"c1b5-5d9564427439d-gzip"
accept-ranges
bytes
vary
Accept-Encoding,User-Agent
content-encoding
gzip
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-cdn
Imperva
content-security-policy-report-only
font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: fonts.gstatic.com; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.omtrdc.net *.doubleclick.net somni.bluebird.com www.google.com *.demdex.net; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.rfihub.com *.doubleclick.net *.demdex.net; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: assets.adobedtm.com c.evidon.com *.googleadservices.com www.google.com www.googletagmanager.com *.doubleclick.net *.rfihub.net; default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: fonts.gstatic.com *.demdex.net; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com c.evidon.com fonts.gstatic.com somni.bluebird.com *.everesttech.net *.doubleclick.net l.evidon.com ; form-action 'none' data: blob: ; report-uri /csp_report
x-iinfo
13-34706087-34706088 NNNN CT(7 35 0) RT(1646419820223 0) q(0 0 0 0) r(0 0) U12
clientlib-site.min.895c763f9abfe28b7407fddc428ea614.css
www.bluebird.com/etc.clientlibs/settings/wcm/designs/bluebird/
658 B
497 B
Stylesheet
General
Full URL
https://www.bluebird.com/etc.clientlibs/settings/wcm/designs/bluebird/clientlib-site.min.895c763f9abfe28b7407fddc428ea614.css
Requested by
Host: www.bluebird.com
URL: https://www.bluebird.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.11.91 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
6d7b80bca2ba60981bb3d243135f62ad4fc3b89015b8cb9b302b2763c15518b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.bluebird.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 18:50:20 GMT
content-encoding
gzip
last-modified
Wed, 28 Jul 2021 20:17:20 GMT
x-cdn
Imperva
etag
"292-5c834ac697400-gzip"
content-security-policy-report-only
font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: fonts.gstatic.com; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.omtrdc.net *.doubleclick.net somni.bluebird.com www.google.com *.demdex.net; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.rfihub.com *.doubleclick.net *.demdex.net; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: assets.adobedtm.com c.evidon.com *.googleadservices.com www.google.com www.googletagmanager.com *.doubleclick.net *.rfihub.net; default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: fonts.gstatic.com *.demdex.net; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com c.evidon.com fonts.gstatic.com somni.bluebird.com *.everesttech.net *.doubleclick.net l.evidon.com ; form-action 'none' data: blob: ; report-uri /csp_report
content-type
text/css;charset=utf-8
x-iinfo
13-34706112-0 0CNN RT(1646419820336 0) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=10913, public
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
288
expires
Fri, 04 Mar 2022 21:52:13 GMT
clientlib-all.min.d23ebada303dd3fdbacf19f68e855188.css
www.bluebird.com/etc.clientlibs/settings/wcm/designs/bluebird/
105 KB
17 KB
Stylesheet
General
Full URL
https://www.bluebird.com/etc.clientlibs/settings/wcm/designs/bluebird/clientlib-all.min.d23ebada303dd3fdbacf19f68e855188.css
Requested by
Host: www.bluebird.com
URL: https://www.bluebird.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.11.91 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
fee0009872b289bd88fee14809b3827368340df88f5dd003569e720baf0f00f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.bluebird.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 18:50:20 GMT
content-encoding
gzip
last-modified
Thu, 03 Mar 2022 19:51:43 GMT
x-cdn
Imperva
etag
"1a578-5d955ba3471c0-gzip"
content-security-policy-report-only
font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: fonts.gstatic.com; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.omtrdc.net *.doubleclick.net somni.bluebird.com www.google.com *.demdex.net; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.rfihub.com *.doubleclick.net *.demdex.net; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: assets.adobedtm.com c.evidon.com *.googleadservices.com www.google.com www.googletagmanager.com *.doubleclick.net *.rfihub.net; default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: fonts.gstatic.com *.demdex.net; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com c.evidon.com fonts.gstatic.com somni.bluebird.com *.everesttech.net *.doubleclick.net l.evidon.com ; form-action 'none' data: blob: ; report-uri /csp_report
content-type
text/css;charset=utf-8
x-iinfo
13-34706113-34691825 2CNN RT(1646419820340 0) q(0 0 0 -1) r(0 0)
cache-control
max-age=1301, public
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
17691
expires
Fri, 04 Mar 2022 19:12:01 GMT
jquery.min.1494c0abbe501301e2ab9daecc6082a8.js
www.bluebird.com/etc.clientlibs/clientlibs/granite/
97 KB
34 KB
Script
General
Full URL
https://www.bluebird.com/etc.clientlibs/clientlibs/granite/jquery.min.1494c0abbe501301e2ab9daecc6082a8.js
Requested by
Host: www.bluebird.com
URL: https://www.bluebird.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.11.91 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
4517fb4ac7884717810f9700620cbfd41926e6792af6dbbcb73ce6d6fa57b149
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.bluebird.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 18:50:20 GMT
content-encoding
gzip
last-modified
Thu, 27 Aug 2020 17:33:14 GMT
x-cdn
Imperva
etag
"1878d-5addf54b4ca80-gzip"
content-security-policy-report-only
font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: fonts.gstatic.com; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.omtrdc.net *.doubleclick.net somni.bluebird.com www.google.com *.demdex.net; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.rfihub.com *.doubleclick.net *.demdex.net; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: assets.adobedtm.com c.evidon.com *.googleadservices.com www.google.com www.googletagmanager.com *.doubleclick.net *.rfihub.net; default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: fonts.gstatic.com *.demdex.net; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com c.evidon.com fonts.gstatic.com somni.bluebird.com *.everesttech.net *.doubleclick.net l.evidon.com ; form-action 'none' data: blob: ; report-uri /csp_report
content-type
application/javascript;charset=utf-8
x-iinfo
13-34706114-0 0CNN RT(1646419820345 0) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=10595, public
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
34843
expires
Fri, 04 Mar 2022 21:46:55 GMT
utils.min.4a192b590a2c2926fb000264370c0588.js
www.bluebird.com/etc.clientlibs/clientlibs/granite/
8 KB
3 KB
Script
General
Full URL
https://www.bluebird.com/etc.clientlibs/clientlibs/granite/utils.min.4a192b590a2c2926fb000264370c0588.js
Requested by
Host: www.bluebird.com
URL: https://www.bluebird.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.11.91 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
576386593b2bbd48089be66dc0922e269541903b1f0fab7fe1a5c94d7fe65385
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.bluebird.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 18:50:20 GMT
content-encoding
gzip
last-modified
Thu, 27 Aug 2020 17:33:14 GMT
x-cdn
Imperva
etag
"1fb6-5addf54b4ca80-gzip"
content-security-policy-report-only
font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: fonts.gstatic.com; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.omtrdc.net *.doubleclick.net somni.bluebird.com www.google.com *.demdex.net; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.rfihub.com *.doubleclick.net *.demdex.net; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: assets.adobedtm.com c.evidon.com *.googleadservices.com www.google.com www.googletagmanager.com *.doubleclick.net *.rfihub.net; default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: fonts.gstatic.com *.demdex.net; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com c.evidon.com fonts.gstatic.com somni.bluebird.com *.everesttech.net *.doubleclick.net l.evidon.com ; form-action 'none' data: blob: ; report-uri /csp_report
content-type
application/javascript;charset=utf-8
x-iinfo
13-34706115-0 0CNN RT(1646419820353 0) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=10595, public
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
3336
expires
Fri, 04 Mar 2022 21:46:55 GMT
granite.min.543d214c88dfa6f4a3233b630c82d875.js
www.bluebird.com/etc.clientlibs/clientlibs/granite/jquery/
4 KB
2 KB
Script
General
Full URL
https://www.bluebird.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.543d214c88dfa6f4a3233b630c82d875.js
Requested by
Host: www.bluebird.com
URL: https://www.bluebird.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.11.91 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
0e530589d7991486162f45145785c9968c934c1cbe2c86bb10a993b8bbdd2565
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.bluebird.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 18:50:20 GMT
content-encoding
gzip
last-modified
Fri, 11 Oct 2019 07:25:58 GMT
x-cdn
Imperva
etag
"e61-5949d6de42d80-gzip"
content-security-policy-report-only
font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: fonts.gstatic.com; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.omtrdc.net *.doubleclick.net somni.bluebird.com www.google.com *.demdex.net; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.rfihub.com *.doubleclick.net *.demdex.net; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: assets.adobedtm.com c.evidon.com *.googleadservices.com www.google.com www.googletagmanager.com *.doubleclick.net *.rfihub.net; default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: fonts.gstatic.com *.demdex.net; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com c.evidon.com fonts.gstatic.com somni.bluebird.com *.everesttech.net *.doubleclick.net l.evidon.com ; form-action 'none' data: blob: ; report-uri /csp_report
content-type
application/javascript;charset=utf-8
x-iinfo
13-34706116-0 0CNN RT(1646419820364 0) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=10595, public
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
1614
expires
Fri, 04 Mar 2022 21:46:55 GMT
jquery.min.dd9b395c741ce2784096e26619e14910.js
www.bluebird.com/etc.clientlibs/foundation/clientlibs/
16 B
159 B
Script
General
Full URL
https://www.bluebird.com/etc.clientlibs/foundation/clientlibs/jquery.min.dd9b395c741ce2784096e26619e14910.js
Requested by
Host: www.bluebird.com
URL: https://www.bluebird.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.11.91 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
c084b47104c493fb377b6d35d8c08df67d773f6dcf8294c0a7360710cd8cacbd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.bluebird.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 18:50:20 GMT
content-encoding
gzip
last-modified
Wed, 10 Mar 2021 08:30:03 GMT
x-cdn
Imperva
etag
"10-5bd2a792fb8c0"
content-security-policy-report-only
font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: fonts.gstatic.com; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.omtrdc.net *.doubleclick.net somni.bluebird.com www.google.com *.demdex.net; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.rfihub.com *.doubleclick.net *.demdex.net; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: assets.adobedtm.com c.evidon.com *.googleadservices.com www.google.com www.googletagmanager.com *.doubleclick.net *.rfihub.net; default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: fonts.gstatic.com *.demdex.net; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com c.evidon.com fonts.gstatic.com somni.bluebird.com *.everesttech.net *.doubleclick.net l.evidon.com ; form-action 'none' data: blob: ; report-uri /csp_report
content-type
application/javascript;charset=utf-8
x-iinfo
13-34706117-0 0CNN RT(1646419820368 0) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=10595, public
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
36
expires
Fri, 04 Mar 2022 21:46:55 GMT
shared.min.9f3716b2c473fd53ab31b1caa53131a8.js
www.bluebird.com/etc.clientlibs/foundation/clientlibs/
19 KB
6 KB
Script
General
Full URL
https://www.bluebird.com/etc.clientlibs/foundation/clientlibs/shared.min.9f3716b2c473fd53ab31b1caa53131a8.js
Requested by
Host: www.bluebird.com
URL: https://www.bluebird.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.11.91 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
60fe0feb595bd69ba31ffad3016ab21c8bb911cc1643f9ec95e9cb3f64ae7bb6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.bluebird.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 18:50:20 GMT
content-encoding
gzip
last-modified
Wed, 10 Mar 2021 08:30:03 GMT
x-cdn
Imperva
etag
"4e0a-5bd2a792fb8c0-gzip"
content-security-policy-report-only
font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: fonts.gstatic.com; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.omtrdc.net *.doubleclick.net somni.bluebird.com www.google.com *.demdex.net; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.rfihub.com *.doubleclick.net *.demdex.net; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: assets.adobedtm.com c.evidon.com *.googleadservices.com www.google.com www.googletagmanager.com *.doubleclick.net *.rfihub.net; default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: fonts.gstatic.com *.demdex.net; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com c.evidon.com fonts.gstatic.com somni.bluebird.com *.everesttech.net *.doubleclick.net l.evidon.com ; form-action 'none' data: blob: ; report-uri /csp_report
content-type
application/javascript;charset=utf-8
x-iinfo
13-34706119-0 0CNN RT(1646419820383 0) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=10595, public
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
6125
expires
Fri, 04 Mar 2022 21:46:55 GMT
launch-44ba98fb83ed.min.js
assets.adobedtm.com/749c35e733e5/8fa4f1f1a52e/
319 KB
91 KB
Script
General
Full URL
https://assets.adobedtm.com/749c35e733e5/8fa4f1f1a52e/launch-44ba98fb83ed.min.js
Requested by
Host: www.bluebird.com
URL: https://www.bluebird.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1402:16:598::1e80 Atlanta, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
24fe066681c619537657a05b3de8c3bf39c8e74afb5a0b8ea562c5a8e7d23787

