miui.blog Open in urlscan Pro
94.130.151.18 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://uk1.fastandroid.download/
Effective URL:
https://miui.blog/
Submission: On June 04 via manual (June 4th 2021, 8:05:21 am UTC) from ES

Summary HTTP 199 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 68 IPs in 10 countries across 80 domains to perform 199 HTTP transactions. The main IP is 94.130.151.18, located in Germany and belongs to HETZNER-AS, DE. The main domain is miui.blog.
TLS certificate: Issued by R3 on May 20th 2021. Valid for: 3 months.

This is the only time miui.blog was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:303... 2606:4700:3034::ac43:cb41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	94.130.151.18 94.130.151.18	24940 (HETZNER-AS) (HETZNER-AS)
20	185.59.220.194 185.59.220.194	60068 (CDN77 (^_^)/) (CDN77 (^_^)/)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
1 16	2606:4700:20:... 2606:4700:20::ac43:4597	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
2	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:1b:... 2a04:4e42:1b::621	54113 (FASTLY) (FASTLY)
1 1	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:6d::a	15169 (GOOGLE) (GOOGLE)
4	52.28.203.152 52.28.203.152	16509 (AMAZON-02) (AMAZON-02)
1	136.144.59.88 136.144.59.88	54825 (PACKET) (PACKET)
1	178.250.2.131 178.250.2.131	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 3	46.249.52.248 46.249.52.248	50673 (SERVERIUS-AS) (SERVERIUS-AS)
1 14	2606:4700:20:... 2606:4700:20::681a:34e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	54.246.172.223 54.246.172.223	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:803::2006	15169 (GOOGLE) (GOOGLE)
2	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
6 8	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
3 9	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
9 12	37.252.173.27 37.252.173.27	29990 (ASN-APPNEX) (ASN-APPNEX)
2	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba1a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
17	2606:4700:10:... 2606:4700:10::6816:1857	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2620:1ec:48::67 2620:1ec:48::67	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5 5	72.251.249.13 72.251.249.13	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
2 3	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
2 3	37.157.6.253 37.157.6.253	198622 (ADFORM) (ADFORM)
5 7	76.223.111.131 76.223.111.131	16509 (AMAZON-02) (AMAZON-02)
1	199.232.137.44 199.232.137.44	54113 (FASTLY) (FASTLY)
1	2600:1f18:659... 2600:1f18:6593:f602:4d5e:ab92:54cb:6c57	14618 (AMAZON-AES) (AMAZON-AES)
2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	2a05:d018:24:... 2a05:d018:24:b002:ebbe:4057:3491:6f67	16509 (AMAZON-02) (AMAZON-02)
2 2	18.203.106.177 18.203.106.177	16509 (AMAZON-02) (AMAZON-02)
1	18.198.69.109 18.198.69.109	16509 (AMAZON-02) (AMAZON-02)
1 1	151.1.205.165 151.1.205.165	3242 (ASN-ITNET) (ASN-ITNET)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	35.201.81.244 35.201.81.244	15169 (GOOGLE) (GOOGLE)
1	89.163.159.104 89.163.159.104	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	52.208.103.128 52.208.103.128	16509 (AMAZON-02) (AMAZON-02)
1 1	212.82.100.182 212.82.100.182	34010 (YAHOO-IRD) (YAHOO-IRD)
1 1	35.178.117.251 35.178.117.251	16509 (AMAZON-02) (AMAZON-02)
1	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
2	34.254.85.82 34.254.85.82	16509 (AMAZON-02) (AMAZON-02)
1	168.119.146.39 168.119.146.39	24940 (HETZNER-AS) (HETZNER-AS)
3 4	151.101.114.49 151.101.114.49	54113 (FASTLY) (FASTLY)
1 1	184.30.20.207 184.30.20.207	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	34.226.132.24 34.226.132.24	14618 (AMAZON-AES) (AMAZON-AES)
1 2	52.95.116.38 52.95.116.38	16509 (AMAZON-02) (AMAZON-02)
1 1	23.45.99.241 23.45.99.241	16625 (AKAMAI-AS) (AKAMAI-AS)
1	54.170.215.80 54.170.215.80	16509 (AMAZON-02) (AMAZON-02)
1	52.208.210.171 52.208.210.171	16509 (AMAZON-02) (AMAZON-02)
3	67.202.110.23 67.202.110.23	32748 (STEADFAST) (STEADFAST)
2	51.89.9.252 51.89.9.252	16276 (OVH) (OVH)
5	185.86.139.103 185.86.139.103	201081 (SMARTADSE...) (SMARTADSERVER)
6 6	213.19.147.44 213.19.147.44	3356 (LEVEL3) (LEVEL3)
1 14	54.77.19.59 54.77.19.59	16509 (AMAZON-02) (AMAZON-02)
1	54.173.100.33 54.173.100.33	14618 (AMAZON-AES) (AMAZON-AES)
2 2	88.214.206.247 88.214.206.247	46636 (NATCOWEB) (NATCOWEB)
2 2	193.0.160.128 193.0.160.128	54312 (ROCKETFUEL) (ROCKETFUEL)
2	178.162.133.149 178.162.133.149	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 1	34.236.212.156 34.236.212.156	14618 (AMAZON-AES) (AMAZON-AES)
2 2	18.184.153.186 18.184.153.186	16509 (AMAZON-02) (AMAZON-02)
3 4	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
2 2	23.111.200.117 23.111.200.117	7979 (SERVERS-COM) (SERVERS-COM)
4	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	185.183.112.148 185.183.112.148	60350 (VP) (VP)
4 4	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	35.157.168.25 35.157.168.25	16509 (AMAZON-02) (AMAZON-02)
3 4	64.202.112.191 64.202.112.191	23352 (SERVERCEN...) (SERVERCENTRAL)
1	54.87.192.123 54.87.192.123	14618 (AMAZON-AES) (AMAZON-AES)
1 2	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
1 1	34.239.198.206 34.239.198.206	14618 (AMAZON-AES) (AMAZON-AES)
1	193.122.130.38 193.122.130.38	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
1	169.197.150.7 169.197.150.7	398989 (DEEPINTENT) (DEEPINTENT)
1 1	70.42.32.159 70.42.32.159	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
2 2	52.58.236.252 52.58.236.252	16509 (AMAZON-02) (AMAZON-02)
1 1	198.148.27.139 198.148.27.139	19189 (PULSEPOINT) (PULSEPOINT)
1 1	185.29.135.233 185.29.135.233	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	202.241.208.57 202.241.208.57	4694 (IDCF IDC ...) (IDCF IDC Frontier Inc.)
2 2	185.184.8.65 185.184.8.65	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1 2	52.46.130.13 52.46.130.13	16509 (AMAZON-02) (AMAZON-02)
1 1	3.91.110.183 3.91.110.183	14618 (AMAZON-AES) (AMAZON-AES)
1 1	52.48.65.146 52.48.65.146	16509 (AMAZON-02) (AMAZON-02)
199	68

1 2606:4700:3034::ac43:cb41 (United States)

ASN13335 (CLOUDFLARENET, US)

uk1.fastandroid.download	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.130.151.18 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.18.151.130.94.clients.your-server.de

miui.blog	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 185.59.220.194 (Frankfurt am Main, Germany)

ASN60068 (CDN77 (^_^)/, GB)
PTR: unn-185-59-220-194.datapacket.com

cdn.miui.blog	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2606:4700:20::ac43:4597 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

services.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tag.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
media.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:1b::621 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

redirector.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:6d::a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r5---sn-4g5edns6.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.28.203.152 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com

c2shb.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 136.144.59.88 (Secaucus, United States)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 46.249.52.248 (Netherlands) 1 redirects

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net

ads.us.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u-ams02.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700:20::681a:34e (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

useast.quantumdex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.quantumdex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ms.quantumdex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 54.246.172.223 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

ads.servenobid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

5cd9518feaf10d5358376384dfbd6d28.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.184.194 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2.18.234.21 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 37.252.173.27 (Frankfurt am Main, Germany) 9 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:ba1a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

code.createjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:48::67 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

public.servenobid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 72.251.249.13 (Amsterdam, Netherlands) 5 redirects

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.227.248.159 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.6.253 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)
PTR: s1.adform.net

dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 76.223.111.131 (United States) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.137.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:6593:f602:4d5e:ab92:54cb:6c57 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dmp.v.fwmrm.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:24:b002:ebbe:4057:3491:6f67 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

sync.tidaltv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.203.106.177 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.198.69.109 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com

loadeu.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.1.205.165 (Bellagio, Italy) 1 redirects

ASN3242 (ASN-ITNET, IT)

bn01.er.bemail.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.81.244 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

idsync.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.163.159.104 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

dmp.theadex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.208.103.128 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.182 (United Kingdom) 1 redirects

ASN34010 (YAHOO-IRD, GB)

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.178.117.251 (London, United Kingdom) 1 redirects

ASN16509 (AMAZON-02, US)

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.254.85.82 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-85-82.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 168.119.146.39 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.39.146.119.168.clients.your-server.de

sync.richaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.114.49 (Frankfurt am Main, Germany) 3 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.20.207 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-207.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.226.132.24 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.95.116.38 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.45.99.241 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-99-241.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.170.215.80 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-170-215-80.eu-west-1.compute.amazonaws.com

obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.208.210.171 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

g2.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 67.202.110.23 (Crown Point, United States)

ASN32748 (STEADFAST, US)
PTR: ip23.67-202-110.static.steadfastdns.net

pixel.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssc-cms.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.89.9.252 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.86.139.103 (France)

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 213.19.147.44 (United Kingdom) 6 redirects

ASN3356 (LEVEL3, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 54.77.19.59 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

rtb.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.173.100.33 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-173-100-33.compute-1.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.214.206.247 (United Kingdom) 2 redirects

ASN46636 (NATCOWEB, US)
PTR: buycheapfags.com

cs.admanmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.0.160.128 (United States) 2 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.162.133.149 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.236.212.156 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-236-212-156.compute-1.amazonaws.com

nep.advangelists.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.184.153.186 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-153-186.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.156.0.31 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.111.200.117 (Russian Federation) 2 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.183.112.148 (Paris, France) 1 redirects

ASN60350 (VP, FR)

sync.adotmob.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.244.159.8 (Kansas City, United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.157.168.25 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 64.202.112.191 (United States) 3 redirects

ASN23352 (SERVERCENTRAL, US)

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.87.192.123 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:110:c305::8000 (United Kingdom) 1 redirects

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.239.198.206 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-239-198-206.compute-1.amazonaws.com

sync.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.122.130.38 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)

sync.technoratimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)

match.deepintent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 70.42.32.159 (United States) 1 redirects

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.58.236.252 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.139 (New York, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.135.233 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 202.241.208.57 (Japan) 1 redirects

ASN4694 (IDCF IDC Frontier Inc., JP)

tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.65 (Amsterdam, Netherlands) 2 redirects

ASN204995 (RTB-HOUSE-AMS, PL)

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.46.130.13 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.91.110.183 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

beacon.lynx.cognitivlabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.48.65.146 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-65-146.eu-west-1.compute.amazonaws.com

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	miui.blog miui.blog cdn.miui.blog	625 KB
17	zeotap.com spl.zeotap.com mwzeom.zeotap.com	5 KB
16	googlesyndication.com 5cd9518feaf10d5358376384dfbd6d28.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	76 KB
16	vlitag.com 1 redirects services.vlitag.com tag.vlitag.com assets.vlitag.com media.vlitag.com	1022 KB
15	gumgum.com 1 redirects g2.gumgum.com rtb.gumgum.com	5 KB
14	quantumdex.io 1 redirects useast.quantumdex.io sync.quantumdex.io ms.quantumdex.io	13 KB
14	doubleclick.net 6 redirects securepubads.g.doubleclick.net googleads.g.doubleclick.net googleads4.g.doubleclick.net cm.g.doubleclick.net	144 KB
12	adnxs.com 9 redirects ib.adnxs.com secure.adnxs.com	9 KB
11	yahoo.com 5 redirects c2shb.ssp.yahoo.com cms.analytics.yahoo.com ups.analytics.yahoo.com pr-bh.ybp.yahoo.com	8 KB
9	casalemedia.com 3 redirects dsum-sec.casalemedia.com ssum-sec.casalemedia.com	10 KB
8	servenobid.com ads.servenobid.com public.servenobid.com	5 KB
7	adsrvr.org 5 redirects match.adsrvr.org	3 KB
6	pubmatic.com image6.pubmatic.com ads.pubmatic.com	34 KB
5	smartadserver.com ssbsync.smartadserver.com	1 KB
5	lijit.com 5 redirects ap.lijit.com	3 KB
4	outbrain.com 3 redirects sync.outbrain.com	1 KB
4	openx.net 4 redirects eu-u.openx.net us-u.openx.net	1 KB
4	1rx.io 4 redirects sync.1rx.io	2 KB
4	amazon-adsystem.com 2 redirects aax-eu.amazon-adsystem.com s.amazon-adsystem.com	2 KB
4	everesttech.net 3 redirects sync-tm.everesttech.net	1 KB
4	google-analytics.com www.google-analytics.com	38 KB
3	33across.com pixel.33across.com ssc-cms.33across.com
3	krxd.net 1 redirects beacon.krxd.net usermatch.krxd.net	940 B
3	adform.net 2 redirects dmp.adform.net c1.adform.net	1 KB
3	tapad.com 2 redirects pixel.tapad.com	1 KB
3	2mdn.net s0.2mdn.net	63 KB
3	google.com adservice.google.com www.google.com	697 B
3	e-planning.net 1 redirects ads.us.e-planning.net u-ams02.e-planning.net	2 KB
3	googletagservices.com www.googletagservices.com	85 KB
2	creativecdn.com 2 redirects creativecdn.com	695 B
2	360yield.com 2 redirects ad.360yield.com	617 B
2	betweendigital.com 2 redirects ads.betweendigital.com	925 B
2	advertising.com 2 redirects pixel.advertising.com	676 B
2	sonobi.com sync.go.sonobi.com	1 KB
2	rfihub.com 2 redirects p.rfihub.com	1 KB
2	admanmedia.com 2 redirects cs.admanmedia.com	795 B
2	unrulymedia.com 2 redirects sync.targeting.unrulymedia.com	938 B
2	onetag-sys.com onetag-sys.com	2 KB
2	mathtag.com 2 redirects pixel.mathtag.com sync.mathtag.com	1 KB
2	crwdcntrl.net 2 redirects bcp.crwdcntrl.net	1 KB
2	weborama.fr 2 redirects idsync.frontend.weborama.fr	843 B
2	demdex.net 2 redirects dpm.demdex.net	2 KB
2	tidaltv.com 2 redirects sync.tidaltv.com	792 B
2	criteo.net static.criteo.net	53 KB
2	criteo.com bidder.criteo.com gum.criteo.com	2 KB
2	googlevideo.com 1 redirects redirector.googlevideo.com r5---sn-4g5edns6.googlevideo.com	765 B
2	googletagmanager.com www.googletagmanager.com	70 KB
2	googleapis.com fonts.googleapis.com imasdk.googleapis.com	116 KB
1	adroll.com 1 redirects d.adroll.com	112 B
1	cognitivlabs.com 1 redirects beacon.lynx.cognitivlabs.com	376 B
1	socdm.com 1 redirects tg.socdm.com	692 B
1	contextweb.com 1 redirects bh.contextweb.com	383 B
1	zemanta.com 1 redirects b1sync.zemanta.com	304 B
1	deepintent.com match.deepintent.com	44 B
1	technoratimedia.com sync.technoratimedia.com	293 B
1	ipredictive.com 1 redirects sync.ipredictive.com	428 B
1	stackadapt.com sync.srv.stackadapt.com	168 B
1	bidswitch.net x.bidswitch.net	146 B
1	adotmob.com 1 redirects sync.adotmob.com	684 B
1	advangelists.com 1 redirects nep.advangelists.com	225 B
1	postrelease.com jadserve.postrelease.com	427 B
1	imrworldwide.com obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com	38 B
1	bluekai.com 1 redirects tags.bluekai.com	346 B
1	richaudience.com sync.richaudience.com	358 B
1	mookie1.com odr.mookie1.com	324 B
1	agkn.com 1 redirects aa.agkn.com	382 B
1	theadex.com dmp.theadex.com	378 B
1	adition.com 1 redirects dsp.adfarm1.adition.com	596 B
1	bemail.it 1 redirects bn01.er.bemail.it	659 B
1	exelator.com loadeu.exelator.com	324 B
1	fwmrm.net dmp.v.fwmrm.net	411 B
1	taboola.com trc.taboola.com	162 B
1	createjs.com code.createjs.com	48 KB
1	google.de adservice.google.de	165 B
1	a-mo.net prebid.a-mo.net	361 B
1	jsdelivr.net cdn.jsdelivr.net	1 KB
1	gstatic.com fonts.gstatic.com	14 KB
1	bootstrapcdn.com stackpath.bootstrapcdn.com	7 KB
1	fastandroid.download uk1.fastandroid.download	1 KB
0	emxdgt.com Failed cs.emxdgt.com Failed
199	80

	Domain	Requested by
20	cdn.miui.blog	miui.blog
14	rtb.gumgum.com	1 redirects public.servenobid.com g2.gumgum.com
14	mwzeom.zeotap.com	spl.zeotap.com
12	sync.quantumdex.io	assets.vlitag.com sync.quantumdex.io ssum-sec.casalemedia.com
12	assets.vlitag.com	tag.vlitag.com miui.blog
9	ib.adnxs.com	7 redirects googleads.g.doubleclick.net spl.zeotap.com
9	pagead2.googlesyndication.com	securepubads.g.doubleclick.net 5cd9518feaf10d5358376384dfbd6d28.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
8	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net g2.gumgum.com
7	match.adsrvr.org	5 redirects g2.gumgum.com ssum-sec.casalemedia.com
7	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net ssum-sec.casalemedia.com
7	ads.servenobid.com	assets.vlitag.com public.servenobid.com ssbsync.smartadserver.com g2.gumgum.com
6	tpc.googlesyndication.com	securepubads.g.doubleclick.net 5cd9518feaf10d5358376384dfbd6d28.safeframe.googlesyndication.com tpc.googlesyndication.com
5	ssbsync.smartadserver.com	public.servenobid.com ssbsync.smartadserver.com
5	ap.lijit.com	5 redirects
4	sync.outbrain.com	3 redirects g2.gumgum.com
4	ads.pubmatic.com	sync.quantumdex.io g2.gumgum.com ads.pubmatic.com
4	ups.analytics.yahoo.com	3 redirects ssum-sec.casalemedia.com
4	sync.1rx.io	4 redirects
4	sync-tm.everesttech.net	3 redirects g2.gumgum.com
4	c2shb.ssp.yahoo.com	assets.vlitag.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	secure.adnxs.com	2 redirects ssum-sec.casalemedia.com
3	pixel.tapad.com	2 redirects spl.zeotap.com
3	spl.zeotap.com	assets.vlitag.com spl.zeotap.com
3	s0.2mdn.net	uk1.fastandroid.download s0.2mdn.net
3	www.googletagservices.com	tag.vlitag.com securepubads.g.doubleclick.net 5cd9518feaf10d5358376384dfbd6d28.safeframe.googlesyndication.com
2	s.amazon-adsystem.com	1 redirects ssum-sec.casalemedia.com
2	creativecdn.com	2 redirects
2	ad.360yield.com	2 redirects
2	pr-bh.ybp.yahoo.com	1 redirects ssum-sec.casalemedia.com
2	us-u.openx.net	2 redirects
2	eu-u.openx.net	2 redirects
2	c1.adform.net	2 redirects
2	ssum-sec.casalemedia.com	sync.quantumdex.io ssum-sec.casalemedia.com
2	ssc-cms.33across.com	sync.quantumdex.io g2.gumgum.com
2	ads.betweendigital.com	2 redirects
2	pixel.advertising.com	2 redirects
2	sync.go.sonobi.com	sync.quantumdex.io
2	p.rfihub.com	2 redirects
2	cs.admanmedia.com	2 redirects
2	sync.targeting.unrulymedia.com	2 redirects
2	onetag-sys.com	public.servenobid.com sync.quantumdex.io
2	aax-eu.amazon-adsystem.com	1 redirects
2	beacon.krxd.net	spl.zeotap.com
2	bcp.crwdcntrl.net	2 redirects
2	idsync.frontend.weborama.fr	2 redirects
2	dpm.demdex.net	2 redirects
2	sync.tidaltv.com	2 redirects
2	image6.pubmatic.com	spl.zeotap.com ads.pubmatic.com
2	static.criteo.net	assets.vlitag.com static.criteo.net
2	googleads4.g.doubleclick.net	uk1.fastandroid.download
2	www.google.com	5cd9518feaf10d5358376384dfbd6d28.safeframe.googlesyndication.com tpc.googlesyndication.com
2	googleads.g.doubleclick.net	5cd9518feaf10d5358376384dfbd6d28.safeframe.googlesyndication.com uk1.fastandroid.download
2	ads.us.e-planning.net	1 redirects
2	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net
2	services.vlitag.com	miui.blog services.vlitag.com
2	www.googletagmanager.com	miui.blog tag.vlitag.com
1	d.adroll.com	1 redirects
1	beacon.lynx.cognitivlabs.com	1 redirects
1	tg.socdm.com	1 redirects
1	sync.mathtag.com	1 redirects
1	bh.contextweb.com	1 redirects
1	b1sync.zemanta.com	1 redirects
1	match.deepintent.com	g2.gumgum.com
1	sync.technoratimedia.com	g2.gumgum.com
1	sync.ipredictive.com	1 redirects
1	sync.srv.stackadapt.com	g2.gumgum.com
1	x.bidswitch.net	g2.gumgum.com
1	sync.adotmob.com	1 redirects
1	ms.quantumdex.io	1 redirects
1	nep.advangelists.com	1 redirects
1	jadserve.postrelease.com	public.servenobid.com
1	pixel.33across.com	public.servenobid.com
1	g2.gumgum.com	public.servenobid.com
1	obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com	spl.zeotap.com
1	tags.bluekai.com	1 redirects
1	usermatch.krxd.net	1 redirects
1	pixel.mathtag.com	1 redirects
1	sync.richaudience.com	spl.zeotap.com
1	odr.mookie1.com	spl.zeotap.com
1	aa.agkn.com	1 redirects
1	cms.analytics.yahoo.com	1 redirects
1	dmp.theadex.com	spl.zeotap.com
1	dsp.adfarm1.adition.com	1 redirects
1	bn01.er.bemail.it	1 redirects
1	loadeu.exelator.com	spl.zeotap.com
1	dmp.v.fwmrm.net	spl.zeotap.com
1	trc.taboola.com	spl.zeotap.com
1	dmp.adform.net	spl.zeotap.com
1	u-ams02.e-planning.net
1	public.servenobid.com	assets.vlitag.com
1	gum.criteo.com	static.criteo.net
1	code.createjs.com	s0.2mdn.net
1	5cd9518feaf10d5358376384dfbd6d28.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	useast.quantumdex.io	assets.vlitag.com
1	bidder.criteo.com	assets.vlitag.com
1	prebid.a-mo.net	assets.vlitag.com
1	r5---sn-4g5edns6.googlevideo.com	miui.blog
1	redirector.googlevideo.com	1 redirects
1	media.vlitag.com	1 redirects
1	cdn.jsdelivr.net	assets.vlitag.com
1	imasdk.googleapis.com	tag.vlitag.com
1	tag.vlitag.com	services.vlitag.com
1	fonts.gstatic.com	fonts.googleapis.com
1	stackpath.bootstrapcdn.com	miui.blog
1	fonts.googleapis.com	miui.blog
1	miui.blog
1	uk1.fastandroid.download
0	cs.emxdgt.com Failed	g2.gumgum.com
199	111

This site contains links to these domains. Also see Links.

Domain
undefined
valueimpression.com

Subject Issuer	Validity	Valid
miui.blog R3	`2021-05-20` - `2021-08-18`	3 months	crt.sh
cdn.miui.blog R3	`2021-05-11` - `2021-08-09`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-05-10` - `2021-08-02`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-03-01` - `2022-02-28`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-05-18` - `2022-03-26`	10 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2021-05-25` - `2021-08-03`	2 months	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-03-18` - `2021-09-08`	6 months	crt.sh
*.a-mo.net R3	`2021-05-11` - `2021-08-09`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-04-14` - `2021-07-12`	3 months	crt.sh
ads.us.e-planning.net R3	`2021-05-24` - `2021-08-22`	3 months	crt.sh
*.servenobid.com Amazon	`2021-02-12` - `2022-03-13`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-05-10` - `2021-08-02`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-04-14` - `2021-07-12`	3 months	crt.sh
tls.adobe.com DigiCert SHA2 Secure Server CA	`2020-06-01` - `2022-06-06`	2 years	crt.sh
public.servenobid.com DigiCert TLS RSA SHA256 2020 CA1	`2021-05-22` - `2022-05-22`	a year	crt.sh
*.e-planning.net R3	`2021-06-04` - `2021-09-02`	3 months	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
*.v.fwmrm.net DigiCert TLS RSA SHA256 2020 CA1	`2020-11-17` - `2021-12-18`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2020-12-07` - `2021-12-14`	a year	crt.sh
*.exelator.com Go Daddy Secure Certificate Authority - G2	`2019-05-17` - `2021-06-25`	2 years	crt.sh
*.tapad.com DigiCert SHA2 Secure Server CA	`2020-10-05` - `2021-11-06`	a year	crt.sh
*.theadex.com GeoTrust RSA CA 2018	`2019-10-11` - `2021-10-10`	2 years	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-22` - `2022-03-25`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-01-13` - `2022-01-07`	a year	crt.sh
*.richaudience.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-17` - `2022-03-16`	a year	crt.sh
aax-eu.amazon-adsystem.com Amazon	`2021-04-09` - `2022-03-20`	a year	crt.sh
*.redinuid.imrworldwide.com Amazon	`2020-05-27` - `2021-06-27`	a year	crt.sh
*.gumgum.com Amazon	`2020-07-03` - `2021-08-03`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-01` - `2021-09-30`	a year	crt.sh
onetag-sys.com R3	`2021-05-02` - `2021-07-31`	3 months	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh
*.postrelease.com Amazon	`2021-01-28` - `2022-02-25`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2020-12-06` - `2022-01-07`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2019-10-29` - `2021-11-23`	2 years	crt.sh
*.srv.stackadapt.com Amazon	`2020-12-09` - `2022-01-07`	a year	crt.sh
*.technoratimedia.com DigiCert SHA2 High Assurance Server CA	`2020-07-28` - `2021-10-01`	a year	crt.sh
*.deepintent.com Go Daddy Secure Certificate Authority - G2	`2020-04-09` - `2022-06-08`	2 years	crt.sh
*.everesttech.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
s.amazon-adsystem.com Amazon	`2020-08-28` - `2021-08-20`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-03-29` - `2021-09-22`	6 months	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-03-22` - `2021-09-15`	6 months	crt.sh

This page contains 33 frames:

Primary Page: https://miui.blog/
Frame ID: 3CD16CCD73C554A1F62ED223D17D9A5A
Requests: 67 HTTP requests in this frame

Frame: https://5cd9518feaf10d5358376384dfbd6d28.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 5B430B059A6D6FA449A48FAD832AD885
Requests: 15 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=UA-128776493-29
Frame ID: 90C6D7FE2532536F929E19D10D67A9EB
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKfiYRCs8_wBGJzciqoBMAE&v=APEucNVjF_0IOMAHkMc8WXP5fpCQrjnsn1MaSrJ15nUZmceM0hb_G5fvgGBjz-Uut65YnxhXMXjEIYd5C9rg0HTwtsnBeEcFJSiZzVIjn_7Kkoh-Vr91U7alJo5wqJ-MWVFCVrFP6Seols8qkSY-xVk8MWOKa3SfTPCnyULZC_byTrNWzvQGsDc
Frame ID: 0C1FA19973017A53633C38B2AA5BC541
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: A29A8E204FFFA44ABF9AD6CCA762333A
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: AC704E35EB50BA65802E716DB6B16ACF
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A3A8440C7AD3E63AACB6B9ED5E580591
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/9229046/1622217574098/2021OP_Teletravail_728x90px-illustration_Avril_fond_blanc/2021OP_Teletravail_728x90px-illustration_Avril_fond_blanc.html
Frame ID: F32FA0398C2B6C652C5DA298071C0D7D
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=miui.blog&gdpr=1&gdpr_consent=
Frame ID: C7A06F004D26627A8CB8A9C8CB7F5E27
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf72470-ab84-4d96-666e-17a73ce0a507&reqId=8ba4980b-8292-48f7-4f78-c2617ddf2dd6&zdid=1361&cmp=0
Frame ID: 0E3EE3AF79407D0DA19170EDB9F79036
Requests: 31 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html?gdpr=1&gdpr_consent=
Frame ID: 9441877342512D8DA88AAC1A3121D377
Requests: 7 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/quantumdex
Frame ID: 48E1EDE8EDABB14E8F23684F13F67474
Requests: 12 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=1&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: 673294921CC825B8B7C452A30CC201AB
Requests: 15 HTTP requests in this frame