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.bluebird.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 18:50:21 GMT
content-encoding
gzip
last-modified
Tue, 23 Nov 2021 20:17:14 GMT
server
AkamaiNetStorage
etag
"daf65f3dc895d415f6f5dcc1fa9da954:1637698634.979092"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.bluebird.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
92577
expires
Fri, 04 Mar 2022 19:50:21 GMT
clientlib-all.min.399df5437b97d37e45bf5bc4ce30a636.js
www.bluebird.com/etc.clientlibs/settings/wcm/designs/bluebird/
1 MB
318 KB
Script
General
Full URL
https://www.bluebird.com/etc.clientlibs/settings/wcm/designs/bluebird/clientlib-all.min.399df5437b97d37e45bf5bc4ce30a636.js
Requested by
Host: www.bluebird.com
URL: https://www.bluebird.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.11.91 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
0b17784678c720b3469366773b24d6915bea21239a08ef4b3c37ac40ef2f13b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.bluebird.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 18:50:20 GMT
content-encoding
gzip
last-modified
Thu, 03 Mar 2022 19:51:43 GMT
x-cdn
Imperva
etag
"124905-5d955ba3471c0-gzip"
content-security-policy-report-only
font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: fonts.gstatic.com; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.omtrdc.net *.doubleclick.net somni.bluebird.com www.google.com *.demdex.net; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.rfihub.com *.doubleclick.net *.demdex.net; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: assets.adobedtm.com c.evidon.com *.googleadservices.com www.google.com www.googletagmanager.com *.doubleclick.net *.rfihub.net; default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: fonts.gstatic.com *.demdex.net; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com c.evidon.com fonts.gstatic.com somni.bluebird.com *.everesttech.net *.doubleclick.net l.evidon.com ; form-action 'none' data: blob: ; report-uri /csp_report
content-type
application/javascript;charset=utf-8
x-iinfo
13-34706122-34691351 2CNN RT(1646419820395 0) q(0 0 0 -1) r(0 0)
cache-control
max-age=1750, public
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
322970
expires
Fri, 04 Mar 2022 19:19:30 GMT
_Incapsula_Resource
www.bluebird.com/
138 KB
20 KB
Script
General
Full URL
https://www.bluebird.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=1837324709
Requested by
Host: www.bluebird.com
URL: https://www.bluebird.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.11.91 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
f038f334c87fb2f7c037baa3debc3d8241a7e1bf599ab315fd7953034d0175ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.bluebird.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
cache-control
no-cache, no-store
x-robots-tag
noindex
content-length
19947
content-security-policy-report-only
font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: fonts.gstatic.com; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.omtrdc.net *.doubleclick.net somni.bluebird.com www.google.com *.demdex.net; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.rfihub.com *.doubleclick.net *.demdex.net; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: assets.adobedtm.com c.evidon.com *.googleadservices.com www.google.com www.googletagmanager.com *.doubleclick.net *.rfihub.net; default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: fonts.gstatic.com *.demdex.net; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com c.evidon.com fonts.gstatic.com somni.bluebird.com *.everesttech.net *.doubleclick.net l.evidon.com ; form-action 'none' data: blob: ; report-uri /csp_report
content-type
application/javascript
token.json
www.bluebird.com/libs/granite/csrf/
2 B
1 KB
XHR
General
Full URL
https://www.bluebird.com/libs/granite/csrf/token.json
Requested by
Host: www.bluebird.com
URL: https://www.bluebird.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.543d214c88dfa6f4a3233b630c82d875.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.11.91 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Apache /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.bluebird.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-dispatcher
dispatcher1eastus
date
Fri, 04 Mar 2022 18:50:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
Apache
x-vhost
publish
x-frame-options
SAMEORIGIN
content-type
application/json;charset=iso-8859-1
x-iinfo
13-34706125-34706088 PNYN RT(1646419820407 0) q(0 0 0 -1) r(0 0) U2
vary
User-Agent
cache-control
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy-report-only
font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: fonts.gstatic.com; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.omtrdc.net *.doubleclick.net somni.bluebird.com www.google.com *.demdex.net; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.rfihub.com *.doubleclick.net *.demdex.net; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: assets.adobedtm.com c.evidon.com *.googleadservices.com www.google.com www.googletagmanager.com *.doubleclick.net *.rfihub.net; default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: fonts.gstatic.com *.demdex.net; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com c.evidon.com fonts.gstatic.com somni.bluebird.com *.everesttech.net *.doubleclick.net l.evidon.com ; form-action 'none' data: blob: ; report-uri /csp_report
x-cdn
Imperva
expires
-1
Poppins-Regular.ttf
www.bluebird.com/etc.clientlibs/settings/wcm/designs/bluebird/clientlib-all/resources/fonts/
142 KB
66 KB
Font
General
Full URL
https://www.bluebird.com/etc.clientlibs/settings/wcm/designs/bluebird/clientlib-all/resources/fonts/Poppins-Regular.ttf
Requested by
Host: www.bluebird.com
URL: https://www.bluebird.com/etc.clientlibs/settings/wcm/designs/bluebird/clientlib-all.min.d23ebada303dd3fdbacf19f68e855188.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.11.91 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
2425ebbc021bfdd18fe55edbeeb1539d22a217212c14430a7d4d75266a333bbc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.bluebird.com/etc.clientlibs/settings/wcm/designs/bluebird/clientlib-all.min.d23ebada303dd3fdbacf19f68e855188.css
Origin
https://www.bluebird.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 18:50:20 GMT
content-encoding
gzip
last-modified
Wed, 28 Jul 2021 17:26:55 GMT
x-cdn
Imperva
etag
"237a0-5c8324af455c0-gzip"
content-security-policy-report-only
font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: fonts.gstatic.com; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.omtrdc.net *.doubleclick.net somni.bluebird.com www.google.com *.demdex.net; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.rfihub.com *.doubleclick.net *.demdex.net; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: assets.adobedtm.com c.evidon.com *.googleadservices.com www.google.com www.googletagmanager.com *.doubleclick.net *.rfihub.net; default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: fonts.gstatic.com *.demdex.net; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com c.evidon.com fonts.gstatic.com somni.bluebird.com *.everesttech.net *.doubleclick.net l.evidon.com ; form-action 'none' data: blob: ; report-uri /csp_report
content-type
application/x-font-ttf
x-iinfo
13-34706129-0 0CNN RT(1646419820421 0) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=57871, public
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
67118
expires
Sat, 05 Mar 2022 10:54:51 GMT
Banner-Photography-Coffee.jpg
www.bluebird.com/content/dam/bluebird/bluebird-photos/
207 KB
207 KB
Image
General
Full URL
https://www.bluebird.com/content/dam/bluebird/bluebird-photos/Banner-Photography-Coffee.jpg
Requested by
Host: www.bluebird.com
URL: https://www.bluebird.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.11.91 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
9307994c78cedf8b857b83d030cb6e1758832b1d988736195323073498430bc4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.bluebird.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 18:50:20 GMT
last-modified
Tue, 08 Sep 2020 13:51:31 GMT
x-cdn
Imperva
etag
"34953-5aecda1e19ec0"
content-security-policy-report-only
font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: fonts.gstatic.com; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.omtrdc.net *.doubleclick.net somni.bluebird.com www.google.com *.demdex.net; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.rfihub.com *.doubleclick.net *.demdex.net; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: assets.adobedtm.com c.evidon.com *.googleadservices.com www.google.com www.googletagmanager.com *.doubleclick.net *.rfihub.net; default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: fonts.gstatic.com *.demdex.net; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com c.evidon.com fonts.gstatic.com somni.bluebird.com *.everesttech.net *.doubleclick.net l.evidon.com ; form-action 'none' data: blob: ; report-uri /csp_report
content-type
image/jpeg
x-iinfo
13-34706161-0 0CNN RT(1646419820682 0) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=59937, public
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
211767
expires
Sat, 05 Mar 2022 11:29:17 GMT
pattern-left.svg
www.bluebird.com/etc.clientlibs/settings/wcm/designs/bluebird/clientlib-all/resources/images/
2 KB
879 B
Image
General
Full URL
https://www.bluebird.com/etc.clientlibs/settings/wcm/designs/bluebird/clientlib-all/resources/images/pattern-left.svg
Requested by
Host: www.bluebird.com
URL: https://www.bluebird.com/etc.clientlibs/settings/wcm/designs/bluebird/clientlib-all.min.d23ebada303dd3fdbacf19f68e855188.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.11.91 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
197d04953fd2325747e545315854791dea69f3998277ca80f8a45f0fe7171482
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.bluebird.com/etc.clientlibs/settings/wcm/designs/bluebird/clientlib-all.min.d23ebada303dd3fdbacf19f68e855188.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 18:50:20 GMT
content-encoding
gzip
last-modified
Wed, 28 Jul 2021 20:17:20 GMT
x-cdn
Imperva
etag
"65d-5c834ac697400-gzip"
content-security-policy-report-only
font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: fonts.gstatic.com; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.omtrdc.net *.doubleclick.net somni.bluebird.com www.google.com *.demdex.net; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.rfihub.com *.doubleclick.net *.demdex.net; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: assets.adobedtm.com c.evidon.com *.googleadservices.com www.google.com www.googletagmanager.com *.doubleclick.net *.rfihub.net; default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: fonts.gstatic.com *.demdex.net; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com c.evidon.com fonts.gstatic.com somni.bluebird.com *.everesttech.net *.doubleclick.net l.evidon.com ; form-action 'none' data: blob: ; report-uri /csp_report
content-type
image/svg+xml
x-iinfo
13-34706163-0 0CNN RT(1646419820686 0) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=65811, public
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
698
expires
Sat, 05 Mar 2022 13:07:11 GMT
pattern-right.svg
www.bluebird.com/etc.clientlibs/settings/wcm/designs/bluebird/clientlib-all/resources/images/
2 KB
812 B
Image
General
Full URL
https://www.bluebird.com/etc.clientlibs/settings/wcm/designs/bluebird/clientlib-all/resources/images/pattern-right.svg
Requested by
Host: www.bluebird.com
URL: https://www.bluebird.com/etc.clientlibs/settings/wcm/designs/bluebird/clientlib-all.min.d23ebada303dd3fdbacf19f68e855188.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.11.91 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
a5f88443967a45725a70985016ef684c6cf098761d23517ec7b5cf5ffb85272e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.bluebird.com/etc.clientlibs/settings/wcm/designs/bluebird/clientlib-all.min.d23ebada303dd3fdbacf19f68e855188.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 18:50:20 GMT
content-encoding
gzip
last-modified
Wed, 28 Jul 2021 20:17:20 GMT
x-cdn
Imperva
etag
"6b5-5c834ac697400-gzip"
content-security-policy-report-only
font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: fonts.gstatic.com; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.omtrdc.net *.doubleclick.net somni.bluebird.com www.google.com *.demdex.net; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.rfihub.com *.doubleclick.net *.demdex.net; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: assets.adobedtm.com c.evidon.com *.googleadservices.com www.google.com www.googletagmanager.com *.doubleclick.net *.rfihub.net; default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: fonts.gstatic.com *.demdex.net; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com c.evidon.com fonts.gstatic.com somni.bluebird.com *.everesttech.net *.doubleclick.net l.evidon.com ; form-action 'none' data: blob: ; report-uri /csp_report
content-type
image/svg+xml
x-iinfo
13-34706165-0 0CNN RT(1646419820691 0) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=59937, public
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
707
expires
Sat, 05 Mar 2022 11:29:17 GMT
Bluebird_AMEX_Marketing_Image_Master_PERM_NO_BG_1012x589-homepage.png
www.bluebird.com/content/dam/bluebird/bluebird-cards/
384 KB
385 KB
Image
General
Full URL
https://www.bluebird.com/content/dam/bluebird/bluebird-cards/Bluebird_AMEX_Marketing_Image_Master_PERM_NO_BG_1012x589-homepage.png
Requested by
Host: www.bluebird.com
URL: https://www.bluebird.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.11.91 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
a7e210ff20bed0b341a145e45dd24d4d1d7bfb0903c90881d42b66fd75e89edd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.bluebird.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 18:50:20 GMT
last-modified
Wed, 09 Sep 2020 22:41:05 GMT
x-cdn
Imperva
etag
"6017e-5aee92599c240"
content-security-policy-report-only
font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: fonts.gstatic.com; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.omtrdc.net *.doubleclick.net somni.bluebird.com www.google.com *.demdex.net; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.rfihub.com *.doubleclick.net *.demdex.net; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: assets.adobedtm.com c.evidon.com *.googleadservices.com www.google.com www.googletagmanager.com *.doubleclick.net *.rfihub.net; default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: fonts.gstatic.com *.demdex.net; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com c.evidon.com fonts.gstatic.com somni.bluebird.com *.everesttech.net *.doubleclick.net l.evidon.com ; form-action 'none' data: blob: ; report-uri /csp_report
content-type
image/png
x-iinfo
13-34706166-0 0CNN RT(1646419820693 0) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=66318, public
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
393598
expires
Sat, 05 Mar 2022 13:15:38 GMT
Bluebird_META_Marketing_Image_Master_PERM_NO_BG_1012x589-homepage.png
www.bluebird.com/content/dam/bluebird/bluebird-cards/
729 KB
730 KB
Image
General
Full URL
https://www.bluebird.com/content/dam/bluebird/bluebird-cards/Bluebird_META_Marketing_Image_Master_PERM_NO_BG_1012x589-homepage.png
Requested by
Host: www.bluebird.com
URL: https://www.bluebird.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.11.91 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e3676ab583c7a37261190e0c1ac44a0c6467eebd13f6d86c23587933ff9ba00b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.bluebird.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 18:50:20 GMT
last-modified
Wed, 09 Sep 2020 22:41:06 GMT
x-cdn
Imperva
etag
"b64fc-5aee925a90480"
content-security-policy-report-only
font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: fonts.gstatic.com; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.omtrdc.net *.doubleclick.net somni.bluebird.com www.google.com *.demdex.net; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.rfihub.com *.doubleclick.net *.demdex.net; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: assets.adobedtm.com c.evidon.com *.googleadservices.com www.google.com www.googletagmanager.com *.doubleclick.net *.rfihub.net; default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: fonts.gstatic.com *.demdex.net; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com c.evidon.com fonts.gstatic.com somni.bluebird.com *.everesttech.net *.doubleclick.net l.evidon.com ; form-action 'none' data: blob: ; report-uri /csp_report
content-type
image/png
x-iinfo
13-34706167-0 0CNN RT(1646419820694 0) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=66505, public
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
746748
expires
Sat, 05 Mar 2022 13:18:45 GMT
Poppins-SemiBold.ttf
www.bluebird.com/etc.clientlibs/settings/wcm/designs/bluebird/clientlib-all/resources/fonts/
139 KB
65 KB
Font
General
Full URL
https://www.bluebird.com/etc.clientlibs/settings/wcm/designs/bluebird/clientlib-all/resources/fonts/Poppins-SemiBold.ttf
Requested by
Host: www.bluebird.com
URL: https://www.bluebird.com/etc.clientlibs/settings/wcm/designs/bluebird/clientlib-all.min.d23ebada303dd3fdbacf19f68e855188.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.11.91 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
1d665d5b75a9500040b2cc201c2b07af5faca7228372dc6f4572d2d5b2291097