Frame: https://pixel.33across.com/ps?m=xch&rt=html&id=0010b00002Mq2FYAAZ&ru=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D304%26uid%3D33XUSERID33X
Frame ID: 896FFB4CD9FB2FA31A5F1F5007305F44
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=1&gdpr_consent=&us_privacy=1---&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: E2BC751014A1697981D93A5588EFF3E4
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=1&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: 482201BAFE1088A089684F7BD703C509
Requests: 6 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Frame ID: 824C943F9045B8C2A579D6A71DA2B09D
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: CFA5E2B0CFFF9124681EC12E3D983AF0
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: B0F664CA1B2D4C04E4918137F643D98E
Requests: 10 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: D854D0DA84190D861272962F6D1251A3
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 289D9E3D4CE99F312D514285482405A5
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=mmh&i=123360b9-deba-4000-8980-7ed1d41e2cc5&gdpr=1&gdpr_consent=
Frame ID: 0BCB6184E46A36B73B674A39BAD1ABFE
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=&_test=YLneugABUGMuPwBg
Frame ID: 0F29DE3C7C2B4ED092007A5370CFE98D
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV84NmM1Y2YwNS01ZTBiLTRiNDMtYjljMi0wNGJjZGQ4ZTA3MDM=&gdpr=1&gdpr_consent=
Frame ID: 027B09F05ECF08ECADD75BB35C6C27AC
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=1&gdprConsent=
Frame ID: D802492D01EB7C108494788F42A8DEA8
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
Frame ID: 9511499AD4F1EF681F42D8D949E01E79
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
Frame ID: 1C888573BB3253F95DAD9CFB7EAFEAA7
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Frame ID: C82DD716FC6810F2E386677062FD18E9
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=sus&i=YLneucCo5sEAACbki9YAAAAA
Frame ID: 322793CC514ED852D32624BBFA760367
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=zet&i=1870471595660608388
Frame ID: A536054FE012E36A81156ECDF8D2B197
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=rth&i=VE8b2iyCv3FsFO2E3sRi&pi=gumgum&tc=1
Frame ID: A07D2224A4724E9FD465FCF41ABB969E
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 7830D76905EDDBE5FDC773234B95981E
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 526DAAEE4DC457E31BD2E53921D9C69E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://uk1.fastandroid.download/ Page URL
https://miui.blog/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

199
Requests

99 %
HTTPS

30 %
IPv6

80
Domains

111
Subdomains

68
IPs

10
Countries

2451 kB
Transfer

5184 kB
Size

4
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://undefined/?ref=miui.blog
Title: Valueimpression

Search URL Search Domain Scan URL

URL: https://valueimpression.com/?ref=miui.blog

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://uk1.fastandroid.download/ Page URL
https://miui.blog/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 45

https://media.vlitag.com/vid/?id=r8AoVMBwjcc&t=y HTTP 302
https://redirector.googlevideo.com/videoplayback?expire=1622801734&ei=5qi5YPKuNcnWxN8P8I2LmAU&ip=18.203.126.176&id=o-AH2E113wCHeMceSc_oJxNtBGvD4bEnzucC1JPfd40T5R&itag=22&source=youtube&requiressl=yes&mh=eI&mm=31%2C26&mn=sn-q0cedn7s%2Csn-5hnekn7l&ms=au%2Conr&mv=u&mvi=5&pl=23&vprv=1&mime=video%2Fmp4&ns=GSoyTrmwM0lyDVXVjc_Um4wF&ratebypass=yes&dur=307.989&lmt=1614587910266558&mt=1622779351&fvip=5&fexp=24001373%2C24007246&c=WEB&txp=1432434&n=ljGWLu30IczSxOOH&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cratebypass%2Cdur%2Clmt&sig=AOq0QJ8wRQIgcv9-Gobi8iEBahpuL1WEiybf9Hfe9ZO_6tp46wJswY4CIQCO7eAReuN6PHYBXAo5Mm8-daEhZIu6T_VcC4ObdEKVsg%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRgIhAMuycxKyHUsVWZ26Ku-p7HpM_t3WHqSA6ximvpZCJi8vAiEArqrfRDVVEDpnZdKJe91r_40KpXyf1lFtURT4RMEHypU%3D HTTP 302
https://r5---sn-4g5edns6.googlevideo.com/videoplayback?expire=1622801734&ei=5qi5YPKuNcnWxN8P8I2LmAU&ip=18.203.126.176&id=o-AH2E113wCHeMceSc_oJxNtBGvD4bEnzucC1JPfd40T5R&itag=22&source=youtube&requiressl=yes&vprv=1&mime=video%2Fmp4&ns=GSoyTrmwM0lyDVXVjc_Um4wF&ratebypass=yes&dur=307.989&lmt=1614587910266558&fexp=24001373%2C24007246&c=WEB&txp=1432434&n=ljGWLu30IczSxOOH&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cratebypass%2Cdur%2Clmt&sig=AOq0QJ8wRQIgcv9-Gobi8iEBahpuL1WEiybf9Hfe9ZO_6tp46wJswY4CIQCO7eAReuN6PHYBXAo5Mm8-daEhZIu6T_VcC4ObdEKVsg%3D%3D&cms_redirect=yes&mh=eI&mip=2a01:4f8:192:5414::2&mm=31&mn=sn-4g5edns6&ms=au&mt=1622793415&mv=m&mvi=5&pl=50&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAOmAnnT4TyuRtw7ouaAuIWzTXLyfiQTCMIjf3JPIcduaAiEAjMWq4szNEF5TGOcTSS0AW2jsdkM2EvfnkJBRVWEQw-I%3D

Request Chain 52

https://ads.us.e-planning.net/hb/1/2c995/1/miui.blog/ROS?rnd=0.7203443886233558&e=300x600_0%3A300x600%2B160x600_0%3A160x600%2B300x250_0%3A300x250%2B970x90_0%3A970x90%2B728x90_0%3A728x90&ur=https%3A%2F%2Fmiui.blog%2F&r=pbjs&pbv=4.38.0&ncb=1&vs=FFFFF&crs=UTF-8&fr=https%3A%2F%2Fmiui.blog%2F&gdpr=1&gdprcs= HTTP 302
https://ads.us.e-planning.net/hb/1/2c995/1/miui.blog/ROS?ct=1&rnd=0.7203443886233558&e=300x600_0%3A300x600%2B160x600_0%3A160x600%2B300x250_0%3A300x250%2B970x90_0%3A970x90%2B728x90_0%3A728x90&ur=https%3A%2F%2Fmiui.blog%2F&r=pbjs&pbv=4.38.0&ncb=1&vs=FFFFF&crs=UTF-8&fr=https%3A%2F%2Fmiui.blog%2F&gdpr=1&gdprcs=

Request Chain 83

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMUvi_jSjCsBy8fivsK8l1Y&google_cver=1

Request Chain 84

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YLnetvCEsFb3S-PMUvEwSwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMUvi_jSjCsBy8fivsK8l1Y&google_cver=1

Request Chain 85

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESECYa0Fb2qn-F59fdqBLeCEs&google_cver=1

Request Chain 86

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODA3NjE2NTczOTQ1NzA5MDUzNQ%3D%3D

Request Chain 101

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3c01f1a5a54da346%26fi%3Dd4a70bdad4348c56%26uid%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3c01f1a5a54da346%26fi%3Dd4a70bdad4348c56%26uid%3D%24UID&sovrn_retry=true HTTP 307
https://u-ams02.e-planning.net/um?dc=3c01f1a5a54da346&fi=d4a70bdad4348c56&uid=61245e177df90608480f5686

Request Chain 103

https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf72470-ab84-4d96-666e-17a73ce0a507&reqId=8ba4980b-8292-48f7-4f78-c2617ddf2dd6&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?google_gid=CAESEHXYZ9lPHvZ_mWxTq6BnH_w&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf72470-ab84-4d96-666e-17a73ce0a507&reqId=8ba4980b-8292-48f7-4f78-c2617ddf2dd6&zdid=1361

Request Chain 104

https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D6cf72470-ab84-4d96-666e-17a73ce0a507%26reqId%3D8ba4980b-8292-48f7-4f78-c2617ddf2dd6%26zdid%3D1361 HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D6cf72470-ab84-4d96-666e-17a73ce0a507%26reqId%3D8ba4980b-8292-48f7-4f78-c2617ddf2dd6%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=864fed5d-2c16-4606-861c-99603a67178a&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf72470-ab84-4d96-666e-17a73ce0a507&reqId=8ba4980b-8292-48f7-4f78-c2617ddf2dd6&zdid=1361

Request Chain 106

https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D6cf72470-ab84-4d96-666e-17a73ce0a507%26reqId%3D8ba4980b-8292-48f7-4f78-c2617ddf2dd6%26zdid%3D1361 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D6cf72470-ab84-4d96-666e-17a73ce0a507%26reqId%3D8ba4980b-8292-48f7-4f78-c2617ddf2dd6%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=4ab078b0-6108-42ab-a233-00ff7852299c&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf72470-ab84-4d96-666e-17a73ce0a507&reqId=8ba4980b-8292-48f7-4f78-c2617ddf2dd6&zdid=1361

Request Chain 110

https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf72470-ab84-4d96-666e-17a73ce0a507&reqId=8ba4980b-8292-48f7-4f78-c2617ddf2dd6&zdid=1361 HTTP 302
https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf72470-ab84-4d96-666e-17a73ce0a507&reqId=8ba4980b-8292-48f7-4f78-c2617ddf2dd6&zdid=1361&s_h=1 HTTP 302
https://mwzeom.zeotap.com/mw?cid=fc6952ad-32f5-47d7-a83c-a56ab00e8f78&zpartnerid=317&gdpr=1&gdpr_consent=

Request Chain 111

https://dpm.demdex.net/ibs:dpid=199624&dpuuid=6cf72470-ab84-4d96-666e-17a73ce0a507&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D6cf72470-ab84-4d96-666e-17a73ce0a507%26reqId%3D8ba4980b-8292-48f7-4f78-c2617ddf2dd6%26zdid%3D1361 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=6cf72470-ab84-4d96-666e-17a73ce0a507&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D6cf72470-ab84-4d96-666e-17a73ce0a507%26reqId%3D8ba4980b-8292-48f7-4f78-c2617ddf2dd6%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=41344945576930350092590715152152937250&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf72470-ab84-4d96-666e-17a73ce0a507&reqId=8ba4980b-8292-48f7-4f78-c2617ddf2dd6&zdid=1361

Request Chain 113

https://bn01.er.bemail.it/zeotap.php?_bid=6cf72470-ab84-4d96-666e-17a73ce0a507&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf72470-ab84-4d96-666e-17a73ce0a507&reqId=8ba4980b-8292-48f7-4f78-c2617ddf2dd6&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=BE1-2021060410-14147-0.640017001622793911-e59d47c7dbd2b38b38c6af96fd1104db&zdid=533&env=mWeb

Request Chain 114

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D6cf72470-ab84-4d96-666e-17a73ce0a507%26reqId%3D8ba4980b-8292-48f7-4f78-c2617ddf2dd6%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=6969846775909382293&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf72470-ab84-4d96-666e-17a73ce0a507&reqId=8ba4980b-8292-48f7-4f78-c2617ddf2dd6&zdid=1361

Request Chain 116

https://idsync.frontend.weborama.fr/ids?key=zeotap&value=6cf72470-ab84-4d96-666e-17a73ce0a507&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D6cf72470-ab84-4d96-666e-17a73ce0a507%26reqId%3D8ba4980b-8292-48f7-4f78-c2617ddf2dd6%26zdid%3D1361 HTTP 302
https://idsync.frontend.weborama.fr/ids?key=zeotap&value=6cf72470-ab84-4d96-666e-17a73ce0a507&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D6cf72470-ab84-4d96-666e-17a73ce0a507%26reqId%3D8ba4980b-8292-48f7-4f78-c2617ddf2dd6%26zdid%3D1361&bounce=1&random=1304381214 HTTP 302
https://mwzeom.zeotap.com/mw?webouuid=t.QPWmz5hHyWnMe2RYmwte&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf72470-ab84-4d96-666e-17a73ce0a507&reqId=8ba4980b-8292-48f7-4f78-c2617ddf2dd6&zdid=1361

Request Chain 118

https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=6cf72470-ab84-4d96-666e-17a73ce0a507?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf72470-ab84-4d96-666e-17a73ce0a507&reqId=8ba4980b-8292-48f7-4f78-c2617ddf2dd6&zdid=1361 HTTP 302
https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=6cf72470-ab84-4d96-666e-17a73ce0a507?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf72470-ab84-4d96-666e-17a73ce0a507&reqId=8ba4980b-8292-48f7-4f78-c2617ddf2dd6&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?pid=87135aa1c5438555154e7dec268386e9&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf72470-ab84-4d96-666e-17a73ce0a507&reqId=8ba4980b-8292-48f7-4f78-c2617ddf2dd6&zdid=1361

Request Chain 119

https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
https://mwzeom.zeotap.com/mw?cid=y-hS94qnFE2ortTwqUEjlGjwGU9Unvuku1KA--~A&zpartnerid=570&env=mWeb

Request Chain 120

https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf72470-ab84-4d96-666e-17a73ce0a507&reqId=8ba4980b-8292-48f7-4f78-c2617ddf2dd6&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=HI0y5K%2BpxWW0Ur2JZBcqGPKaRTDB9%2BME%2BS41iYitP1U%3D

Request Chain 124

https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D6cf72470-ab84-4d96-666e-17a73ce0a507%26reqId%3D8ba4980b-8292-48f7-4f78-c2617ddf2dd6%26zdid%3D1361 HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D6cf72470-ab84-4d96-666e-17a73ce0a507%26reqId%3D8ba4980b-8292-48f7-4f78-c2617ddf2dd6%26zdid%3D1361&_test=YLneugABehGX9QAC HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YLneugABehGX9QAC&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf72470-ab84-4d96-666e-17a73ce0a507&reqId=8ba4980b-8292-48f7-4f78-c2617ddf2dd6&zdid=1361&_test=YLneugABehGX9QAC

Request Chain 125

https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D6cf72470-ab84-4d96-666e-17a73ce0a507%26reqId%3D8ba4980b-8292-48f7-4f78-c2617ddf2dd6%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=c14760b9-deb8-4d00-bbbf-0ea27364777e&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf72470-ab84-4d96-666e-17a73ce0a507&reqId=8ba4980b-8292-48f7-4f78-c2617ddf2dd6&zdid=1361