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.bluebird.com/etc.clientlibs/settings/wcm/designs/bluebird/clientlib-all.min.d23ebada303dd3fdbacf19f68e855188.css
Origin
https://www.bluebird.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 18:50:20 GMT
content-encoding
gzip
last-modified
Wed, 28 Jul 2021 17:26:55 GMT
x-cdn
Imperva
etag
"22b44-5c8324af455c0-gzip"
content-security-policy-report-only
font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: fonts.gstatic.com; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.omtrdc.net *.doubleclick.net somni.bluebird.com www.google.com *.demdex.net; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.rfihub.com *.doubleclick.net *.demdex.net; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: assets.adobedtm.com c.evidon.com *.googleadservices.com www.google.com www.googletagmanager.com *.doubleclick.net *.rfihub.net; default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: fonts.gstatic.com *.demdex.net; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com c.evidon.com fonts.gstatic.com somni.bluebird.com *.everesttech.net *.doubleclick.net l.evidon.com ; form-action 'none' data: blob: ; report-uri /csp_report
content-type
application/x-font-ttf
x-iinfo
13-34706169-0 0CNN RT(1646419820697 0) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=58995, public
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
66531
expires
Sat, 05 Mar 2022 11:13:35 GMT
Poppins-Medium.ttf
www.bluebird.com/etc.clientlibs/settings/wcm/designs/bluebird/clientlib-all/resources/fonts/
140 KB
66 KB
Font
General
Full URL
https://www.bluebird.com/etc.clientlibs/settings/wcm/designs/bluebird/clientlib-all/resources/fonts/Poppins-Medium.ttf
Requested by
Host: www.bluebird.com
URL: https://www.bluebird.com/etc.clientlibs/settings/wcm/designs/bluebird/clientlib-all.min.d23ebada303dd3fdbacf19f68e855188.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.11.91 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
45870260a29fa7d3e0eff8cdd91993fb4a9ce4cced3d7b72c3ef7d24380bfc2d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.bluebird.com/etc.clientlibs/settings/wcm/designs/bluebird/clientlib-all.min.d23ebada303dd3fdbacf19f68e855188.css
Origin
https://www.bluebird.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 18:50:20 GMT
content-encoding
gzip
last-modified
Wed, 28 Jul 2021 17:26:55 GMT
x-cdn
Imperva
etag
"2309c-5c8324af455c0-gzip"
content-security-policy-report-only
font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: fonts.gstatic.com; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.omtrdc.net *.doubleclick.net somni.bluebird.com www.google.com *.demdex.net; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.rfihub.com *.doubleclick.net *.demdex.net; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: assets.adobedtm.com c.evidon.com *.googleadservices.com www.google.com www.googletagmanager.com *.doubleclick.net *.rfihub.net; default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: fonts.gstatic.com *.demdex.net; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com c.evidon.com fonts.gstatic.com somni.bluebird.com *.everesttech.net *.doubleclick.net l.evidon.com ; form-action 'none' data: blob: ; report-uri /csp_report
content-type
application/x-font-ttf
x-iinfo
13-34706172-0 0CNN RT(1646419820701 0) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=58995, public
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
67061
expires
Sat, 05 Mar 2022 11:13:35 GMT
Oscine-Bold.ttf
www.bluebird.com/etc.clientlibs/settings/wcm/designs/bluebird/clientlib-all/resources/fonts/
120 KB
44 KB
Font
General
Full URL
https://www.bluebird.com/etc.clientlibs/settings/wcm/designs/bluebird/clientlib-all/resources/fonts/Oscine-Bold.ttf
Requested by
Host: www.bluebird.com
URL: https://www.bluebird.com/etc.clientlibs/settings/wcm/designs/bluebird/clientlib-all.min.d23ebada303dd3fdbacf19f68e855188.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.11.91 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
f8771a5e6e5beec4a91dad89b1454d2fb107bdbeb201d7cf9be56fad814147e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.bluebird.com/etc.clientlibs/settings/wcm/designs/bluebird/clientlib-all.min.d23ebada303dd3fdbacf19f68e855188.css
Origin
https://www.bluebird.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 18:50:20 GMT
content-encoding
gzip
last-modified
Wed, 28 Jul 2021 17:26:55 GMT
x-cdn
Imperva
etag
"1e1b0-5c8324af455c0-gzip"
content-security-policy-report-only
font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: fonts.gstatic.com; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.omtrdc.net *.doubleclick.net somni.bluebird.com www.google.com *.demdex.net; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.rfihub.com *.doubleclick.net *.demdex.net; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: assets.adobedtm.com c.evidon.com *.googleadservices.com www.google.com www.googletagmanager.com *.doubleclick.net *.rfihub.net; default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: fonts.gstatic.com *.demdex.net; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com c.evidon.com fonts.gstatic.com somni.bluebird.com *.everesttech.net *.doubleclick.net l.evidon.com ; form-action 'none' data: blob: ; report-uri /csp_report
content-type
application/x-font-ttf
x-iinfo
13-34706174-0 0CNN RT(1646419820705 0) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=58995, public
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
44511
expires
Sat, 05 Mar 2022 11:13:35 GMT
Poppins-Bold.ttf
www.bluebird.com/etc.clientlibs/settings/wcm/designs/bluebird/clientlib-all/resources/fonts/
138 KB
65 KB
Font
General
Full URL
https://www.bluebird.com/etc.clientlibs/settings/wcm/designs/bluebird/clientlib-all/resources/fonts/Poppins-Bold.ttf
Requested by
Host: www.bluebird.com
URL: https://www.bluebird.com/etc.clientlibs/settings/wcm/designs/bluebird/clientlib-all.min.d23ebada303dd3fdbacf19f68e855188.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.11.91 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
210933fb1bb4e846d37ef00c92cae636ac35633132cf2157c7ac879f27f82068
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.bluebird.com/etc.clientlibs/settings/wcm/designs/bluebird/clientlib-all.min.d23ebada303dd3fdbacf19f68e855188.css
Origin
https://www.bluebird.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 18:50:20 GMT
content-encoding
gzip
last-modified
Wed, 28 Jul 2021 20:17:20 GMT
x-cdn
Imperva
etag
"227cc-5c834ac697400-gzip"
content-security-policy-report-only
font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: fonts.gstatic.com; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.omtrdc.net *.doubleclick.net somni.bluebird.com www.google.com *.demdex.net; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.rfihub.com *.doubleclick.net *.demdex.net; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: assets.adobedtm.com c.evidon.com *.googleadservices.com www.google.com www.googletagmanager.com *.doubleclick.net *.rfihub.net; default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: fonts.gstatic.com *.demdex.net; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com c.evidon.com fonts.gstatic.com somni.bluebird.com *.everesttech.net *.doubleclick.net l.evidon.com ; form-action 'none' data: blob: ; report-uri /csp_report
content-type
application/x-font-ttf
x-iinfo
13-34706176-0 0CNN RT(1646419820708 0) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=4898, public
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
66576
expires
Fri, 04 Mar 2022 20:11:58 GMT
bb-logo-white.svg
www.bluebird.com/content/dam/bluebird/
3 KB
2 KB
Image
General
Full URL
https://www.bluebird.com/content/dam/bluebird/bb-logo-white.svg
Requested by
Host: www.bluebird.com
URL: https://www.bluebird.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.11.91 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
d703436e292bd3b76cb23af3376fbb07a8735e0e33deb5a8c949ca263ebda211
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.bluebird.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 18:50:20 GMT
content-encoding
gzip
last-modified
Mon, 21 Sep 2020 13:38:23 GMT
x-cdn
Imperva
etag
"d91-5afd2f6d991c0-gzip"
content-security-policy-report-only
font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: fonts.gstatic.com; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.omtrdc.net *.doubleclick.net somni.bluebird.com www.google.com *.demdex.net; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.rfihub.com *.doubleclick.net *.demdex.net; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: assets.adobedtm.com c.evidon.com *.googleadservices.com www.google.com www.googletagmanager.com *.doubleclick.net *.rfihub.net; default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: fonts.gstatic.com *.demdex.net; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com c.evidon.com fonts.gstatic.com somni.bluebird.com *.everesttech.net *.doubleclick.net l.evidon.com ; form-action 'none' data: blob: ; report-uri /csp_report
content-type
image/svg+xml
x-iinfo
13-34706178-0 0CNN RT(1646419820717 0) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=65850, public
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
1484
expires
Sat, 05 Mar 2022 13:07:50 GMT
ATM.png
www.bluebird.com/content/dam/bluebird/bluebird-icons/
688 B
2 KB
Image
General
Full URL
https://www.bluebird.com/content/dam/bluebird/bluebird-icons/ATM.png
Requested by
Host: www.bluebird.com
URL: https://www.bluebird.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.11.91 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
dc0005064c5161c225c1a58b9d812e3b3450eb7a93e4d67a939a5d2479c98890
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.bluebird.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 18:50:20 GMT
last-modified
Tue, 08 Sep 2020 13:52:37 GMT
x-cdn
Imperva
etag
"858-5aecda5d0b340"
content-security-policy-report-only
font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: fonts.gstatic.com; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.omtrdc.net *.doubleclick.net somni.bluebird.com www.google.com *.demdex.net; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.rfihub.com *.doubleclick.net *.demdex.net; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: assets.adobedtm.com c.evidon.com *.googleadservices.com www.google.com www.googletagmanager.com *.doubleclick.net *.rfihub.net; default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: fonts.gstatic.com *.demdex.net; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com c.evidon.com fonts.gstatic.com somni.bluebird.com *.everesttech.net *.doubleclick.net l.evidon.com ; form-action 'none' data: blob: ; report-uri /csp_report
content-type
image/png
x-iinfo
13-34706181-0 0CNN RT(1646419820721 0) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=60100, public
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
688
expires
Sat, 05 Mar 2022 11:32:00 GMT
MONEY.png
www.bluebird.com/content/dam/bluebird/bluebird-icons/
903 B
1 KB
Image
General
Full URL
https://www.bluebird.com/content/dam/bluebird/bluebird-icons/MONEY.png
Requested by
Host: www.bluebird.com
URL: https://www.bluebird.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.11.91 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
9ec983f52f0d22e346206762876224aa513562fc7241e799a744772f9620f79a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.bluebird.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 18:50:20 GMT
last-modified
Tue, 08 Sep 2020 13:52:06 GMT
x-cdn
Imperva
etag
"9f7-5aecda3f7ad80"
content-security-policy-report-only
font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: fonts.gstatic.com; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.omtrdc.net *.doubleclick.net somni.bluebird.com www.google.com *.demdex.net; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.rfihub.com *.doubleclick.net *.demdex.net; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: assets.adobedtm.com c.evidon.com *.googleadservices.com www.google.com www.googletagmanager.com *.doubleclick.net *.rfihub.net; default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: fonts.gstatic.com *.demdex.net; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com c.evidon.com fonts.gstatic.com somni.bluebird.com *.everesttech.net *.doubleclick.net l.evidon.com ; form-action 'none' data: blob: ; report-uri /csp_report
content-type
image/png
x-iinfo
13-34706183-0 0CNN RT(1646419820735 0) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=60100, public
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
903
expires
Sat, 05 Mar 2022 11:32:00 GMT
DEPOSIT.png
www.bluebird.com/content/dam/bluebird/bluebird-icons/
513 B
699 B
Image
General
Full URL
https://www.bluebird.com/content/dam/bluebird/bluebird-icons/DEPOSIT.png
Requested by
Host: www.bluebird.com
URL: https://www.bluebird.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.11.91 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
59b8a489e7a061d617e2cf81cce3d20c4f580820efc221ce8e0d4c56cf1c8b34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.bluebird.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 18:50:20 GMT
last-modified
Tue, 08 Sep 2020 13:51:52 GMT
x-cdn
Imperva
etag
"774-5aecda3220e00"
content-security-policy-report-only
font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: fonts.gstatic.com; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.omtrdc.net *.doubleclick.net somni.bluebird.com www.google.com *.demdex.net; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.rfihub.com *.doubleclick.net *.demdex.net; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: assets.adobedtm.com c.evidon.com *.googleadservices.com www.google.com www.googletagmanager.com *.doubleclick.net *.rfihub.net; default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: fonts.gstatic.com *.demdex.net; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com c.evidon.com fonts.gstatic.com somni.bluebird.com *.everesttech.net *.doubleclick.net l.evidon.com ; form-action 'none' data: blob: ; report-uri /csp_report
content-type
image/png
x-iinfo
13-34706184-0 0CNN RT(1646419820738 0) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=66885, public
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
513
expires
Sat, 05 Mar 2022 13:25:05 GMT
bb-logo.svg
www.bluebird.com/content/dam/bluebird/
3 KB
2 KB
Image
General
Full URL
https://www.bluebird.com/content/dam/bluebird/bb-logo.svg
Requested by
Host: www.bluebird.com
URL: https://www.bluebird.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.11.91 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
9f81ebe7129c6878b9ef2988bb3e5985268123f9ed76ff9ed1bd8efcad7d8ea7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.bluebird.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 18:50:20 GMT
content-encoding
gzip
last-modified
Mon, 21 Sep 2020 13:38:23 GMT
x-cdn
Imperva
etag
"d67-5afd2f6d991c0-gzip"
content-security-policy-report-only
font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: fonts.gstatic.com; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.omtrdc.net *.doubleclick.net somni.bluebird.com www.google.com *.demdex.net; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.rfihub.com *.doubleclick.net *.demdex.net; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: assets.adobedtm.com c.evidon.com *.googleadservices.com www.google.com www.googletagmanager.com *.doubleclick.net *.rfihub.net; default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: fonts.gstatic.com *.demdex.net; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com c.evidon.com fonts.gstatic.com somni.bluebird.com *.everesttech.net *.doubleclick.net l.evidon.com ; form-action 'none' data: blob: ; report-uri /csp_report
content-type
image/svg+xml
x-iinfo
13-34706185-0 0CNN RT(1646419820739 0) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=59043, public
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
1460
expires
Sat, 05 Mar 2022 11:14:23 GMT
id
dpm.demdex.net/
373 B
1 KB
XHR
General
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=B50D40075A980C9B0A495DE1%40AdobeOrg&d_nsid=0&ts=1646419821643
Requested by
Host: www.bluebird.com
URL: https://www.bluebird.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.543d214c88dfa6f4a3233b630c82d875.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.26.90.13 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-26-90-13.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
0da6b5e0588159c61fa3df89cefcf8fa2dac79875f8010fbc1c0d0c83ba7e699
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.bluebird.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-usw2-2-v026-09d5b9623.edge-usw2.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
Gdcc8Y0sQSQ=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.bluebird.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
314
Expires
Thu, 01 Jan 1970 00:00:00 UTC
AppMeasurement.min.js
assets.adobedtm.com/extensions/EPb56e12d7054b4acea984e91c910051cc/
33 KB
12 KB
Script
General
Full URL
https://assets.adobedtm.com/extensions/EPb56e12d7054b4acea984e91c910051cc/AppMeasurement.min.js
Requested by
Host: www.bluebird.com
URL: https://www.bluebird.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.543d214c88dfa6f4a3233b630c82d875.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1402:16:598::1e80 Atlanta, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
04d439e000eb278a036c741b3a0b3ddb4b22087ff0bbb9342a6be5dc7d1ab60a