Request Chain 126

https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf72470-ab84-4d96-666e-17a73ce0a507&reqId=8ba4980b-8292-48f7-4f78-c2617ddf2dd6&zdid=1361 HTTP 302
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf72470-ab84-4d96-666e-17a73ce0a507&reqId=8ba4980b-8292-48f7-4f78-c2617ddf2dd6&zdid=1361

Request Chain 127

https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=6cf72470-ab84-4d96-666e-17a73ce0a507&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf72470-ab84-4d96-666e-17a73ce0a507&reqId=8ba4980b-8292-48f7-4f78-c2617ddf2dd6&zdid=1361 HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=6cf72470-ab84-4d96-666e-17a73ce0a507&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf72470-ab84-4d96-666e-17a73ce0a507&reqId=8ba4980b-8292-48f7-4f78-c2617ddf2dd6&zdid=1361&dcc=t

Request Chain 128

https://tags.bluekai.com/site/87734?id=6cf72470-ab84-4d96-666e-17a73ce0a507&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf72470-ab84-4d96-666e-17a73ce0a507&reqId=8ba4980b-8292-48f7-4f78-c2617ddf2dd6&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734

Request Chain 135

https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
https://ads.servenobid.com/sync?pid=312&uid=8076165739457090535

Request Chain 136

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID&sovrn_retry=true HTTP 307
https://ads.servenobid.com/sync?pid=310&uid=f7f00827064127582dba397c

Request Chain 137

https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6150967574 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6150967574 HTTP 302
https://sync.1rx.io/usersync/tradedesk/d52ddfc2-dd73-4528-97d2-f790ef7edf33 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-83bb1c57-9bbe-4f85-86a7-9e2c321c14a6-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-83bb1c57-9bbe-4f85-86a7-9e2c321c14a6-003 HTTP 302
https://rtb.gumgum.com/usersync?b=rhy&i=RX-83bb1c57-9bbe-4f85-86a7-9e2c321c14a6-003

Request Chain 139

https://cs.admanmedia.com/sync/durationmedia?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D328%26uid%3D%7B%24UID%7D HTTP 302
https://ads.servenobid.com/sync?pid=328&uid=52179556cc5651e3fa2fab6f4579f9ae8ded9c53

Request Chain 140

https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
https://ads.servenobid.com/sync?pid=324&uid=1870471595660608388

Request Chain 142

https://cs.admanmedia.com/sync/valueimpression?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadman%26uid%3D%7B%24UID%7D HTTP 302
https://sync.quantumdex.io/setuid?bidder=adman&uid=52179556cc5651e3fa2fab6f4579f9ae8ded9c53

Request Chain 143

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8076165739457090535

Request Chain 144

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=8076165739457090535

Request Chain 146

https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D HTTP 302
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-39481e10-40db-4d5a-bf20-b7ec0c968a43

Request Chain 147

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=f7f00827064127582dba397c

Request Chain 148

https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP95fa4174-c50b-11eb-8cdb-02770eac6a52 HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP95fa4174-c50b-11eb-8cdb-02770eac6a52

Request Chain 149

https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-qizxQG1E2uEbfD6kyP.hxf_tIhqeV.7b8_85cXM-~A

Request Chain 150

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=8076165739457090535

Request Chain 151

https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
https://sync.quantumdex.io/setuid?bidder=between&uid=5c35f82d-6931-519b-8f0c-f6bfefb52808

Request Chain 152

https://ms.quantumdex.io/user/sync/quantumdex HTTP 302
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=3311a46b-cf0e-461e-b66f-df93cff0fcb6

Request Chain 159

https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Fssbsync.smartadserver.com%2Fapi%2Fsync%3Fcallerid%3D9%26gdpr%3D1%26gdpr_consent%3D%26partnerid%3D22%26buid%3DYOUR_USER_ID HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=10&sspurl=https%3A%2F%2Fssbsync.smartadserver.com%2Fapi%2Fsync%3Fcallerid%3D9%26gdpr%3D1%26gdpr_consent%3D%26partnerid%3D22%26buid%3DYOUR_USER_ID HTTP 302
https://ssbsync.smartadserver.com/api/sync?callerid=9&gdpr=1&gdpr_consent=&partnerid=22&buid=6030728100479429585

Request Chain 160

https://secure.adnxs.com/getuid?https%3A%2F%2Fssbsync.smartadserver.com%2Fapi%2Fsync%3Fcallerid%3D9%26gdpr%3D1%26gdpr_consent%3D%26partnerid%3D86%26buid%3D$UID HTTP 302
https://ssbsync.smartadserver.com/api/sync?callerid=9&gdpr=1&gdpr_consent=&partnerid=86&buid=8076165739457090535

Request Chain 161

https://sync.adotmob.com/cookie/smart?r=https%3A%2F%2Fssbsync.smartadserver.com%2Fapi%2Fsync%3Fcallerid%3D9%26gdpr%3D1%26gdpr_consent%3D%26partnerid%3D66%26buid%3D%7Bamob_user_id%7D HTTP 302
https://ssbsync.smartadserver.com/api/sync?callerid=9&gdpr=1&gdpr_consent=&partnerid=66&buid=064f22040067c2d3d0b17562

Request Chain 162

https://eu-u.openx.net/w/1.0/cm?id=a547219b-814b-4e3e-8a4f-35c044fa1891&ph=ec81d0b7-c42e-4a42-b97a-9305af647d30&r=https%3A%2F%2Fssbsync.smartadserver.com%2Fapi%2Fsync%3Fcallerid%3D9%26gdpr%3D1%26gdpr_consent%3D%26partnerid%3D100%26buid%3D HTTP 302
https://eu-u.openx.net/w/1.0/cm?cc=1&id=a547219b-814b-4e3e-8a4f-35c044fa1891&ph=ec81d0b7-c42e-4a42-b97a-9305af647d30&r=https%3A%2F%2Fssbsync.smartadserver.com%2Fapi%2Fsync%3Fcallerid%3D9%26gdpr%3D1%26gdpr_consent%3D%26partnerid%3D100%26buid%3D HTTP 302
https://ssbsync.smartadserver.com/api/sync?callerid=9&gdpr=1&gdpr_consent=&partnerid=100&buid=6f1bdd90-a0ed-0cf0-07da-fbac60b20d9e

Request Chain 163

https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID HTTP 302
https://rtb.gumgum.com/usersync?b=apn&i=8076165739457090535

Request Chain 165

https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=1&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
https://rtb.gumgum.com/usersync?b=obn&i=ENC%28DaZYBG8BG8rrfB-N1C31iT_5DGhrj9edntU6pNct7XX8MmZjlE_DIvOPsMsEN8MH%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28DaZYBG8BG8rrfB-N1C31iT_5DGhrj9edntU6pNct7XX8MmZjlE_DIvOPsMsEN8MH%29 HTTP 302
https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_86c5cf05-5e0b-4b43-b9c2-04bcdd8e0703&obuid=ENC(DaZYBG8BG8rrfB-N1C31iT_5DGhrj9edntU6pNct7XX8MmZjlE_DIvOPsMsEN8MH) HTTP 302
https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
https://ib.adnxs.com/getuid?https://sync.outbrain.com/cookie-sync?p=appnexus&uid=DaZYBG8BG8rrfB-N1C31iT_5DGhrj9edntU6pNct7XX8MmZjlE_DIvOPsMsEN8MH HTTP 302
https://sync.outbrain.com/cookie-sync?p=appnexus&uid=DaZYBG8BG8rrfB-N1C31iT_5DGhrj9edntU6pNct7XX8MmZjlE_DIvOPsMsEN8MH

Request Chain 166

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=1&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=1&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
https://rtb.gumgum.com/usersync?b=opx&i=613b29a0-fb90-4f06-a182-acf4c8f20f2e

Request Chain 168

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=1&gdpr_consent= HTTP 302
https://rtb.gumgum.com/usersync?b=oth&i=y-kAa7m8BE2peQ9.1hu7aR2UsaGAJFU5IOnZuv~A

Request Chain 169

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=1&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
https://rtb.gumgum.com/usersync?b=vnt&i=97f88264-c50b-11eb-9224-373fc127c282

Request Chain 172

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_86c5cf05-5e0b-4b43-b9c2-04bcdd8e0703&gdpr=1&gdpr_consent=&us_privacy=1--- HTTP 302
https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=1&us_privacy=1---

Request Chain 173

https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
https://rtb.gumgum.com/usersync?b=idi&i=ffa4cd69-1059-4bbd-94ed-3613f346eff6

Request Chain 174

https://sync.1rx.io/usersync2/floor6&gdpr=1&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1664610463 HTTP 302
https://sync.1rx.io/usersync/tradedesk/4ab078b0-6108-42ab-a233-00ff7852299c HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-83bb1c57-9bbe-4f85-86a7-9e2c321c14a6-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-83bb1c57-9bbe-4f85-86a7-9e2c321c14a6-003 HTTP 302
https://rtb.gumgum.com/usersync?b=rhy&i=RX-83bb1c57-9bbe-4f85-86a7-9e2c321c14a6-003

Request Chain 175

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
https://rtb.gumgum.com/usersync?b=pln&i=1leMvBSrZDIV&ev=1&pid=558355

Request Chain 177

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=1&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
https://rtb.gumgum.com/usersync?b=mmh&i=123360b9-deba-4000-8980-7ed1d41e2cc5&gdpr=1&gdpr_consent=

Request Chain 178

https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent= HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=&_test=YLneugABUGMuPwBg

Request Chain 184

https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
https://rtb.gumgum.com/usersync?b=sus&i=YLneucCo5sEAACbki9YAAAAA

Request Chain 185

https://p.rfihub.com/cm?pub=42796&in=1 HTTP 302
https://rtb.gumgum.com/usersync?b=zet&i=1870471595660608388

Request Chain 186

https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
https://rtb.gumgum.com/usersync?b=rth&i=VE8b2iyCv3FsFO2E3sRi&pi=gumgum&tc=1

Request Chain 190

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YLnetvCEsFb3S_PMUvEwSwAABHIAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YLnetvCEsFb3S_PMUvEwSwAABHIAAAAB&dcc=t

Request Chain 192

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YLnetvCEsFb3S_PMUvEwSwAABHIAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YLnetvCEsFb3S_PMUvEwSwAABHIAAAAB&gdpr_consent=&us_privacy=&gdpr=1&google_tc= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEKQfrjSqpWNYpjMmCnCs3s4&google_cver=1

Request Chain 194

https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=7f2d7f85-f194-4911-9926-f9845c2e3b30&expiration=1654329915 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=7f2d7f85-f194-4911-9926-f9845c2e3b30&expiration=1654329915&C=1

Request Chain 196

https://d.adroll.com/cm/index/ssp?gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0

199 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
uk1.fastandroid.download/ 1022 B
1 KB 261ms
244ms Document
text/html 2606:4700:3034::ac43:cb41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://uk1.fastandroid.download/
Protocol: HTTP/1.1
Server: 2606:4700:3034::ac43:cb41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ba5d43c9dd36a944737e8c670e3d0e730fdf7fa511181cb72767a7d3240fffc

Request headers

Host: uk1.fastandroid.download
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 04 Jun 2021 08:05:03 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 01 Nov 2018 11:26:37 GMT
CF-Cache-Status: DYNAMIC
cf-request-id: 0a77a6f51d00002c4a1eb80000000001
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=1VPrFEbZNuhOlDSkSCwukokmH1iv3tQthnmJwpdSGtICv4NPux2uFds1IkrZ98ExlwsWBqPpIHtepN2BvJCPCOAmvhXrREFqXY9fpGEd5Siw3VaV%2BBhwOs7g4wlDiC7QeZORrtmfXu%2FszO9J73yy3anG"}],"group":"cf-nel","max_age":604800}
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 659fa76829352c4a-FRA
Content-Encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 Primary Request / Show response
miui.blog/ 55 KB
12 KB 143ms
47ms Document
text/html 94.130.151.18
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://miui.blog/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.130.151.18 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.18.151.130.94.clients.your-server.de

Software

nginx / Cloudforspeed

Resource Hash

3e3ae924112de9098a173b4903d406f76c12f625d1b1ad97428f952ecf2faa44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: miui.blog
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: http://uk1.fastandroid.download/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://uk1.fastandroid.download/

Response headers

server: nginx
date: Fri, 04 Jun 2021 08:05:03 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-cache-handler: cache-enabler-engine
x-powered-by: Cloudforspeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br

GET
H2 200 style.min.css
cdn.miui.blog/wp-includes/css/dist/block-library/ 57 KB
10 KB 178ms
72ms Stylesheet
text/css 185.59.220.194
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.miui.blog/wp-includes/css/dist/block-library/style.min.css?ver=5.7.2

Requested by

Host: miui.blog
URL: https://miui.blog/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

unn-185-59-220-194.datapacket.com

Software

BunnyCDN-DE1-713 / Cloudforspeed

Resource Hash

2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://miui.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 08:05:03 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 632
access-control-allow-origin: *
x-powered-by: Cloudforspeed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 2021-06-04 10:05:03
cdn-pullzone: 74710
x-xss-protection: 1; mode=block
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Thu, 15 Apr 2021 06:33:42 GMT
server: BunnyCDN-DE1-713
cdn-requestpullcode: 200
x-frame-options: SAMEORIGIN
x-download-options: noopen
vary: Accept-Encoding
content-type: text/css
cdn-cache: MISS
cdn-uid: 45d28c77-3f21-48ec-9153-ce5cc9b0ce22
cache-control: public, max-age=2592000
cdn-requestid: 16f7dcdcd183e850add14590d11fa7bc
cdn-requestcountrycode: FR
link: <https://miui.blog/wp-includes/css/dist/block-library/style.min.css?ver=5.7.2>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 frontend.css
cdn.miui.blog/wp-content/plugins/download-monitor/assets/css/ 5 KB
2 KB 154ms
49ms Stylesheet
text/css 185.59.220.194
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.miui.blog/wp-content/plugins/download-monitor/assets/css/frontend.css?ver=5.7.2