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.bluebird.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 18:50:21 GMT
content-encoding
gzip
last-modified
Mon, 18 Oct 2021 21:37:16 GMT
server
AkamaiNetStorage
etag
"820eb42f3120ddf65e303b24a8285815:1634593036.305122"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.bluebird.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
12200
expires
Fri, 04 Mar 2022 19:50:21 GMT
AppMeasurement_Module_ActivityMap.min.js
assets.adobedtm.com/extensions/EPb56e12d7054b4acea984e91c910051cc/
3 KB
2 KB
Script
General
Full URL
https://assets.adobedtm.com/extensions/EPb56e12d7054b4acea984e91c910051cc/AppMeasurement_Module_ActivityMap.min.js
Requested by
Host: www.bluebird.com
URL: https://www.bluebird.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.543d214c88dfa6f4a3233b630c82d875.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1402:16:598::1e80 Atlanta, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
99affd7a1c868ecf15a0789fc85e87ca23ae783e7916aee316e6282d9777369c

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.bluebird.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 18:50:21 GMT
content-encoding
gzip
last-modified
Mon, 18 Oct 2021 21:37:16 GMT
server
AkamaiNetStorage
etag
"abbe69e5c8f385f00652c3d0c2bba347:1634593036.557115"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.bluebird.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
1594
expires
Fri, 04 Mar 2022 19:50:21 GMT
_Incapsula_Resource
www.bluebird.com/
1 B
67 B
Image
General
Full URL
https://www.bluebird.com/_Incapsula_Resource?SWKMTFSR=1&e=0.179529124168331
Requested by
Host: www.bluebird.com
URL: https://www.bluebird.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.11.91 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.bluebird.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache, no-store
x-robots-tag
noindex
content-length
1
content-security-policy-report-only
font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: fonts.gstatic.com; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.omtrdc.net *.doubleclick.net somni.bluebird.com www.google.com *.demdex.net; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.rfihub.com *.doubleclick.net *.demdex.net; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: assets.adobedtm.com c.evidon.com *.googleadservices.com www.google.com www.googletagmanager.com *.doubleclick.net *.rfihub.net; default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: fonts.gstatic.com *.demdex.net; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com c.evidon.com fonts.gstatic.com somni.bluebird.com *.everesttech.net *.doubleclick.net l.evidon.com ; form-action 'none' data: blob: ; report-uri /csp_report
content-type
text/plain
dest5.html
incommholdings.demdex.net/ Frame D9C3
7 KB
3 KB
Document
General
Full URL
https://incommholdings.demdex.net/dest5.html?d_nsid=0
Requested by
Host: www.bluebird.com
URL: https://www.bluebird.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.543d214c88dfa6f4a3233b630c82d875.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.216.192.127 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-216-192-127.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.bluebird.com/