Requested by

Host: miui.blog
URL: https://miui.blog/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

unn-185-59-220-194.datapacket.com

Software

BunnyCDN-DE1-713 / Cloudforspeed

Resource Hash

b8e149178358873942c6a434f9ae62dd952769a87c2abdf7e659c129acd398fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://miui.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 08:05:03 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 632
access-control-allow-origin: *
x-powered-by: Cloudforspeed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 2021-06-02 21:55:10
cdn-pullzone: 74710
x-xss-protection: 1; mode=block
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Thu, 22 Oct 2020 01:53:14 GMT
server: BunnyCDN-DE1-713
cdn-requestpullcode: 200
x-frame-options: SAMEORIGIN
x-download-options: noopen
vary: Accept-Encoding
content-type: text/css
cdn-cache: HIT
cdn-uid: 45d28c77-3f21-48ec-9153-ce5cc9b0ce22
cache-control: public, max-age=2592000
cdn-requestid: c14c9403668f4e11d027d0b317beb563
cdn-requestcountrycode: FR
link: <https://miui.blog/wp-content/plugins/download-monitor/assets/css/frontend.css?ver=5.7.2>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 style-main.min.css
cdn.miui.blog/wp-content/themes/neve/ 46 KB
11 KB 146ms
41ms Stylesheet
text/css 185.59.220.194
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.miui.blog/wp-content/themes/neve/style-main.min.css?ver=2.11.1

Requested by

Host: miui.blog
URL: https://miui.blog/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

unn-185-59-220-194.datapacket.com

Software

BunnyCDN-DE1-713 / Cloudforspeed

Resource Hash

d5374a45e50b24e0912f173194d13f34f7338e431a0dd26cb25190f362aa7466

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://miui.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 08:05:03 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 632
access-control-allow-origin: *
x-powered-by: Cloudforspeed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 2021-06-04 08:46:07
cdn-pullzone: 74710
x-xss-protection: 1; mode=block
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Mon, 12 Apr 2021 12:24:56 GMT
server: BunnyCDN-DE1-713
cdn-requestpullcode: 200
x-frame-options: SAMEORIGIN
x-download-options: noopen
vary: Accept-Encoding
content-type: text/css
cdn-cache: HIT
cdn-uid: 45d28c77-3f21-48ec-9153-ce5cc9b0ce22
cache-control: public, max-age=2592000
cdn-requestid: 4012359d0e7e736f926c969a34fdbecb
cdn-requestcountrycode: FR
link: <https://miui.blog/wp-content/themes/neve/style-main.min.css?ver=2.11.1>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 css.css
cdn.miui.blog/wp-content/plugins/soralink/assets/css/ 264 B
1 KB 134ms
29ms Stylesheet
text/css 185.59.220.194
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.miui.blog/wp-content/plugins/soralink/assets/css/css.css?ver=5.7.2

Requested by

Host: miui.blog
URL: https://miui.blog/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

unn-185-59-220-194.datapacket.com

Software

BunnyCDN-DE1-713 / Cloudforspeed

Resource Hash

530c865512f3cb31bbf16f61fa7f8e5fa5bf1a9db96fe2f34d5aceb292856320

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://miui.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 08:05:03 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 722
access-control-allow-origin: *
x-powered-by: Cloudforspeed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 2021-06-01 18:52:49
cdn-pullzone: 74710
x-xss-protection: 1; mode=block
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Mon, 16 Sep 2019 14:10:00 GMT
server: BunnyCDN-DE1-713
cdn-requestpullcode: 200
x-frame-options: SAMEORIGIN
x-download-options: noopen
vary: Accept-Encoding
content-type: text/css
cdn-cache: HIT
cdn-uid: 45d28c77-3f21-48ec-9153-ce5cc9b0ce22
cache-control: public, max-age=2592000
cdn-requestid: 2b17a01a592af261946063a435bab9a9
cdn-requestcountrycode: FR
link: <https://miui.blog/wp-content/plugins/soralink/assets/css/css.css?ver=5.7.2>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 css
fonts.googleapis.com/ 2 KB
653 B 31ms
27ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A400&display=swap&ver=2.11.1

Requested by

Host: miui.blog
URL: https://miui.blog/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

55af2c37b183312d14ff01ec9b01350808819ca5e9bd1b1a3b273ec9641c01c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://miui.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 04 Jun 2021 06:19:39 GMT
server: ESF
date: Fri, 04 Jun 2021 08:05:03 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 04 Jun 2021 08:05:03 GMT

GET
H2 200 jquery.min.js Show response
cdn.miui.blog/wp-includes/js/jquery/ 87 KB
33 KB 155ms
51ms Script
application/javascript 185.59.220.194
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.miui.blog/wp-includes/js/jquery/jquery.min.js?ver=3.5.1

Requested by

Host: miui.blog
URL: https://miui.blog/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

unn-185-59-220-194.datapacket.com

Software

BunnyCDN-DE1-713 / Cloudforspeed

Resource Hash

60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://miui.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 08:05:03 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 565
access-control-allow-origin: *
x-powered-by: Cloudforspeed
cdn-cachedat: 2021-06-02 13:12:09
cdn-pullzone: 74710
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Sun, 20 Dec 2020 13:46:11 GMT
server: BunnyCDN-DE1-713
cdn-requestpullcode: 200
x-frame-options: SAMEORIGIN
x-download-options: noopen
vary: Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 45d28c77-3f21-48ec-9153-ce5cc9b0ce22
cache-control: public, max-age=2592000
cdn-requestid: 361c13398b6c82a2cac5db251fa51bfd
cdn-requestcountrycode: FR
link: <https://miui.blog/wp-includes/js/jquery/jquery.min.js?ver=3.5.1>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 jquery-migrate.min.js Show response
cdn.miui.blog/wp-includes/js/jquery/ 11 KB
5 KB 153ms
50ms Script
application/javascript 185.59.220.194
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.miui.blog/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

Requested by

Host: miui.blog
URL: https://miui.blog/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

unn-185-59-220-194.datapacket.com

Software

BunnyCDN-DE1-713 / Cloudforspeed

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://miui.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 08:05:03 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 565
access-control-allow-origin: *
x-powered-by: Cloudforspeed
cdn-cachedat: 2021-06-04 08:48:40
cdn-pullzone: 74710
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Sun, 20 Dec 2020 13:46:11 GMT
server: BunnyCDN-DE1-713
cdn-requestpullcode: 200
x-frame-options: SAMEORIGIN
x-download-options: noopen
vary: Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 45d28c77-3f21-48ec-9153-ce5cc9b0ce22
cache-control: public, max-age=2592000
cdn-requestid: eb37984013ed200301a67c3a7b3a82f2
cdn-requestcountrycode: FR
link: <https://miui.blog/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 wp-hide-post-public.js Show response
cdn.miui.blog/wp-content/plugins/wp-hide-post/public/js/ 838 B
1 KB 152ms
50ms Script
application/javascript 185.59.220.194
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.miui.blog/wp-content/plugins/wp-hide-post/public/js/wp-hide-post-public.js?ver=2.0.10

Requested by

Host: miui.blog
URL: https://miui.blog/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

unn-185-59-220-194.datapacket.com

Software

BunnyCDN-DE1-713 / Cloudforspeed

Resource Hash

57a50c99a31ef4e89e86664e96f6dfbdde163a2eb96e88b3b492c49aa4be2f37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://miui.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 08:05:03 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 565
access-control-allow-origin: *
x-powered-by: Cloudforspeed
cdn-cachedat: 2021-06-04 09:12:14
cdn-pullzone: 74710
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Sat, 10 Nov 2018 05:42:16 GMT
server: BunnyCDN-DE1-713
cdn-requestpullcode: 200
x-frame-options: SAMEORIGIN
x-download-options: noopen
vary: Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 45d28c77-3f21-48ec-9153-ce5cc9b0ce22
cache-control: public, max-age=2592000
cdn-requestid: 1ccee262fb8516983175f73a8909584b
cdn-requestcountrycode: FR
link: <https://miui.blog/wp-content/plugins/wp-hide-post/public/js/wp-hide-post-public.js?ver=2.0.10>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 25ms
23ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: miui.blog
URL: https://miui.blog/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://miui.blog
Referer: https://miui.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 08:05:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 723, 617, 617, 617
age: 2543453
cdn-cachedat: 2021-05-05 23:32:48
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a77a6f6ca000005d8af373000000001
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: fd35e29d59e851d7c0bde078ba9ace5c
cf-ray: 659fa76adb3605d8-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 89 KB
35 KB 36ms
36ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-82879647-3

Requested by

Host: miui.blog
URL: https://miui.blog/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0cf56e637f3bcb035fc496ae264ae9ace595b1ee7f4ee5420cbae70126c32bd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://miui.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 08:05:04 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35936
x-xss-protection: 0
last-modified: Fri, 04 Jun 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 04 Jun 2021 08:05:04 GMT

GET
H2 200 / Show response
services.vlitag.com/adv1/ 933 B
1 KB 165ms
140ms Script
application/javascript 2606:4700:20::ac43:4597
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://services.vlitag.com/adv1/?q=884cee56d9bcf8a9bbc70005893b25a5

Requested by

Host: miui.blog
URL: https://miui.blog/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0406a91b492632e08e3e6eabbc919823dfe97dd296911d1d88342b785dfe27bc

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://miui.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 08:05:04 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a77a6f7cb0000145ad99ff000000001
pragma: no-cache
last-modified: Fri, 4 Jun 2021 08:05:04 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=jY%2B6u7eBL5mky%2FSi9n9YnWmlz%2B%2FxMat%2FywxO%2F4M1Ht1ZAu8%2FLwAwTBdoz61ckuni4%2BzzeI%2FnC%2Bsp2lfl7NocARSGwshpD7p8BSIvVZeijAyr0bpr4YMm0FzsNoxBeX4TUxiXjh87UNNBNpaW"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
cf-ray: 659fa76c7de3145a-FRA
expires: on, 01 Jan 1970 00:00:00 GMT

GET
H2 200 frontend.js Show response
cdn.miui.blog/wp-content/themes/neve/assets/js/build/modern/ 6 KB
3 KB 32ms
31ms Script
application/javascript 185.59.220.194
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.miui.blog/wp-content/themes/neve/assets/js/build/modern/frontend.js?ver=2.11.1

Requested by

Host: miui.blog
URL: https://miui.blog/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

unn-185-59-220-194.datapacket.com

Software

BunnyCDN-DE1-713 / Cloudforspeed

Resource Hash

dd40f3e26baac6d93b92df01cacfcdd5f01ff58cce5e14dc260524617c52db57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://miui.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 08:05:04 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 723
access-control-allow-origin: *
x-powered-by: Cloudforspeed
cdn-cachedat: 2021-06-03 16:25:21
cdn-pullzone: 74710
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Mon, 12 Apr 2021 12:24:56 GMT
server: BunnyCDN-DE1-713
cdn-requestpullcode: 200
x-frame-options: SAMEORIGIN
x-download-options: noopen
vary: Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 45d28c77-3f21-48ec-9153-ce5cc9b0ce22
cache-control: public, max-age=2592000
cdn-requestid: 235506d9230f4b2e66ce03bfe1e35901
cdn-requestcountrycode: FR
link: <https://miui.blog/wp-content/themes/neve/assets/js/build/modern/frontend.js?ver=2.11.1>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 wp-embed.min.js Show response
cdn.miui.blog/wp-includes/js/ 1 KB
1 KB 170ms
71ms Script
application/javascript 185.59.220.194
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.miui.blog/wp-includes/js/wp-embed.min.js?ver=5.7.2

Requested by

Host: miui.blog
URL: https://miui.blog/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

unn-185-59-220-194.datapacket.com

Software

BunnyCDN-DE1-713 / Cloudforspeed

Resource Hash

5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://miui.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 08:05:03 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 601
access-control-allow-origin: *
x-powered-by: Cloudforspeed
cdn-cachedat: 2021-06-04 09:42:51
cdn-pullzone: 74710
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Fri, 12 Feb 2021 15:16:51 GMT
server: BunnyCDN-DE1-713
cdn-requestpullcode: 200
x-frame-options: SAMEORIGIN
x-download-options: noopen
vary: Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 45d28c77-3f21-48ec-9153-ce5cc9b0ce22
cache-control: public, max-age=2592000
cdn-requestid: e9e99298827224a32dd6aafeeb76fa90
cdn-requestcountrycode: FR
link: <https://miui.blog/wp-includes/js/wp-embed.min.js?ver=5.7.2>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v20/ 14 KB
14 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400&display=swap&ver=2.11.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://miui.blog
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Jun 2021 08:33:12 GMT
x-content-type-options: nosniff
last-modified: Tue, 18 May 2021 21:21:19 GMT
server: sffe
age: 257512
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14440
x-xss-protection: 0
expires: Wed, 01 Jun 2022 08:33:12 GMT

GET
H2 200 newmiuilogo.webp
cdn.miui.blog/media/2021/02/ 1 KB
2 KB 87ms
82ms Image
image/webp 185.59.220.194
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.miui.blog/media/2021/02/newmiuilogo.webp

Requested by

Host: miui.blog
URL: https://miui.blog/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

unn-185-59-220-194.datapacket.com

Software

BunnyCDN-DE1-713 / Cloudforspeed

Resource Hash

1eceda0aac3a25fba204008e15abc182f0a6f14e6c7e448d8ed2509a2eccdedf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://miui.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 08:05:04 GMT
x-content-type-options: nosniff
cdn-edgestorageid: 601
access-control-allow-origin: *
x-powered-by: Cloudforspeed
cdn-cachedat: 2021-06-02 20:03:50
cdn-pullzone: 74710
content-length: 1312
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Thu, 18 Feb 2021 15:15:20 GMT
server: BunnyCDN-DE1-713
cdn-requestpullcode: 200
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: image/webp
cdn-cache: HIT
cdn-uid: 45d28c77-3f21-48ec-9153-ce5cc9b0ce22
cache-control: public, max-age=2592000
cdn-requestid: a9f7cb6e622a354d4fe8733564e534d6
cdn-requestcountrycode: FR
accept-ranges: bytes
link: <https://miui.blog/media/2021/02/newmiuilogo.webp>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 movepic-app-apk-930x579.webp
cdn.miui.blog/media/2021/05/ 70 KB
71 KB 39ms
35ms Image
image/webp 185.59.220.194
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.miui.blog/media/2021/05/movepic-app-apk-930x579.webp

Requested by

Host: miui.blog
URL: https://miui.blog/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

unn-185-59-220-194.datapacket.com

Software

BunnyCDN-DE1-713 / Cloudforspeed

Resource Hash

48ccd98f7a54a86f780caba6c22847d2f7c20568c2cd6d08264cb7c9d5e257e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://miui.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 08:05:04 GMT
x-content-type-options: nosniff
cdn-edgestorageid: 632
access-control-allow-origin: *
x-powered-by: Cloudforspeed
cdn-cachedat: 2021-05-30 11:01:59
cdn-pullzone: 74710
content-length: 72044
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Mon, 10 May 2021 08:20:29 GMT
server: BunnyCDN-DE1-713
cdn-requestpullcode: 200
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: image/webp
cdn-cache: HIT
cdn-uid: 45d28c77-3f21-48ec-9153-ce5cc9b0ce22
cache-control: public, max-age=2592000
cdn-requestid: 12ead786dfe712ebffb25f254e471afd
cdn-requestcountrycode: FR
accept-ranges: bytes
link: <https://miui.blog/media/2021/05/movepic-app-apk-930x579.webp>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 picsart-pro-apk-mod-930x578.webp
cdn.miui.blog/media/2021/05/ 66 KB
67 KB 85ms
81ms Image
image/webp 185.59.220.194
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.miui.blog/media/2021/05/picsart-pro-apk-mod-930x578.webp

Requested by

Host: miui.blog
URL: https://miui.blog/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

unn-185-59-220-194.datapacket.com

Software

BunnyCDN-DE1-713 / Cloudforspeed

Resource Hash

33e99eab4ab61afd2bbf6eb1236c731005bf5e633513306a46b6ceac3ca1ba4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://miui.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 08:05:04 GMT
x-content-type-options: nosniff
cdn-edgestorageid: 565
access-control-allow-origin: *
x-powered-by: Cloudforspeed
cdn-cachedat: 2021-05-12 10:40:46
cdn-pullzone: 74710
content-length: 67876
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Mon, 10 May 2021 04:55:30 GMT
server: BunnyCDN-DE1-713
cdn-requestpullcode: 200
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: image/webp
cdn-cache: HIT
cdn-uid: 45d28c77-3f21-48ec-9153-ce5cc9b0ce22
cache-control: public, max-age=2592000
cdn-requestid: 62a9c80ee69692a09696c276a5f5874b
cdn-requestcountrycode: FR
accept-ranges: bytes
link: <https://miui.blog/media/2021/05/picsart-pro-apk-mod-930x578.webp>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 lightroom-mobile-apk-930x620.webp
cdn.miui.blog/media/2021/03/ 71 KB
71 KB 67ms
63ms Image
image/webp 185.59.220.194
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.miui.blog/media/2021/03/lightroom-mobile-apk-930x620.webp

Requested by

Host: miui.blog
URL: https://miui.blog/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

unn-185-59-220-194.datapacket.com

Software

BunnyCDN-DE1-713 / Cloudforspeed

Resource Hash

e9217d029d0d57cfd2eb6cb2b0d26993538b76932939f9862e5aa505350d3c2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://miui.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 08:05:04 GMT
x-content-type-options: nosniff
cdn-edgestorageid: 632
access-control-allow-origin: *
x-powered-by: Cloudforspeed
cdn-cachedat: 2021-05-09 10:12:15
cdn-pullzone: 74710
content-length: 72502
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Sat, 13 Mar 2021 03:04:43 GMT
server: BunnyCDN-DE1-713
cdn-requestpullcode: 200
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: image/webp
cdn-cache: HIT
cdn-uid: 45d28c77-3f21-48ec-9153-ce5cc9b0ce22
cache-control: public, max-age=2592000
cdn-requestid: 8933c6c50e7c10325c77fdaae596f609
cdn-requestcountrycode: FR
accept-ranges: bytes
link: <https://miui.blog/media/2021/03/lightroom-mobile-apk-930x620.webp>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 dpPWtlaNmt.webp
cdn.miui.blog/media/2021/02/ 68 KB
68 KB 87ms
83ms Image
image/webp 185.59.220.194
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.miui.blog/media/2021/02/dpPWtlaNmt.webp

Requested by

Host: miui.blog
URL: https://miui.blog/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

unn-185-59-220-194.datapacket.com

Software

BunnyCDN-DE1-713 / Cloudforspeed

Resource Hash

3b881ed293bcbd0a836ce1da1f039a7652af514141e6938da37cd27c97279d72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://miui.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 08:05:04 GMT
x-content-type-options: nosniff
cdn-edgestorageid: 632
access-control-allow-origin: *
x-powered-by: Cloudforspeed
cdn-cachedat: 2021-05-16 09:36:50
cdn-pullzone: 74710
content-length: 69172
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Fri, 19 Feb 2021 20:34:02 GMT
server: BunnyCDN-DE1-713
cdn-requestpullcode: 200
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: image/webp
cdn-cache: HIT
cdn-uid: 45d28c77-3f21-48ec-9153-ce5cc9b0ce22
cache-control: public, max-age=2592000
cdn-requestid: 7543d87ee4fb6cb4f043e12c929e9636
cdn-requestcountrycode: FR
accept-ranges: bytes
link: <https://miui.blog/media/2021/02/dpPWtlaNmt.webp>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 miui-12-mi-11-lite-930x571.webp
cdn.miui.blog/media/2021/05/ 41 KB
41 KB 84ms
81ms Image
image/webp 185.59.220.194
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.miui.blog/media/2021/05/miui-12-mi-11-lite-930x571.webp

Requested by

Host: miui.blog
URL: https://miui.blog/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

unn-185-59-220-194.datapacket.com

Software

BunnyCDN-DE1-713 / Cloudforspeed

Resource Hash

79c50f0d74e44a35d7a9270c4ed6679e1e030d139622304b343f517af0e85654

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://miui.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 08:05:04 GMT
x-content-type-options: nosniff
cdn-edgestorageid: 632
access-control-allow-origin: *
x-powered-by: Cloudforspeed
cdn-cachedat: 2021-06-03 16:28:33
cdn-pullzone: 74710
content-length: 41784
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Sun, 02 May 2021 05:40:23 GMT
server: BunnyCDN-DE1-713
cdn-requestpullcode: 200
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: image/webp
cdn-cache: HIT
cdn-uid: 45d28c77-3f21-48ec-9153-ce5cc9b0ce22
cache-control: public, max-age=2592000
cdn-requestid: 86d697d7fc6a5e8219410f0257e134b3
cdn-requestcountrycode: FR
accept-ranges: bytes
link: <https://miui.blog/media/2021/05/miui-12-mi-11-lite-930x571.webp>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 miui-12-redmi-note-9-pro-930x620.webp
cdn.miui.blog/media/2021/04/ 53 KB
54 KB 83ms
81ms Image
image/webp 185.59.220.194
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.miui.blog/media/2021/04/miui-12-redmi-note-9-pro-930x620.webp

Requested by

Host: miui.blog
URL: https://miui.blog/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

unn-185-59-220-194.datapacket.com

Software

BunnyCDN-DE1-713 / Cloudforspeed

Resource Hash

f8bd4b68a45676a56db8bdb60ce594671cb1fdd3503db89f3b965b5101f54709

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://miui.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 08:05:04 GMT
x-content-type-options: nosniff
cdn-edgestorageid: 632
access-control-allow-origin: *
x-powered-by: Cloudforspeed
cdn-cachedat: 2021-04-27 14:40:20
cdn-pullzone: 74710
content-length: 54742
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Tue, 27 Apr 2021 04:30:20 GMT
server: BunnyCDN-DE1-713
cdn-requestpullcode: 200
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: image/webp
cdn-cache: HIT
cdn-uid: 45d28c77-3f21-48ec-9153-ce5cc9b0ce22
cache-control: public, max-age=2592000
cdn-requestid: 2a50bd4b894bce295176114d3773d773
cdn-requestcountrycode: FR
accept-ranges: bytes
link: <https://miui.blog/media/2021/04/miui-12-redmi-note-9-pro-930x620.webp>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 download-miui-redmi-note-8-pro-930x620.webp
cdn.miui.blog/media/2021/04/ 30 KB
31 KB 141ms
139ms Image
image/webp 185.59.220.194
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.miui.blog/media/2021/04/download-miui-redmi-note-8-pro-930x620.webp

Requested by

Host: miui.blog
URL: https://miui.blog/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

unn-185-59-220-194.datapacket.com

Software

BunnyCDN-DE1-713 / Cloudforspeed

Resource Hash

6dcdae50c45cb56cb6ae85e7f98cd603edab430fed7d962809da175903cbb80f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://miui.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 08:05:04 GMT
x-content-type-options: nosniff
cdn-edgestorageid: 601
access-control-allow-origin: *
x-powered-by: Cloudforspeed
cdn-cachedat: 2021-05-17 19:01:34
cdn-pullzone: 74710
content-length: 31048
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Fri, 16 Apr 2021 07:41:49 GMT
server: BunnyCDN-DE1-713
cdn-requestpullcode: 200
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: image/webp
cdn-cache: HIT
cdn-uid: 45d28c77-3f21-48ec-9153-ce5cc9b0ce22
cache-control: public, max-age=2592000
cdn-requestid: 90b32c885f7fe655bf90751080d93291
cdn-requestcountrycode: FR
accept-ranges: bytes
link: <https://miui.blog/media/2021/04/download-miui-redmi-note-8-pro-930x620.webp>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 poco-f3-miui-930x620.webp
cdn.miui.blog/media/2021/04/ 17 KB
18 KB 83ms
81ms Image
image/webp 185.59.220.194
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.miui.blog/media/2021/04/poco-f3-miui-930x620.webp

Requested by

Host: miui.blog
URL: https://miui.blog/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

unn-185-59-220-194.datapacket.com

Software

BunnyCDN-DE1-713 / Cloudforspeed

Resource Hash

803c0b1898318311136897de06327e9226b42c381786098070a906c693cf96bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://miui.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 08:05:04 GMT
x-content-type-options: nosniff
cdn-edgestorageid: 722
access-control-allow-origin: *
x-powered-by: Cloudforspeed
cdn-cachedat: 2021-06-03 23:45:03
cdn-pullzone: 74710
content-length: 17794
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Thu, 15 Apr 2021 03:19:23 GMT
server: BunnyCDN-DE1-713
cdn-requestpullcode: 200
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: image/webp
cdn-cache: HIT
cdn-uid: 45d28c77-3f21-48ec-9153-ce5cc9b0ce22
cache-control: public, max-age=2592000
cdn-requestid: a5cfbb2ebd2fb74472d9409e0cb140fe
cdn-requestcountrycode: FR
accept-ranges: bytes
link: <https://miui.blog/media/2021/04/poco-f3-miui-930x620.webp>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 youtube-vanced-logo.webp
cdn.miui.blog/media/2021/04/ 7 KB
8 KB 83ms
82ms Image
image/webp 185.59.220.194
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.miui.blog/media/2021/04/youtube-vanced-logo.webp

Requested by

Host: miui.blog
URL: https://miui.blog/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

unn-185-59-220-194.datapacket.com

Software

BunnyCDN-DE1-713 / Cloudforspeed

Resource Hash

fba6d826607f8740cbaa6097a614c18399e0cca5e92973ff8a91be9524b4fa62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://miui.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 08:05:04 GMT
x-content-type-options: nosniff
cdn-edgestorageid: 601
access-control-allow-origin: *
x-powered-by: Cloudforspeed
cdn-cachedat: 2021-06-03 11:08:06
cdn-pullzone: 74710
content-length: 7506
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Wed, 14 Apr 2021 04:50:02 GMT
server: BunnyCDN-DE1-713
cdn-requestpullcode: 200
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: image/webp
cdn-cache: HIT
cdn-uid: 45d28c77-3f21-48ec-9153-ce5cc9b0ce22
cache-control: public, max-age=2592000
cdn-requestid: 23f77d099a278e5e1b74332fd47f23a0
cdn-requestcountrycode: FR
accept-ranges: bytes
link: <https://miui.blog/media/2021/04/youtube-vanced-logo.webp>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 wedding-card-maker-apps-888x620.webp
cdn.miui.blog/media/2021/03/ 113 KB
114 KB 118ms
116ms Image
image/webp 185.59.220.194
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.miui.blog/media/2021/03/wedding-card-maker-apps-888x620.webp

Requested by

Host: miui.blog
URL: https://miui.blog/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

unn-185-59-220-194.datapacket.com

Software

BunnyCDN-DE1-713 / Cloudforspeed

Resource Hash

5f3f9165bdb3164d4370d9b936dbee1d1bfd3b8a107349a37cecc735bd980405

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://miui.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 08:05:04 GMT
x-content-type-options: nosniff
cdn-edgestorageid: 722
access-control-allow-origin: *
x-powered-by: Cloudforspeed
cdn-cachedat: 2021-06-03 23:45:03
cdn-pullzone: 74710
content-length: 115492
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Wed, 31 Mar 2021 13:39:28 GMT
server: BunnyCDN-DE1-713
cdn-requestpullcode: 200
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: image/webp
cdn-cache: HIT
cdn-uid: 45d28c77-3f21-48ec-9153-ce5cc9b0ce22
cache-control: public, max-age=2592000
cdn-requestid: 05e625b6d3503c0c3eef5e7928ae018b
cdn-requestcountrycode: FR
accept-ranges: bytes
link: <https://miui.blog/media/2021/03/wedding-card-maker-apps-888x620.webp>; rel="canonical"
cdn-requestpullsuccess: True

GET
H3-29 200 / Show response
services.vlitag.com/uv/ 13 B
711 B 171ms
139ms XHR
application/json 2606:4700:20::ac43:4597
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://services.vlitag.com/uv/?page_url=https%3A%2F%2Fmiui.blog%2F&mtk=14041

Requested by

Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=884cee56d9bcf8a9bbc70005893b25a5

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://miui.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 08:05:04 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 13
cf-request-id: 0a77a6f8b50000c2b38d8d5000000001
pragma: no-cache
last-modified: Fri, 4 Jun 2021 08:05:04 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ARgHW6tW57t8ixlauTiF2BgK1Je43H0BIZEyRhH1uFdWB2V6its5Rdr5CeSx22lgwzxkQtw17%2FRIJiIAeMfrm8opgmQTyCEhbse%2BJQL7EeNi5FC3Y%2Bo4SKIVhoaydCR6rxRWMHEPZg%2B2kNX7"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://miui.blog
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
cf-ray: 659fa76debecc2b3-FRA
expires: on, 01 Jan 1970 00:00:00 GMT

GET
H2 200 884cee56d9bcf8a9bbc70005893b25a5.js Show response
tag.vlitag.com/v1/1622714986/ 477 KB
110 KB 54ms
51ms Script
application/javascript 2606:4700:20::ac43:4597
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.vlitag.com/v1/1622714986/884cee56d9bcf8a9bbc70005893b25a5.js

Requested by

Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=884cee56d9bcf8a9bbc70005893b25a5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a524d377a6d328f1d94a9cbb1189e2ccf7c4e164f58d11e8c9132ee9461e095