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding
gzip
Content-Type
text/html;charset=UTF-8
date
Fri, 4 Mar 2022 18:50:22 GMT
DCS
dcs-prod-usw2-1-v026-0e9b3d7ee.edge-usw2.demdex.com UNKNOWN
Expires
Thu, 01 Jan 1970 00:00:00 UTC
last-modified
Fri, 4 Mar 2022 15:48:33 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
vary
accept-encoding
X-TID
5uPdk7TNRUE=
transfer-encoding
chunked
Connection
keep-alive
id
somni.bluebird.com/
48 B
511 B
XHR
General
Full URL
https://somni.bluebird.com/id?d_visid_ver=5.3.0&d_fieldgroup=A&mcorgid=B50D40075A980C9B0A495DE1%40AdobeOrg&mid=44438387963769486394066414222434208924&ts=1646419821978
Requested by
Host: www.bluebird.com
URL: https://www.bluebird.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.543d214c88dfa6f4a3233b630c82d875.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.205.241.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-205-241-19.compute-1.amazonaws.com
Software
jag /
Resource Hash
fb329e5c3f5bc3ab2fc15212119bbd314e6505d2db538181cb880e80bff30d0a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bluebird.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 04 Mar 2022 18:50:22 GMT
x-content-type-options
nosniff
server
jag
xserver
anedge-6f647cfb68-gj2sk
vary
Origin
x-c
main-1585.I7afc85.M0-540
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.bluebird.com
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/x-javascript;charset=utf-8
content-length
48
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=YiJfbgAAAMcsBwQL
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=44179435795264487924074299301181289883
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YiJfbgAAAMcsBwQL
42 B
945 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YiJfbgAAAMcsBwQL
Protocol
HTTP/1.1
Server
52.26.90.13 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-26-90-13.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.bluebird.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v026-0bdecbda0.edge-usw2.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
hVcE0DwnStw=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YiJfbgAAAMcsBwQL
Date
Fri, 04 Mar 2022 18:50:22 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
delivery
incommholdings.tt.omtrdc.net/rest/v1/
357 B
591 B
XHR
General
Full URL
https://incommholdings.tt.omtrdc.net/rest/v1/delivery?client=incommholdings&sessionId=68b4a197963c4df48800100423f81aa0&version=2.7.0
Requested by
Host: www.bluebird.com
URL: https://www.bluebird.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.543d214c88dfa6f4a3233b630c82d875.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.244.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-244-253.compute-1.amazonaws.com
Software
/
Resource Hash
4d57e5120dcd6449f8af7a9d719dda380805b26c7d56842ee86f5c7298407762

Request headers

Referer
https://www.bluebird.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 04 Mar 2022 18:50:22 GMT
content-encoding
gzip
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.bluebird.com
access-control-allow-credentials
true
timing-allow-origin
*
x-request-id
e048e5029a9702228d68b32dd264c7b5
csp_report
www.bluebird.com/
0
82 B
Other
General
Full URL
https://www.bluebird.com/csp_report
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.11.91 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.bluebird.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/csp-report

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache, no-store
x-robots-tag
noindex
content-length
0
content-security-policy-report-only
font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: fonts.gstatic.com; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.omtrdc.net *.doubleclick.net somni.bluebird.com www.google.com *.demdex.net; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.rfihub.com *.doubleclick.net *.demdex.net; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: assets.adobedtm.com c.evidon.com *.googleadservices.com www.google.com www.googletagmanager.com *.doubleclick.net *.rfihub.net; default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: fonts.gstatic.com *.demdex.net; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com c.evidon.com fonts.gstatic.com somni.bluebird.com *.everesttech.net *.doubleclick.net l.evidon.com ; form-action 'none' data: blob: ; report-uri /csp_report
content-type
text/plain
RCc75afd4610e547cb9cc47b44b7f9172c-source.min.js
assets.adobedtm.com/749c35e733e5/8fa4f1f1a52e/f54de7b57713/
3 KB
2 KB
Script
General
Full URL
https://assets.adobedtm.com/749c35e733e5/8fa4f1f1a52e/f54de7b57713/RCc75afd4610e547cb9cc47b44b7f9172c-source.min.js
Requested by
Host: www.bluebird.com
URL: https://www.bluebird.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.543d214c88dfa6f4a3233b630c82d875.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1402:16:598::1e80 Atlanta, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
9993c091a0cab10ffcdbcd0770c3006cd16493794d382ecfcd4c9f4c3eef54f8

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.bluebird.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 18:50:22 GMT
content-encoding
gzip
last-modified
Tue, 23 Nov 2021 20:17:15 GMT
server
AkamaiNetStorage
etag
"182773696e21931efd17914436604047:1637698635.937586"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.bluebird.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
1302
expires
Fri, 04 Mar 2022 19:50:22 GMT
evidon-sitenotice-tag.js
c.evidon.com/sitenotice/
64 KB
17 KB
Script
General
Full URL
https://c.evidon.com/sitenotice/evidon-sitenotice-tag.js
Requested by
Host: www.bluebird.com
URL: https://www.bluebird.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.123.233.248 Atlanta, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-123-233-248.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
c7e72c779583381102fffff44b28a02cf94453be7b9fe14503b92cb703573486

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.bluebird.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 18:50:22 GMT
content-encoding
gzip
last-modified
Tue, 01 Mar 2022 20:41:16 GMT
server
AkamaiNetStorage
etag
"78897cb13bed524edc635fa4f5dc72b1:1646167276.102994"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET,OPTIONS,POST
content-type
application/x-javascript
access-control-allow-origin
access-control-max-age
108000
cache-control
max-age=172800, private;max-age=86400
accept-ranges
bytes
access-control-allow-headers
*
content-length
16959
expires
Sun, 06 Mar 2022 18:50:22 GMT
country.js
c.evidon.com/geo/
243 B
452 B
Script
General
Full URL
https://c.evidon.com/geo/country.js
Requested by
Host: www.bluebird.com
URL: https://www.bluebird.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.123.233.248 Atlanta, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-123-233-248.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
288d2c97bad5f7f9426e4ce8fda3fc7b5d00e7304f51b859324a7a2ad6468107

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.bluebird.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 18:50:22 GMT
content-encoding
gzip
last-modified
Sat, 14 Mar 2020 06:17:07 GMT
server
AkamaiNetStorage
etag
"06b8b9b7abb4ed24c3f402cfde5182eb:1584166627.64046"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET,OPTIONS,POST
content-type
application/x-javascript
access-control-allow-origin
access-control-max-age
108000
accept-ranges
bytes
access-control-allow-headers
*
content-length
167
snthemes.js
c.evidon.com/sitenotice/5229/
89 KB
4 KB
Script
General
Full URL
https://c.evidon.com/sitenotice/5229/snthemes.js
Requested by
Host: www.bluebird.com
URL: https://www.bluebird.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.123.233.248 Atlanta, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-123-233-248.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
c86f418f70463d8f32f81d1f2b9a136a03d5f0414a5aa0491359f4d7af5d6a6f

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.bluebird.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 18:50:22 GMT
content-encoding
gzip
last-modified
Mon, 14 Feb 2022 21:54:33 GMT
server
AkamaiNetStorage
etag
"ec60ef94848b8f93f34dc2e2fb8524f0:1644875673.842728"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET,OPTIONS,POST
content-type
application/x-javascript
access-control-allow-origin
access-control-max-age
108000
cache-control
max-age=172800, private;max-age=86400
accept-ranges
bytes
access-control-allow-headers
*
content-length
3378
expires
Sun, 06 Mar 2022 18:50:22 GMT
settings.js
c.evidon.com/sitenotice/5229/bluebird/
2 KB
1 KB
Script
General
Full URL
https://c.evidon.com/sitenotice/5229/bluebird/settings.js
Requested by
Host: www.bluebird.com
URL: https://www.bluebird.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.123.233.248 Atlanta, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-123-233-248.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
3b7ff5bada0adbf1c5177798ac3796c70f6dc070dfe1f517e123440facaf540f

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.bluebird.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 18:50:22 GMT
content-encoding
gzip
last-modified
Mon, 14 Feb 2022 20:11:07 GMT
server
AkamaiNetStorage
etag
"c54a4d79dfdf2dc306f99b2899aec273:1644869467.090859"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET,OPTIONS,POST
content-type
application/x-javascript
access-control-allow-origin
access-control-max-age
108000
cache-control
max-age=172800, private;max-age=86400
accept-ranges
bytes
access-control-allow-headers
*
content-length
912
expires
Sun, 06 Mar 2022 18:50:22 GMT
RC9f54acb4e17c4f83b8f3ff06fe36c52e-source.min.js
assets.adobedtm.com/749c35e733e5/8fa4f1f1a52e/f54de7b57713/
891 B
724 B
Script
General
Full URL
https://assets.adobedtm.com/749c35e733e5/8fa4f1f1a52e/f54de7b57713/RC9f54acb4e17c4f83b8f3ff06fe36c52e-source.min.js
Requested by
Host: www.bluebird.com
URL: https://www.bluebird.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.543d214c88dfa6f4a3233b630c82d875.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1402:16:598::1e80 Atlanta, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
250dbfb1527cb816cbcce76597d3f51bbd308cdc863692f21b6b8d75eb56ddf2

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.bluebird.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 18:50:22 GMT
content-encoding
gzip
last-modified
Tue, 23 Nov 2021 20:17:15 GMT
server
AkamaiNetStorage
etag
"182773696e21931efd17914436604047:1637698635.937586"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.bluebird.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
457
expires
Fri, 04 Mar 2022 19:50:22 GMT
tc.min.js
c1.rfihub.net/js/
19 KB
6 KB
Script
General
Full URL
https://c1.rfihub.net/js/tc.min.js
Requested by
Host: www.bluebird.com
URL: https://www.bluebird.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21da:5200:1:76cf:fe80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Jetty(9.3.29.v20201019) /
Resource Hash
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.bluebird.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 18:19:05 GMT
content-encoding
br
last-modified
Fri, 04 Mar 2022 18:18:55 GMT
server
Jetty(9.3.29.v20201019)
age
1877
vary
Accept-Encoding
x-cache
Hit from cloudfront
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
via
1.1 1089f52bc4f4516fdbd56d5c71d181e8.cloudfront.net (CloudFront)
cache-control
public, max-age=3600
x-amz-cf-pop
EWR53-C1
content-type
application/x-javascript
x-amz-cf-id
drsCIaP6yph2l99tQAUlVZARJHMxuco193AkdA5XsxUHr1BcBoI7Hw==
expires
Fri, 04 Mar 2022 19:19:05 GMT
js
www.googletagmanager.com/gtag/
143 KB
54 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-350469249
Requested by
Host: www.bluebird.com
URL: https://www.bluebird.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.543d214c88dfa6f4a3233b630c82d875.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2008 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
899fc5c4c2f5b810289aa85698d61604c65a049be09e1740ac97ce09e4cfef6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.bluebird.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 18:50:22 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54581
x-xss-protection
0
last-modified
Fri, 04 Mar 2022 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 04 Mar 2022 18:50:22 GMT
s66275331846364
somni.bluebird.com/b/ss/incommholdingsbluebirdprod/1/JS-2.22.3-LBWB/
43 B
330 B
Image
General
Full URL
https://somni.bluebird.com/b/ss/incommholdingsbluebirdprod/1/JS-2.22.3-LBWB/s66275331846364?AQB=1&ndh=1&pf=1&t=4%2F2%2F2022%2018%3A50%3A22%205%200&sdid=7761898B43AC85B2-6522F3BC46F2C8C7&mid=44438387963769486394066414222434208924&aamlh=9&ce=UTF-8&pageName=us%7Cbluebird%7Cmarketing%7Cmain%7Chome%7C2020launch&g=https%3A%2F%2Fwww.bluebird.com%2F&c.&apl=4.0&inList=3.0&getPreviousValue=3.0&.c&cc=USD&server=www.bluebird.com&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&h1=us%7Cbluebird%7Cmarketing%7Cmain%7C&c3=en&v38=https%3A%2F%2Fwww.bluebird.com%2F&c53=prospect&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=B50D40075A980C9B0A495DE1%40AdobeOrg&AQE=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.205.241.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-205-241-19.compute-1.amazonaws.com
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.bluebird.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 18:50:22 GMT
x-content-type-options
nosniff
x-c
main-1585.I7afc85.M0-540
p3p
CP="This is not a P3P policy"
vary
*
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Sat, 05 Mar 2022 18:50:22 GMT
server
jag
xserver
anedge-6f647cfb68-cl2tf
etag
3535659645823746048-4619761788414421475
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Thu, 03 Mar 2022 18:50:22 GMT
ca.html
20833175p.rfihub.com/ Frame 235A
3 KB
3 KB
Document
General
Full URL
https://20833175p.rfihub.com/ca.html?ver=9&rb=44097&ca=20833175&_o=44097&_t=20833175&pe=https%3A%2F%2Fwww.bluebird.com%2F&pf=&ra=4888893084547554
Requested by
Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
199.38.167.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.3.29.v20201019) /
Resource Hash
d20ce16c550d91399313b520cc0e01d5b155aef34f993b624b4bc5d7c542101f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.bluebird.com/

Response headers

Date
Fri, 04 Mar 2022 18:50:22 GMT
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache
Content-Type
text/html;charset=utf-8
Content-Length
2770
Server
Jetty(9.3.29.v20201019)
en.js
c.evidon.com/sitenotice/5229/translations/
228 KB
9 KB
Script
General
Full URL
https://c.evidon.com/sitenotice/5229/translations/en.js
Requested by
Host: c.evidon.com
URL: https://c.evidon.com/sitenotice/evidon-sitenotice-tag.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.123.233.248 Atlanta, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-123-233-248.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
411c48a7264decc504bfef41254f8b81994e92f690677437548adeb8846a38ad

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.bluebird.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 18:50:22 GMT
content-encoding
gzip
last-modified
Mon, 14 Feb 2022 22:10:49 GMT
server
AkamaiNetStorage
etag
"427f7a340b673112624632b1041c759a:1644876649.489024"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET,OPTIONS,POST
content-type
application/x-javascript
access-control-allow-origin
access-control-max-age
108000
cache-control
max-age=172800, private;max-age=86400
accept-ranges
bytes
access-control-allow-headers
*
content-length
9253
expires
Sun, 06 Mar 2022 18:50:22 GMT
conversion_async.js
www.googleadservices.com/pagead/
39 KB
15 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-350469249
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
cafe /
Resource Hash
cae0ae2d67aac89367108586ebd25e00afc5d0f8110e6eb71b8d274037f7a5d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.bluebird.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 18:50:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14884
x-xss-protection
0
server
cafe
etag
16747055602125368176
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 04 Mar 2022 18:50:22 GMT
icong1.png
c.evidon.com/pub/
600 B
907 B
Image
General
Full URL
https://c.evidon.com/pub/icong1.png
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.123.233.248 Atlanta, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-123-233-248.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
40d2dae0209b964e6ceb2607faafc02bb3d6efa0d73f47a4ab2a17279f642b91

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.bluebird.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 18:50:22 GMT
content-encoding
gzip
last-modified
Tue, 21 May 2019 16:14:21 GMT
server
AkamaiNetStorage
etag
"d08da9f445b63100a56646de99043059:1558455261"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET,OPTIONS,POST
content-type
image/png
access-control-allow-origin
access-control-max-age
108000
cache-control
max-age=864000
accept-ranges
bytes
access-control-allow-headers
*
content-length
623
1
l.evidon.com/site/v3/5229/22325/1/1/1/
0
121 B
Image
General
Full URL
https://l.evidon.com/site/v3/5229/22325/1/1/1/1?consent=1&regulationid=0&regulationconsenttypeid=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.161.40.243 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-161-40-243.compute-1.amazonaws.com
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.bluebird.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 18:50:22 GMT
content-encoding
gzip
x-powered-by
Express
etag
W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary
Accept-Encoding
86253
l.evidon.com/site/v3/5229/22325/1/2/1/1/
0
120 B
Image
General
Full URL
https://l.evidon.com/site/v3/5229/22325/1/2/1/1/86253?consent=1&regulationid=0&regulationconsenttypeid=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.161.40.243 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-161-40-243.compute-1.amazonaws.com
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.bluebird.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 18:50:22 GMT
content-encoding
gzip
x-powered-by
Express
etag
W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary
Accept-Encoding
86253
l.evidon.com/site/v3/5229/22325/1/1/1/1/
0
120 B
Image
General
Full URL
https://l.evidon.com/site/v3/5229/22325/1/1/1/1/86253?consent=1&regulationid=0&regulationconsenttypeid=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.161.40.243 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-161-40-243.compute-1.amazonaws.com
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.bluebird.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 18:50:22 GMT
content-encoding
gzip
x-powered-by
Express
etag
W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary
Accept-Encoding
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/350469249/
2 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/350469249/?random=1646419822591&cv=9&fst=1646419822591&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa320&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.bluebird.com%2F&tiba=Welcome%20to%20Bluebird.&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.bluebird.com
URL: https://www.bluebird.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.543d214c88dfa6f4a3233b630c82d875.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bca43eb6bcc636548cfe85d5950b99d57ee2ece4edec5081014b5f93ca840247
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.bluebird.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 04 Mar 2022 18:50:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1026
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/350469249/
42 B
548 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/350469249/?random=1646419822591&cv=9&fst=1646416800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa320&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.bluebird.com%2F&tiba=Welcome%20to%20Bluebird.&async=1&fmt=3&is_vtc=1&random=2113766439&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2004 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.bluebird.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 04 Mar 2022 18:50:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csp_report
www.bluebird.com/
0
28 B
Other
General
Full URL
https://www.bluebird.com/csp_report
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.11.91 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.bluebird.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/csp-report

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache, no-store
x-robots-tag
noindex
content-length
0
content-security-policy-report-only
font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: fonts.gstatic.com; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.omtrdc.net *.doubleclick.net somni.bluebird.com www.google.com *.demdex.net; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.rfihub.com *.doubleclick.net *.demdex.net; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: assets.adobedtm.com c.evidon.com *.googleadservices.com www.google.com www.googletagmanager.com *.doubleclick.net *.rfihub.net; default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: fonts.gstatic.com *.demdex.net; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com c.evidon.com fonts.gstatic.com somni.bluebird.com *.everesttech.net *.doubleclick.net l.evidon.com ; form-action 'none' data: blob: ; report-uri /csp_report
content-type
text/plain
/
www.google.ca/pagead/1p-user-list/350469249/
42 B
548 B
Image
General
Full URL
https://www.google.ca/pagead/1p-user-list/350469249/?random=1646419822591&cv=9&fst=1646416800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa320&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.bluebird.com%2F&tiba=Welcome%20to%20Bluebird.&async=1&fmt=3&is_vtc=1&random=2113766439&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.bluebird.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 04 Mar 2022 18:50:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
a.rfihub.com/ Frame 235A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=OTc4NzU4ODc3MjYwMDcyMjg5&forward=
  • https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEEHdyALUdxd-n9B6X1J6q5Y&google_cver=1
42 B
1 KB
Image
General
Full URL
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEEHdyALUdxd-n9B6X1J6q5Y&google_cver=1
Protocol
HTTP/1.1
Server
199.38.167.129 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.3.29.v20201019) /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://20833175p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 04 Mar 2022 18:50:22 GMT
Cache-Control
no-cache
Server
Jetty(9.3.29.v20201019)
Content-Type
image/gif
Content-Length
42
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Fri, 04 Mar 2022 18:50:22 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEEHdyALUdxd-n9B6X1J6q5Y&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
311
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame 235A
Redirect Chain
  • https://ib.adnxs.com/setuid?entity=18&code=978758877260072289
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D978758877260072289
43 B
1 KB
Image
General
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D978758877260072289
Protocol
HTTP/1.1
Server
68.67.160.134 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
670.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://20833175p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 04 Mar 2022 18:50:22 GMT
X-Proxy-Origin
149.56.153.181; 149.56.153.181; 670.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
7db97624-634f-455d-8e4c-63b0578c9584
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 04 Mar 2022 18:50:22 GMT
X-Proxy-Origin
149.56.153.181; 149.56.153.181; 670.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
d237fba2-a739-43a9-9771-ebe27e8e6cdd
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D978758877260072289
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cm
p.rfihub.com/ Frame 235A
Redirect Chain
  • https://stags.bluekai.com/site/4722?id=978758877260072289&redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fbk_uuid%3D%24_BK_UUID%26forward%3D
  • https://p.rfihub.com/cm?bk_uuid=$_BK_UUID&forward=
42 B
978 B
Image
General
Full URL
https://p.rfihub.com/cm?bk_uuid=$_BK_UUID&forward=
Protocol
HTTP/1.1
Server
199.38.167.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.3.29.v20201019) /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://20833175p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 04 Mar 2022 18:50:22 GMT
Cache-Control
no-cache
Server
Jetty(9.3.29.v20201019)
Content-Type
image/gif
Content-Length
42
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://p.rfihub.com/cm?bk_uuid=$_BK_UUID&forward=
Date
Fri, 04 Mar 2022 18:50:22 GMT
Connection
keep-alive
Content-Length
0
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
tap.php
pixel.rubiconproject.com/ Frame 235A
42 B
740 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=13490&nid=2596&put=978758877260072289&
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://20833175p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
368ba1c92c09ff88b641150fbbf94341
Content-Type
image/gif
ibs:dpid=1121&dpuuid=978758877260072289&redir=
dpm.demdex.net/ Frame 235A
42 B
945 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=1121&dpuuid=978758877260072289&redir=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.26.90.13 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-26-90-13.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://20833175p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v026-060c34744.edge-usw2.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
64ukfbIIR1s=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC
/
ps.eyeota.net/match/bounce/ Frame 235A
Redirect Chain
  • https://p.rfihub.com/cm?pub=24472&in=1
  • https://ps.eyeota.net/match?uid=978758877260072289&bid=omt9pi0
  • https://ps.eyeota.net/match/bounce/?uid=978758877260072289&bid=omt9pi0
70 B
440 B
Image
General
Full URL
https://ps.eyeota.net/match/bounce/?uid=978758877260072289&bid=omt9pi0
Protocol
HTTP/1.1
Server
18.214.54.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-54-215.compute-1.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://20833175p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 04 Mar 2022 18:50:22 GMT
Content-Type
image/gif
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location
/match/bounce/?uid=978758877260072289&bid=omt9pi0
Date
Fri, 04 Mar 2022 18:50:22 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
cksync.php
contextual.media.net/ Frame 235A
45 B
613 B
Image
General
Full URL
https://contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=978758877260072289
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.207.52.22 Atlanta, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-52-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://20833175p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Fri, 04 Mar 2022 18:50:22 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Fri, 04 Mar 2022 18:50:22 GMT
serving
bs.serving-sys.com/ Frame 235A
0
105 B
Image
General
Full URL
https://bs.serving-sys.com/serving?cn=um&dpid=12&rtu=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D17945%26userid%3D%5B%25tp_UserID%25%5D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.235.211.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-235-211-71.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://20833175p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 18:50:22 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-length
0
p3p
CP="NOI DEVa OUR BUS UNI"
362358.gif
idsync.rlcdn.com/ Frame 235A
Redirect Chain
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=978758877260072289&referrer=https%3A%2F%2Fwww.bluebird.com%2F
  • https://p.rfihub.com/cm?pub=39342&in=0&userid=7977e572-ff49-4354-8818-740976235ede%3A1646419822.81&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D7977e572-ff49-4354-8818-740976235ede...
  • https://idsync.rlcdn.com/501709.gif?partner_uid=7977e572-ff49-4354-8818-740976235ede%3A1646419822.81
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEMRmpX2hviHQyrZV6SCpE8Y&google_cver=1
42 B
60 B
Image
General
Full URL
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEMRmpX2hviHQyrZV6SCpE8Y&google_cver=1
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://20833175p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 04 Mar 2022 18:50:23 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Fri, 04 Mar 2022 18:50:22 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEMRmpX2hviHQyrZV6SCpE8Y&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
289
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
bpi.rtactivate.com/tag/ Frame 235A
43 B
109 B
Image
General
Full URL
https://bpi.rtactivate.com/tag/?id=11017&user_id=978758877260072289
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.229.229.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-229-229-140.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://20833175p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 18:50:22 GMT
server
awselb/2.0
content-length
43
content-type
image/gif
rum
dsum-sec.casalemedia.com/ Frame 235A
Redirect Chain
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=978758877260072289&forward=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=978758877260072289&forward=&C=1
43 B
1003 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=978758877260072289&forward=&C=1
Protocol
HTTP/1.1
Server
23.54.68.240 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-68-240.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://20833175p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 04 Mar 2022 18:50:22 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 04 Mar 2022 18:50:22 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 04 Mar 2022 18:50:22 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=978758877260072289&forward=&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
294
Expires
Fri, 04 Mar 2022 18:50:22 GMT
360947.gif
idsync.rlcdn.com/ Frame 235A
42 B
451 B
Image
General
Full URL
https://idsync.rlcdn.com/360947.gif?partner_uid=978758877260072289
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://20833175p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 04 Mar 2022 18:50:22 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
rocketfuel_sync
x.dlx.addthis.com/e/ Frame 235A
43 B
191 B
Image
General
Full URL
https://x.dlx.addthis.com/e/rocketfuel_sync?na_exid=978758877260072289
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.223.56.123 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-56-123.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=2628000