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://miui.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 08:05:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 78883
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a77a6f8980000145af637c000000001
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=r54CS1r9mywMX8jFpRHpMm7rkS%2BOEn6su71QUNNgxLQ7DITJ1U19qXIQ%2F5l%2F6xO34%2FqtYX%2BDOd3VB%2FYwvcZ3ooWqo1L5Fj2b%2FjxyhPQ%2BhX3IEZdZ0eXuj%2FnlGuG1TOZM3qbJPjZbZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
x-xss-protection: 1; mode=block
cache-control: public, max-age=31536000, immutable
cf-ray: 659fa76db84f145a-FRA

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 13ms
5ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-82879647-3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://miui.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 3221
date: Fri, 04 Jun 2021 07:11:23 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Fri, 04 Jun 2021 09:11:23 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 53ms
26ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=208378288&t=pageview&_s=1&dl=https%3A%2F%2Fmiui.blog%2F&dr=http%3A%2F%2Fuk1.fastandroid.download%2F&ul=en-us&de=UTF-8&dt=The%20MIUI%20Blog%20-%20%231%20Source%20of%20Xiaomi%20Updates&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1845236747&gjid=1408604772&cid=875348142.1622793905&tid=UA-82879647-3&_gid=1874762472.1622793905&_r=1&gtm=2ou621&z=1271759460

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://miui.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 08:05:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://miui.blog
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cmp-v2.0.1.js Show response
assets.vlitag.com/plugins/cmptcf2/ 267 KB
68 KB 71ms
67ms Script
application/javascript 2606:4700:20::ac43:4597
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.vlitag.com/plugins/cmptcf2/cmp-v2.0.1.js

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1622714986/884cee56d9bcf8a9bbc70005893b25a5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

645c745c972fa286538b481ff3da9a58bf2a8b2fba6b8a195853f6d221a4775e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://miui.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 08:05:04 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 988738
cf-polished: origSize=489839
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a77a6fa040000145a288ee000000001
x-robots-tag: noindex, nofollow
last-modified: Tue, 29 Dec 2020 02:18:12 GMT
server: cloudflare
etag: W/"5fea91e4-7796f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=iAfIF7LFXvv0BG%2F2D7mm5AivEzz58W4CPBgHSOOAY9EF9WrUAPixL46nlE%2BBhQtxeaiKyzJfNrCzAOAqe5YT8Rj6ze30s%2F08JKptG3ljJ%2FJCthVvxmkPjGpPFQSP%2BDFxJ0sgLu1XWh8Www%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=16070400
cf-ray: 659fa7700d11145a-FRA
expires: Sun, 23 May 2021 21:56:06 GMT

GET
H2 200 prebid-v4.38.0.js Show response
assets.vlitag.com/prebid/default/ 411 KB
117 KB 72ms
69ms Script
application/javascript 2606:4700:20::ac43:4597
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.vlitag.com/prebid/default/prebid-v4.38.0.js

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1622714986/884cee56d9bcf8a9bbc70005893b25a5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58694600a9bb19ab424e8752ab649f1365563963d2541becd627f15045a107aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://miui.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 08:05:04 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2155186
cf-polished: origSize=421400
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a77a6fa040000145a1f394000000001
x-robots-tag: noindex, nofollow
last-modified: Mon, 10 May 2021 09:25:11 GMT
server: cloudflare
etag: W/"6098fbf7-66e18"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=AoVI2ewFBS9L45QYe7hMPY4TGhVBAsJIFq%2B24BCYHO4dczKeSvMduDcW%2B6fE1VGxCjk%2ByoFehxpWXmfthLbRqNqQL61bZcNq91cVf7L2Ngn%2FyhQUNiZcLpVDFROuXr3gp01o3y4pF9hbxg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=16070400
cf-ray: 659fa7700d13145a-FRA
expires: Mon, 10 May 2021 09:55:18 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 62 KB
21 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1622714986/884cee56d9bcf8a9bbc70005893b25a5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a19ad93b8c725e7f19dcc851248a683bffb63243553bb91f6fafd3bc41302a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://miui.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 08:05:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "892 / 87 of 1000 / last-modified: 1622758190"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21347
x-xss-protection: 0
expires: Fri, 04 Jun 2021 08:05:04 GMT

GET
H2 200 viPlayer_v42.min.js Show response
assets.vlitag.com/plugins/vlPlayer/ 13 KB
5 KB 19ms
17ms Script
application/javascript 2606:4700:20::ac43:4597
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.vlitag.com/plugins/vlPlayer/viPlayer_v42.min.js

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1622714986/884cee56d9bcf8a9bbc70005893b25a5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dbeb241324f4c3e889518c86ec74c1f6f634fff0c6f23f8c5af28273b8f31112

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://miui.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 08:05:04 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 990190
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a77a6fa030000145af924a000000001
x-robots-tag: noindex, nofollow
last-modified: Thu, 26 Nov 2020 03:46:23 GMT
server: cloudflare
etag: W/"5fbf250f-33d4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=mJTnBIelKhbyuZ%2BiPO2qciYmeDXLZsLBSnQ8Kv9jJjCoXn6AqO1YBthyYWkytxY24lwrhD4f%2Fu962hBAxi5Oz5Jf%2FJllsScO3aiSCROXxpPxe8d3QmKZqROJ0XxG%2FOB6TPJMSvNpgRWkJA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=16070400
cf-ray: 659fa7700d0e145a-FRA
expires: Sun, 23 May 2021 21:31:54 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 338 KB
116 KB 29ms
27ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1622714986/884cee56d9bcf8a9bbc70005893b25a5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1ec354b805ad520082c3b2f746892e5d2fbae1d98ce92d06cea57698a1b7dca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://miui.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 08:05:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118295
x-xss-protection: 0
expires: Fri, 04 Jun 2021 08:05:04 GMT

GET
H2 200 sf_host.min.js Show response
assets.vlitag.com/plugins/safeframe/src/js/ 38 KB
16 KB 25ms
24ms Script
application/javascript 2606:4700:20::ac43:4597
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.vlitag.com/plugins/safeframe/src/js/sf_host.min.js

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1622714986/884cee56d9bcf8a9bbc70005893b25a5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://miui.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 08:05:04 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 990190
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a77a6fa050000145ad5afb000000001
x-robots-tag: noindex, nofollow
last-modified: Fri, 01 Nov 2019 05:04:50 GMT
server: cloudflare
etag: W/"5dbbbcf2-9806"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=uoBkFEUIOFwA9PBKcxLvTbA7RpBzJcWS8iEk7RjObYEDf6cRUiNZqjTsTJlQvH5Y1Ny1X%2B0s%2Fh59CIGzUarrQj4jnFpUc6teKcbvNP2wvHW7Z03Bu13aT86RNLgYDo5%2B984OX%2BbaRoazFw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=16070400
cf-ray: 659fa7700d16145a-FRA
expires: Sun, 23 May 2021 21:31:54 GMT

GET
H2 200 pubads_impl_2021052601.js Show response
securepubads.g.doubleclick.net/gpt/ 311 KB
110 KB 132ms
53ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

bf56d0c6b86f69d3f6dfb156399577c16da981c390a16d26c7752ed85bc38ac4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://miui.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 08:05:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 26 May 2021 08:37:30 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 111649
x-xss-protection: 0
expires: Fri, 04 Jun 2021 08:05:04 GMT

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 28ms
6ms XHR
application/json 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20210604

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.38.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

dcf27db433b6458706b5ac5c5c400cc4d66531e8e5658a74496949df98ccb232

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://miui.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 18188
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 945
etag: W/"698-yUdba5+VtxFav4k6yv9G6VeX3oc"
x-served-by: cache-fra19157-FRA, cache-hhn4024-HHN
date: Fri, 04 Jun 2021 08:05:04 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H3-29 200 1572962788.jpg
assets.vlitag.com/widget/2019/11/05/ 83 KB
83 KB 75ms
61ms Image
image/webp 2606:4700:20::ac43:4597
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.vlitag.com/widget/2019/11/05/1572962788.jpg

Requested by

Host: miui.blog
URL: https://miui.blog/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

268d81a69a9e1910b84cf74017fba73517adac9e466f83ba8f264da82e07e74d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://miui.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 08:05:05 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 45011
cf-polished: qual=85, origFmt=jpeg, origSize=111413
content-disposition: inline; filename="1572962788.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 84586
x-xss-protection: 1; mode=block
x-robots-tag: noindex, nofollow
last-modified: Tue, 05 Nov 2019 14:06:28 GMT
server: cloudflare
etag: "5dc181e4-1b335"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=nS3NC88B8MtRIcJ%2F52kuV6IBLAbncpFox2LmzfHube3dq5kwc39npL3ZKyCXlhCAQICPJNrF2oIkYdKLSM1ddSTH5A4FPWp7WdpDfij4dsuAMcOpB%2FlFRtTOrW2Ng1m4j1xpBPzdGY872w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Thu, 03 Jun 2021 20:04:54 GMT
cache-control: max-age=16070400
cf-request-id: 0a77a6fb6b00004e26f3aca000000001
accept-ranges: bytes
cf-ray: 659fa77249284e26-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 1572962830.jpg
assets.vlitag.com/widget/2019/11/05/ 192 KB
192 KB 36ms
22ms Image
image/jpeg 2606:4700:20::ac43:4597
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.vlitag.com/widget/2019/11/05/1572962830.jpg

Requested by

Host: miui.blog
URL: https://miui.blog/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

31370f14534e5bb78d3da68b6cf0e72369feea1bd68aaeac1b61d07094aa1deb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://miui.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 08:05:05 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 989690
cf-polished: degrade=85, origSize=227959, status=webp_bigger
expires: Sun, 23 May 2021 21:40:15 GMT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 196267
cf-request-id: 0a77a6fb6c00004e26db125000000001
x-robots-tag: noindex, nofollow
last-modified: Tue, 05 Nov 2019 14:07:11 GMT
server: cloudflare
etag: "5dc1820f-37a77"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=sRi9ZQtFyyJMNKWIIcCXeOV0mel0fKw4WM0krYSULznfZkPZMgGt1JfaB8%2Fz4LsTlENEcdbn2t9%2FG8dQd7sZ4t9nmiOtQu7sUTuj255sCCv1NmrgByme3TJ9%2Bq3JuYLE1fvVbOSyVXRizw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-xss-protection: 1; mode=block
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 659fa772492a4e26-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 1592802620.jpg
assets.vlitag.com/widget/2020/06/22/ 177 KB
178 KB 102ms
88ms Image
image/webp 2606:4700:20::ac43:4597
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.vlitag.com/widget/2020/06/22/1592802620.jpg

Requested by

Host: miui.blog
URL: https://miui.blog/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff17fae67a8461e89b15329dfc863d7c1f75dcc594b897d5cbcc1cc2a3323cfc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://miui.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 08:05:05 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 44676
cf-polished: qual=85, origFmt=jpeg, origSize=210846
content-disposition: inline; filename="1592802620.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 181668
x-xss-protection: 1; mode=block
x-robots-tag: noindex, nofollow
last-modified: Mon, 22 Jun 2020 05:10:21 GMT
server: cloudflare
etag: "5ef03d3d-3379e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=4%2BHEK8m5AlvwcFZdkNkbk7pLMLWRUy3RXqQ26d4HRJQj380T5%2F0AJYIZPrujNi51J3ysTqK37FIWwo29O88%2B1fOouVLy7QxU%2B%2FT%2FaYBOjv2n0nEbu%2BTP5srTXre%2BKxDRAgXDvozR7usVQA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Thu, 03 Jun 2021 20:10:29 GMT
cache-control: max-age=16070400
cf-request-id: 0a77a6fb6c00004e26d48a6000000001
accept-ranges: bytes
cf-ray: 659fa772492d4e26-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 1572962767.jpg
assets.vlitag.com/widget/2019/11/05/ 46 KB
47 KB 28ms
16ms Image
image/webp 2606:4700:20::ac43:4597
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.vlitag.com/widget/2019/11/05/1572962767.jpg

Requested by

Host: miui.blog
URL: https://miui.blog/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

94a1096d4ddd1232128b8a52859680031fd1aa9df3bec2a6e25e7cf4ffd95282

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://miui.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 08:05:05 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 38605
cf-polished: qual=85, origFmt=jpeg, origSize=78339
content-disposition: inline; filename="1572962767.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 47174
x-xss-protection: 1; mode=block
x-robots-tag: noindex, nofollow
last-modified: Tue, 05 Nov 2019 14:06:07 GMT
server: cloudflare
etag: "5dc181cf-13203"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=SzXCSdH9hzaxcd4a0x8bF3OiprB5ybF0X3K24cSaTWHu2sJHdwRb6hhi7jR2SgVvXY6RFE6p7TG9jv1V7ZT%2Fl%2FRL6mdbqE%2BQVeJSJBKhRacnfRb6oZrkicmp35l9poqaqmn%2BlPo2Q3ByIg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Thu, 03 Jun 2021 21:51:40 GMT
cache-control: max-age=16070400
cf-request-id: 0a77a6fb6b00004e2644083000000001
accept-ranges: bytes
cf-ray: 659fa77249254e26-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 1596163502.jpg
assets.vlitag.com/widget/2020/07/30/ 104 KB
105 KB 58ms
46ms Image
image/webp 2606:4700:20::ac43:4597
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.vlitag.com/widget/2020/07/30/1596163502.jpg

Requested by

Host: miui.blog
URL: https://miui.blog/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5db53bf6a77148dae0aece6b6512e4a6bf94603af72e449a0f23ed03e8b96ff3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://miui.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 08:05:05 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 46065
cf-polished: qual=85, origFmt=jpeg, origSize=140376
content-disposition: inline; filename="1596163502.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 106784
x-xss-protection: 1; mode=block
x-robots-tag: noindex, nofollow
last-modified: Fri, 31 Jul 2020 02:45:02 GMT
server: cloudflare
etag: "5f2385ae-22458"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=D6rGWOYyIYPsyfswX0%2BGX5%2BBIpDYOCJ9RggQRUHBj9DAnEWSHcGMBudvsKqNXbi6AUuHQMtUuIeIQNcVPIvLn0pd8d22fyCDzG2mUc3ebt3KHra14ZcEgtamAMSYVkDziho7PjHwZBxaSw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Thu, 03 Jun 2021 19:47:20 GMT
cache-control: max-age=16070400
cf-request-id: 0a77a6fb6b00004e263a312000000001
accept-ranges: bytes
cf-ray: 659fa77249214e26-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 1592294784.jpg
assets.vlitag.com/widget/2020/06/16/ 20 KB
20 KB 150ms
138ms Image
image/webp 2606:4700:20::ac43:4597
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.vlitag.com/widget/2020/06/16/1592294784.jpg