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://20833175p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 04 Mar 2022 18:50:22 GMT
cache-control
max-age=0, no-cache, no-store
expires
Fri, 04 Mar 2022 18:50:22 GMT
content-length
43
strict-transport-security
max-age=2628000
content-type
image/gif
partner
sync.search.spotxchange.com/ Frame 235A
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=7180&uid=978758877260072289&img=1
  • https://sync.search.spotxchange.com/partner?adv_id=7180&uid=978758877260072289&img=1&__user_check__=1&sync_id=f281ba1c-9beb-11ec-82ae-1b186c970103
43 B
549 B
Image
General
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7180&uid=978758877260072289&img=1&__user_check__=1&sync_id=f281ba1c-9beb-11ec-82ae-1b186c970103
Protocol
HTTP/1.1
Server
192.35.249.120 Ashburn, United States, ASN11742 (SPOTX-IAD, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://20833175p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 04 Mar 2022 18:50:23 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
116
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Fri, 04 Mar 2022 18:50:22 GMT
Server
nginx
Location
/partner?adv_id=7180&uid=978758877260072289&img=1&__user_check__=1&sync_id=f281ba1c-9beb-11ec-82ae-1b186c970103
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
221
Connection
keep-alive
Content-Length
0
sync
partners.tremorhub.com/ Frame 235A
43 B
183 B
Image
General
Full URL
https://partners.tremorhub.com/sync?UIRF=978758877260072289&r=IzB08a4BiDmE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4264:35be:ace0:b22e:18d9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://20833175p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 18:50:22 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif
g.pixel
aa.agkn.com/adscores/ Frame 235A
43 B
518 B
Image
General
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=978758877260072289
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
156.154.200.36 , United States, ASN19907 (NEUSTAR-AS6, US),
Reverse DNS
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://20833175p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 04 Mar 2022 18:49:25 GMT
Server
AAWebServer
Access-Control-Allow-Methods
GET, POST, OPTIONS
P3P
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
close
Content-Type
image/gif
Access-Control-Allow-Headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
Content-Length
43
Expires
0
usermatch.gif
beacon.krxd.net/ Frame 235A
0
338 B
Image
General
Full URL
https://beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=978758877260072289
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.5.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-5-47.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://20833175p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 18:50:23 GMT
cache-control
private, no-cache, no-store
x-request-time
D=102 t=1646419823
x-served-by
beacon-n002-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
x.bidswitch.net/ul_cb/ Frame 235A
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=978758877260072289&expires=30
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=978758877260072289&expires=30
43 B
510 B
Image
General
Full URL
https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=978758877260072289&expires=30
Protocol
HTTP/1.1
Server
35.211.178.172 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://20833175p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 04 Mar 2022 18:50:23 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=978758877260072289&expires=30
Date
Fri, 04 Mar 2022 18:50:22 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cm
p.rfihub.com/ Frame 235A
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D
  • https://p.rfihub.com/cm?in=1&pub=21653&userid=YiJfbgAAAMcsBwQL
42 B
1 KB
Image
General
Full URL
https://p.rfihub.com/cm?in=1&pub=21653&userid=YiJfbgAAAMcsBwQL
Protocol
HTTP/1.1
Server
199.38.167.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.3.29.v20201019) /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://20833175p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 04 Mar 2022 18:50:22 GMT
Cache-Control
no-cache
Server
Jetty(9.3.29.v20201019)
Content-Type
image/gif
Content-Length
42
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Fri, 04 Mar 2022 18:50:22 GMT
via
1.1 varnish
server
Varnish
x-timer
S1646419823.924478,VS0,VE0
x-served-by
cache-yul12832-YUL
x-cache
HIT
location
https://p.rfihub.com/cm?in=1&pub=21653&userid=YiJfbgAAAMcsBwQL
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0

Verdicts & Comments Add Verdict or Comment

112 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| structuredClone object| oncontextlost object| oncontextrestored string| omn_pagename string| omn_hierarchy string| omn_newpagename string| omn_language function| $ function| jQuery object| matched object| browser object| Granite object| _g function| $CQ object| CQ undefined| G_XHR_HOOK undefined| G_RELOAD_HOOK undefined| G_IS_HOOKED undefined| G_CONTENT_PATH object| webpackJsonp object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime object| WebComponents function| __CE_installPolyfill object| ShadyCSS function| __extends function| __assign function| __rest function| __decorate function| __param function| __metadata function| __awaiter function| __generator function| __exportStar function| __createBinding function| __values function| __read function| __spread function| __spreadArrays function| __await function| __asyncGenerator function| __asyncDelegator function| __asyncValues function| __makeTemplateObject function| __importStar function| __importDefault function| __classPrivateFieldGet function| __classPrivateFieldSet function| __spreadArray object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in function| urlWithoutWWW string| todayDateString function| passDomainAndDate function| passDomain function| passDate function| getDE function| loadScriptAsync function| getPromise function| retrieveConditionBased function| retrieveDomainBased function| retrieveRulesForKey function| getDicOfCookies function| getCookieVal string| query string| hash object| hdr string| uri undefined| tmp object| jQuery112403256551863802102 object| ___target_traces function| mboxCreate function| mboxDefine function| mboxUpdate function| array_merge function| trafficCop object| temp string| urllc function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq function| AppMeasurement_Module_ActivityMap object| s object| evidon function| _rfi function| cookieWrite function| cookieRead string| g object| s_i_incommholdingsbluebirdprod function| extend function| RocketfuelBCPInclude function| RocketfuelBCPClass function| RocketfuelUtils object| RocketfuelBCP object| google_tag_manager object| dataLayer function| gtag object| google_tag_data function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO

43 Cookies

Domain/Path Name / Value
www.bluebird.com/ Name: ApplicationGatewayAffinityCORS
Value: 826e4aee4bae418b995d129594193d17
www.bluebird.com/ Name: ApplicationGatewayAffinity
Value: 826e4aee4bae418b995d129594193d17
.bluebird.com/ Name: visid_incap_1816399
Value: AGDvxbRdTsOk1pYKFapcomxfImIAAAAAQUIPAAAAAAD2Xvj+BOCjoJ0q51kSTcMX
.bluebird.com/ Name: incap_ses_220_1816399
Value: 00ZsNcmK4XW9kimlY5kNA2xfImIAAAAAJ1SwBoFrmYrXM3uAUiuYdQ==
.bluebird.com/ Name: at_check
Value: true
www.bluebird.com/ Name: servequeryparameters
Value:
.demdex.net/ Name: demdex
Value: 44179435795264487924074299301181289883
.bluebird.com/ Name: AMCVS_B50D40075A980C9B0A495DE1%40AdobeOrg
Value: 1
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YiJfbgAAAMcsBwQL
.bluebird.com/ Name: s_ecid
Value: MCMID%7C44438387963769486394066414222434208924
.bluebird.com/ Name: mbox
Value: session#68b4a197963c4df48800100423f81aa0#1646421683|PC#68b4a197963c4df48800100423f81aa0.34_0#1709664623
.dpm.demdex.net/ Name: dpm
Value: 44179435795264487924074299301181289883
.bluebird.com/ Name: AMCV_B50D40075A980C9B0A495DE1%40AdobeOrg
Value: -2121179033%7CMCIDTS%7C19056%7CMCMID%7C44438387963769486394066414222434208924%7CMCAAMLH-1647024621%7C9%7CMCAAMB-1647024621%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1646427022s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19063%7CvVersion%7C5.3.0
.bluebird.com/ Name: gpv_Page
Value: us%7Cbluebird%7Cmarketing%7Cmain%7Chome%7C2020launch
.bluebird.com/ Name: s_cc
Value: true
.bluebird.com/ Name: _gcl_au
Value: 1.1.1683652658.1646419822
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAAAOMSsjS3MDe1sDA3NzIzMDA3MrKwFOIz1A3zDnLTdXL1j892ygUAy9f01yQAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAAAOMSsjS3MDe1sDA3NzIzMDA3MrKwFOIz1A3zDnLTdXL1j892ypXiNTQzMTMxtLQwMjIzNwcAAlAokDMAAAA
.adnxs.com/ Name: uuid2
Value: 6736280336637341069
.doubleclick.net/ Name: IDE
Value: AHWqTUnGyck1gLCKV2XN2HytIc9NsuWNh7RAGYV7YoDX0AkTC5R1_6nwudE_2IjZ7UA
.rubiconproject.com/ Name: khaos
Value: L0CRUPQG-R-58E2
.rubiconproject.com/ Name: audit
Value: 1|o3zXheP0v93VN4kc8tRW9Hu8nrKSpaoBVYzOs28T/zDWaDs14xzbSLzsmvGpNmiKMElVGIKBmsSM1KxoLazItzgcYyWGKhyqQG8/UFe72uIWYzwlPAR9VyyTu4q6M80MPU0SGFIMDYG/uESjQmdB1KukZ7aT59pe
.adnxs.com/ Name: anj
Value: dTM7k!M4/YDYRWSF']wIg2E?ds#eF:!]tbPl1Lte::w?0fS<palxo6]lybzucvjfLfQPo8m:m3pGdD0[%p[s>%q)3R3>@F?
.media.net/ Name: visitor-id
Value: 2894214221454959000V10
.media.net/ Name: data-rk
Value: 978758877260072289~~3
.rezync.com/ Name: zync-uuid
Value: 7977e572-ff49-4354-8818-740976235ede:1646419822.81
live.rezync.com/ Name: sd-session-id
Value: .eJwVyk0LgjAYAOC_Eu_Zw1zWptBND0LbqCahFykbsvlRuEkw8b9nxweeBeqPmobHqEYHiZtmFUDT600WkgWs9oPqIIGYUHKglBB8RIhgTGNYA7DKWv0ea_36591zi9x3e46LkPvcVUOJxA0h5gt0lm3EZOu4v3yFbDAzLKzu116YDPO0REx2ETP5LNLsBOv6A3TmL-w.FQPw7g.FeEYtldtGulq2hA2IH_sJrvR43Y
.casalemedia.com/ Name: CMID
Value: YiJfbqJSKWuI2b6YvgYSNQAA
.casalemedia.com/ Name: CMPS
Value: 463
.casalemedia.com/ Name: CMPRO
Value: 012
.casalemedia.com/ Name: CMST
Value: YiJfbmIiX24A
.casalemedia.com/ Name: CMRUM3
Value: 3962225f6e2760978758877260072289
.eyeota.net/ Name: mako_uid
Value: 17f5644c928-43050000010a505c
.eyeota.net/ Name: SERVERID
Value: 20572~DM
.rlcdn.com/ Name: pxrc
Value: CO6+iZEGEgYIuuoBEAA=
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAAAJvFyGtoZmJmYmhpYWRkZmGwCo1_Co3_Co3_C40_iQmVPwuNvwiNvwqNvwmNvwtdPQsq_xYy39zCcBGrQGSmV1pSuqOjo29ysVN5oM8qViQllsaWm1jRrOBG8xIaf5KwkbmluXmqqbmRblqaiaWuibGpia6FhaGFrrmJgaW5mZGxaWpKqhVCk56F4SxhJEMszA0WCaMa-giNDwD0WE8uiAEAAA
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAAAFvFKBCZ6ZWWlO7o6OibXOxUHujTxGJkbmlunmpqbqSblmZiqWtibGqia2FhaKFrbmJgaW5mZGyampJqZWhmYmZiaGlhZKRnYQgAN1f9z0gAAAA
.bidswitch.net/ Name: tuuid
Value: 5a8a1fd2-f5d3-4d15-8083-f28d72a39afe
.bidswitch.net/ Name: c
Value: 1646419822
.spotxchange.com/ Name: audience
Value: f281b9bd-9beb-11ec-82ae-1b186c970103
.bidswitch.net/ Name: tuuid_lu
Value: 1646419823
.rlcdn.com/ Name: rlas3
Value: V/Q/dMAABLLvYbj+CLLBS+bKeBV5Dk++tp/RFrG8lIQ=
.krxd.net/ Name: _kuid_
Value: OsqiZLCM

5 Console Messages

Source Level URL
Text
security error URL: https://www.bluebird.com/
Message:
The Content-Security-Policy directive 'form-action' contains the keyword 'none' alongside with other source expressions. The keyword 'none' must be the only source expression in the directive value, otherwise it is ignored.
security error URL: https://www.bluebird.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.543d214c88dfa6f4a3233b630c82d875.js
Message:
The Content-Security-Policy directive 'form-action' contains the keyword 'none' alongside with other source expressions. The keyword 'none' must be the only source expression in the directive value, otherwise it is ignored.
security error URL: https://www.bluebird.com/
Message:
[Report Only] Refused to load the image 'https://dpm.demdex.net/ibs:dpid=411&dpuuid=YiJfbgAAAMcsBwQL' because it violates the following Content Security Policy directive: "img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com c.evidon.com fonts.gstatic.com somni.bluebird.com *.everesttech.net *.doubleclick.net l.evidon.com".
security error URL: https://c1.rfihub.net/js/tc.min.js(Line 1)
Message:
The Content-Security-Policy directive 'form-action' contains the keyword 'none' alongside with other source expressions. The keyword 'none' must be the only source expression in the directive value, otherwise it is ignored.
security error URL: https://www.bluebird.com/
Message:
[Report Only] Refused to load the image 'https://www.google.ca/pagead/1p-user-list/350469249/?random=1646419822591&cv=9&fst=1646416800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa320&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.bluebird.com%2F&tiba=Welcome%20to%20Bluebird.&async=1&fmt=3&is_vtc=1&random=2113766439&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y' because it violates the following Content Security Policy directive: "img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com c.evidon.com fonts.gstatic.com somni.bluebird.com *.everesttech.net *.doubleclick.net l.evidon.com".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

20833175p.rfihub.com
a.rfihub.com
aa.agkn.com
assets.adobedtm.com
beacon.krxd.net
bpi.rtactivate.com
bs.serving-sys.com
c.evidon.com
c1.rfihub.net
cm.everesttech.net
cm.g.doubleclick.net
contextual.media.net
dpm.demdex.net
dsum-sec.casalemedia.com
googleads.g.doubleclick.net
ib.adnxs.com
idsync.rlcdn.com
incommholdings.demdex.net
incommholdings.tt.omtrdc.net
l.evidon.com
live.rezync.com
p.rfihub.com
partners.tremorhub.com
pixel.rubiconproject.com
ps.eyeota.net
somni.bluebird.com
stags.bluekai.com
sync-tm.everesttech.net
sync.search.spotxchange.com
www.bluebird.com
www.google.ca
www.google.com
www.googleadservices.com
www.googletagmanager.com
x.bidswitch.net
x.dlx.addthis.com
104.123.233.248
13.225.71.91
142.250.176.194
142.251.40.194
151.101.66.49
156.154.200.36
173.223.56.123
18.205.241.19
18.214.54.215
18.235.211.71
192.35.249.120
199.38.167.128
199.38.167.129
23.207.52.22
23.54.68.240
2600:1402:16:598::1e80
2600:1f18:612b:4264:35be:ace0:b22e:18d9
2600:9000:21da:5200:1:76cf:fe80:93a1
2607:f8b0:4006:80e::2003
2607:f8b0:4006:80f::2002
2607:f8b0:4006:80f::2008
2607:f8b0:4006:81e::2004
3.229.229.140
34.216.192.127
35.190.60.146
35.211.178.172
45.60.11.91
52.1.244.253
52.26.90.13
52.49.5.47
54.161.40.243
54.205.17.116
68.67.160.134
8.43.72.97
04d439e000eb278a036c741b3a0b3ddb4b22087ff0bbb9342a6be5dc7d1ab60a
0b17784678c720b3469366773b24d6915bea21239a08ef4b3c37ac40ef2f13b5
0da6b5e0588159c61fa3df89cefcf8fa2dac79875f8010fbc1c0d0c83ba7e699
0e530589d7991486162f45145785c9968c934c1cbe2c86bb10a993b8bbdd2565
197d04953fd2325747e545315854791dea69f3998277ca80f8a45f0fe7171482
1d665d5b75a9500040b2cc201c2b07af5faca7228372dc6f4572d2d5b2291097
210933fb1bb4e846d37ef00c92cae636ac35633132cf2157c7ac879f27f82068
2425ebbc021bfdd18fe55edbeeb1539d22a217212c14430a7d4d75266a333bbc
24fe066681c619537657a05b3de8c3bf39c8e74afb5a0b8ea562c5a8e7d23787
250dbfb1527cb816cbcce76597d3f51bbd308cdc863692f21b6b8d75eb56ddf2
288d2c97bad5f7f9426e4ce8fda3fc7b5d00e7304f51b859324a7a2ad6468107
3b7ff5bada0adbf1c5177798ac3796c70f6dc070dfe1f517e123440facaf540f
40d2dae0209b964e6ceb2607faafc02bb3d6efa0d73f47a4ab2a17279f642b91
411c48a7264decc504bfef41254f8b81994e92f690677437548adeb8846a38ad
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4517fb4ac7884717810f9700620cbfd41926e6792af6dbbcb73ce6d6fa57b149
45870260a29fa7d3e0eff8cdd91993fb4a9ce4cced3d7b72c3ef7d24380bfc2d
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d57e5120dcd6449f8af7a9d719dda380805b26c7d56842ee86f5c7298407762
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
576386593b2bbd48089be66dc0922e269541903b1f0fab7fe1a5c94d7fe65385
59b8a489e7a061d617e2cf81cce3d20c4f580820efc221ce8e0d4c56cf1c8b34
60fe0feb595bd69ba31ffad3016ab21c8bb911cc1643f9ec95e9cb3f64ae7bb6
6d7b80bca2ba60981bb3d243135f62ad4fc3b89015b8cb9b302b2763c15518b6
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
899fc5c4c2f5b810289aa85698d61604c65a049be09e1740ac97ce09e4cfef6e
9307994c78cedf8b857b83d030cb6e1758832b1d988736195323073498430bc4
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9993c091a0cab10ffcdbcd0770c3006cd16493794d382ecfcd4c9f4c3eef54f8
99affd7a1c868ecf15a0789fc85e87ca23ae783e7916aee316e6282d9777369c
9ec983f52f0d22e346206762876224aa513562fc7241e799a744772f9620f79a
9f81ebe7129c6878b9ef2988bb3e5985268123f9ed76ff9ed1bd8efcad7d8ea7
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a5f88443967a45725a70985016ef684c6cf098761d23517ec7b5cf5ffb85272e
a7e210ff20bed0b341a145e45dd24d4d1d7bfb0903c90881d42b66fd75e89edd
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bca43eb6bcc636548cfe85d5950b99d57ee2ece4edec5081014b5f93ca840247
c084b47104c493fb377b6d35d8c08df67d773f6dcf8294c0a7360710cd8cacbd
c7e72c779583381102fffff44b28a02cf94453be7b9fe14503b92cb703573486
c86f418f70463d8f32f81d1f2b9a136a03d5f0414a5aa0491359f4d7af5d6a6f
cae0ae2d67aac89367108586ebd25e00afc5d0f8110e6eb71b8d274037f7a5d8
d20ce16c550d91399313b520cc0e01d5b155aef34f993b624b4bc5d7c542101f
d703436e292bd3b76cb23af3376fbb07a8735e0e33deb5a8c949ca263ebda211
d89812096da8766156bed9faec4dd6c232e9d7d0985c3f3f211c8f7309e8b049
dc0005064c5161c225c1a58b9d812e3b3450eb7a93e4d67a939a5d2479c98890
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
e3676ab583c7a37261190e0c1ac44a0c6467eebd13f6d86c23587933ff9ba00b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f038f334c87fb2f7c037baa3debc3d8241a7e1bf599ab315fd7953034d0175ac
f8771a5e6e5beec4a91dad89b1454d2fb107bdbeb201d7cf9be56fad814147e6
fb329e5c3f5bc3ab2fc15212119bbd314e6505d2db538181cb880e80bff30d0a
fee0009872b289bd88fee14809b3827368340df88f5dd003569e720baf0f00f5