Requested by

Host: miui.blog
URL: https://miui.blog/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a9f4a4cc23bbe232be7f4ca796c9cf6f5edeabb85c1332a077df626c084cf4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://miui.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 08:05:05 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 42993
cf-polished: qual=85, origFmt=jpeg, origSize=26122
content-disposition: inline; filename="1592294784.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 20188
x-xss-protection: 1; mode=block
x-robots-tag: noindex, nofollow
last-modified: Tue, 16 Jun 2020 08:06:24 GMT
server: cloudflare
etag: "5ee87d80-660a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=u69DxYZr8IaW8aOhRiznnvCNHznwPGtFtZnv4WvjOGFq7Ay2GVHteXuYO3xJe36bjX%2FHqVzEK59S%2BAjQHxDDiP89gmXaMq%2FV%2FvyIczKz8oi1FmcEQqOo2VXWG8pZmRF7FXXIbqxhcIuYZw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Thu, 03 Jun 2021 20:38:32 GMT
cache-control: max-age=16070400
cf-request-id: 0a77a6fb6d00004e263d356000000001
accept-ranges: bytes
cf-ray: 659fa77249314e26-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 1592801729.jpg
assets.vlitag.com/widget/2020/06/22/ 74 KB
75 KB 137ms
125ms Image
image/webp 2606:4700:20::ac43:4597
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.vlitag.com/widget/2020/06/22/1592801729.jpg

Requested by

Host: miui.blog
URL: https://miui.blog/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8341f341848ee9eec71870d976b0895ef1084190c2e0b0349d2ba1c9b9ef64e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://miui.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 08:05:05 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 40608
cf-polished: qual=85, origFmt=jpeg, origSize=103053
content-disposition: inline; filename="1592801729.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 75514
x-xss-protection: 1; mode=block
x-robots-tag: noindex, nofollow
last-modified: Mon, 22 Jun 2020 04:55:29 GMT
server: cloudflare
etag: "5ef039c1-1928d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=C1d%2FRu%2BrPq1LbQeP1N%2FBuKeRcbcaVl%2Bpqjwku5ppumLKDCo1Liw9DQqkOBbrY583jp7Y7eqj%2Fr3XIp5wwDAheX5zEDxCZL7VJzxVaCsNluaTwuLdLiUC%2FNPT8DGXC4T8qhPSc7d3vwuqxA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Thu, 03 Jun 2021 21:18:17 GMT
cache-control: max-age=16070400
cf-request-id: 0a77a6fb6d00004e26e31e9000000001
accept-ranges: bytes
cf-ray: 659fa772492e4e26-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29

206

videoplayback
r5---sn-4g5edns6.googlevideo.com/
Redirect Chain

https://media.vlitag.com/vid/?id=r8AoVMBwjcc&t=y
https://redirector.googlevideo.com/videoplayback?expire=1622801734&ei=5qi5YPKuNcnWxN8P8I2LmAU&ip=18.203.126.176&id=o-AH2E113wCHeMceSc_oJxNtBGvD4bEnzucC1JPfd40T5R&itag=22&source=youtube&requiressl=y...
https://r5---sn-4g5edns6.googlevideo.com/videoplayback?expire=1622801734&ei=5qi5YPKuNcnWxN8P8I2LmAU&ip=18.203.126.176&id=o-AH2E113wCHeMceSc_oJxNtBGvD4bEnzucC1JPfd40T5R&itag=22&source=youtube&requir...

233 KB
0

25ms
6ms

Media
video/mp4

2a00:1450:4001:6d::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-4g5edns6.googlevideo.com/videoplayback?expire=1622801734&ei=5qi5YPKuNcnWxN8P8I2LmAU&ip=18.203.126.176&id=o-AH2E113wCHeMceSc_oJxNtBGvD4bEnzucC1JPfd40T5R&itag=22&source=youtube&requiressl=yes&vprv=1&mime=video%2Fmp4&ns=GSoyTrmwM0lyDVXVjc_Um4wF&ratebypass=yes&dur=307.989&lmt=1614587910266558&fexp=24001373%2C24007246&c=WEB&txp=1432434&n=ljGWLu30IczSxOOH&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cratebypass%2Cdur%2Clmt&sig=AOq0QJ8wRQIgcv9-Gobi8iEBahpuL1WEiybf9Hfe9ZO_6tp46wJswY4CIQCO7eAReuN6PHYBXAo5Mm8-daEhZIu6T_VcC4ObdEKVsg%3D%3D&cms_redirect=yes&mh=eI&mip=2a01:4f8:192:5414::2&mm=31&mn=sn-4g5edns6&ms=au&mt=1622793415&mv=m&mvi=5&pl=50&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAOmAnnT4TyuRtw7ouaAuIWzTXLyfiQTCMIjf3JPIcduaAiEAjMWq4szNEF5TGOcTSS0AW2jsdkM2EvfnkJBRVWEQw-I%3D

Requested by

Host: miui.blog
URL: https://miui.blog/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:6d::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://miui.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 08:05:05 GMT
x-content-type-options: nosniff
last-modified: Mon, 01 Mar 2021 08:38:30 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
Content-Range: bytes 0-44703699/44703700
client-protocol: quic
cache-control: private, max-age=7529
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 44703700
expires: Fri, 04 Jun 2021 08:05:05 GMT

Redirect headers

pragma: no-cache
date: Fri, 04 Jun 2021 08:05:05 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r5---sn-4g5edns6.googlevideo.com/videoplayback?expire=1622801734&ei=5qi5YPKuNcnWxN8P8I2LmAU&ip=18.203.126.176&id=o-AH2E113wCHeMceSc_oJxNtBGvD4bEnzucC1JPfd40T5R&itag=22&source=youtube&requiressl=yes&vprv=1&mime=video%2Fmp4&ns=GSoyTrmwM0lyDVXVjc_Um4wF&ratebypass=yes&dur=307.989&lmt=1614587910266558&fexp=24001373%2C24007246&c=WEB&txp=1432434&n=ljGWLu30IczSxOOH&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cratebypass%2Cdur%2Clmt&sig=AOq0QJ8wRQIgcv9-Gobi8iEBahpuL1WEiybf9Hfe9ZO_6tp46wJswY4CIQCO7eAReuN6PHYBXAo5Mm8-daEhZIu6T_VcC4ObdEKVsg%3D%3D&cms_redirect=yes&mh=eI&mip=2a01:4f8:192:5414::2&mm=31&mn=sn-4g5edns6&ms=au&mt=1622793415&mv=m&mvi=5&pl=50&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAOmAnnT4TyuRtw7ouaAuIWzTXLyfiQTCMIjf3JPIcduaAiEAjMWq4szNEF5TGOcTSS0AW2jsdkM2EvfnkJBRVWEQw-I%3D
cache-control: no-cache, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1153
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
741 B 186ms
118ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96957d01727298b51a9a3aed860067&pos=8a96957d01727298b51a9a40b18f0075&cmd=bid&secure=1&gdpr=1
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.128 /
Resource Hash: b6499b477583d27805fe0cba8249540dcf41778ab911c091dcf475eae304de08

Request headers

Referer: https://miui.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 04 Jun 2021 08:05:08 GMT
Server: ATS/7.1.2.128
Age: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://miui.blog
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
741 B 174ms
106ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96957d01727298b51a9a3aed860067&pos=8a96957d01727298b51a9a3ee5990072&cmd=bid&secure=1&gdpr=1
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.128 /
Resource Hash: ac159ba83a3577f07427d7f4c30bc2b10e332709a3c9dc9e0df556811a07862f

Request headers

Referer: https://miui.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 04 Jun 2021 08:05:08 GMT
Server: ATS/7.1.2.128
Age: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://miui.blog
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
741 B 207ms
137ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96957d01727298b51a9a3aed860067&pos=8a96957d01727298b51a9a3c46f80069&cmd=bid&secure=1&gdpr=1
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.128 /
Resource Hash: 2ac10d374c5298f4be6f4a2efd9e585b3342dee950b5ad900a9769e2f62705d8

Request headers

Referer: https://miui.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 04 Jun 2021 08:05:08 GMT
Server: ATS/7.1.2.128
Age: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://miui.blog
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
741 B 202ms
133ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96957d01727298b51a9a3aed860067&pos=8a96957d01727298b51a9a3db518006f&cmd=bid&secure=1&gdpr=1
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.128 /
Resource Hash: 351c16469a540f02b91600bda25088bf1f4ca41d47e5a3b46a79e3e915f1c766

Request headers

Referer: https://miui.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 04 Jun 2021 08:05:08 GMT
Server: ATS/7.1.2.128
Age: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://miui.blog
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
361 B 327ms
128ms XHR
text/plain 136.144.59.88
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://miui.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://miui.blog
date: Fri, 04 Jun 2021 08:05:07 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 31
vary: origin

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
182 B 111ms
35ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.38.0&cb=57251333329
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://miui.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://miui.blog
date: Fri, 04 Jun 2021 08:05:07 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H2

200

ROS Show response
ads.us.e-planning.net/hb/1/2c995/1/miui.blog/
Redirect Chain

https://ads.us.e-planning.net/hb/1/2c995/1/miui.blog/ROS?rnd=0.7203443886233558&e=300x600_0%3A300x600%2B160x600_0%3A160x600%2B300x250_0%3A300x250%2B970x90_0%3A970x90%2B728x90_0%3A728x90&ur=https%3A...
https://ads.us.e-planning.net/hb/1/2c995/1/miui.blog/ROS?ct=1&rnd=0.7203443886233558&e=300x600_0%3A300x600%2B160x600_0%3A160x600%2B300x250_0%3A300x250%2B970x90_0%3A970x90%2B728x90_0%3A728x90&ur=htt...

580 B
992 B

42ms
41ms

XHR
application/json

46.249.52.248
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.us.e-planning.net/hb/1/2c995/1/miui.blog/ROS?ct=1&rnd=0.7203443886233558&e=300x600_0%3A300x600%2B160x600_0%3A160x600%2B300x250_0%3A300x250%2B970x90_0%3A970x90%2B728x90_0%3A728x90&ur=https%3A%2F%2Fmiui.blog%2F&r=pbjs&pbv=4.38.0&ncb=1&vs=FFFFF&crs=UTF-8&fr=https%3A%2F%2Fmiui.blog%2F&gdpr=1&gdprcs=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: 846a1122be617a4fa37bf15f1a5c7db750c37d330048b163c9b7b00c8aa771f4

Request headers

Referer: https://miui.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 08:05:08 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://miui.blog
expires: Fri, 04 Jun 2021 08:05:08 GMT
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 580
x-sid: AMS-731

Redirect headers

date: Fri, 04 Jun 2021 08:05:08 GMT
server: openresty
access-control-allow-origin: https://miui.blog
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location: /hb/1/2c995/1/miui.blog/ROS?ct=1&rnd=0.7203443886233558&e=300x600_0%3A300x600%2B160x600_0%3A160x600%2B300x250_0%3A300x250%2B970x90_0%3A970x90%2B728x90_0%3A728x90&ur=https%3A%2F%2Fmiui.blog%2F&r=pbjs&pbv=4.38.0&ncb=1&vs=FFFFF&crs=UTF-8&fr=https%3A%2F%2Fmiui.blog%2F&gdpr=1&gdprcs=
access-control-allow-credentials: true
content-type: text/html; charset=iso-8859-1
x-sid: AMS-731

POST
H2 200 quantumdex Show response
useast.quantumdex.io/auction/ 10 KB
8 KB 322ms
303ms XHR
application/json 2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://useast.quantumdex.io/auction/quantumdex
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2d67488066c12ac9e54eb586f2d1a0826c60c330de66c369020c13c4b635ccb

Request headers

Referer: https://miui.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 04 Jun 2021 08:05:08 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST, GET
content-type: application/json
access-control-allow-origin: https://miui.blog
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=PnYYI1J9USWkUZleiAXUrAat6jHaA9YwDEdmIKwtUSPECVY2olnewUB3PQvHlCBUuMS7zXUNrGTAUg5dnQGxsjaeaW9qCdqSse9R2QbMQuQ2CdjiXm%2FZgthT7%2BpI6WONHuP92pr8NMGoD7AD0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 659fa7855d3116e6-FRA
cf-request-id: 0a77a70758000016e671a12000000001

POST
H2 200 adreq Show response
ads.servenobid.com/ 421 B
520 B 197ms
97ms XHR
application/json 54.246.172.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.servenobid.com/adreq?cb=4684
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.172.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 48eb46a2c1c327e958d2dad516e508996c8cfc0d11bdbe24babf512afd0b52bd

Request headers

Referer: https://miui.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 04 Jun 2021 08:05:08 GMT
content-encoding: gzip
amp-access-control-allow-source-origin: *
vary: accept-encoding
content-type: application/json
access-control-allow-origin: https://miui.blog
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
access-control-allow-credentials: true

GET
H2 200 vi-logo.svg
assets.vlitag.com/media/icon/ 11 KB
3 KB 19ms
18ms Image
image/svg+xml 2606:4700:20::ac43:4597
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.vlitag.com/media/icon/vi-logo.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24a104ef6529cb9bbceaeca4e037ecf14d40db5207009ac23e8224703fa11bb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://miui.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 08:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1818182
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a77a708a10000145ad1127000000001
x-robots-tag: noindex, nofollow
last-modified: Fri, 01 Nov 2019 05:04:49 GMT
server: cloudflare
etag: W/"5dbbbcf1-2c34"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=OkhRLyXvIf8B%2BsTnZx5UEIvqtL6RzOdJXOS2tV3azQpR5JSSWTwjUblmNOl%2BvEuYliqeQKszXE%2F5ejMvRJ1z26K8mZJHji%2FnjriBx8P2xFI4tmZe%2BehwaYHXsbZIpMkwiyGM5r850LSslQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
x-xss-protection: 1; mode=block
cache-control: max-age=16070400
cf-ray: 659fa7876eca145a-FRA

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 28ms
27ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=miui.blog

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://miui.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Jun 2021 08:05:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 28ms
28ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=miui.blog

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://miui.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Jun 2021 08:05:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 13 KB
8 KB 499ms
498ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1548360307539387&correlator=1792857765107118&output=ldjh&impl=fifs&eid=31060783%2C31061358%2C31061003%2C31061151%2C21065725&vrg=2021052601&ptt=17&gdpr=1&sc=1&sfv=1-0-38&ecs=20210604&iu_parts=21766281334%2C14041_Miui.blog%2C14041_Miui.blog_SmartBanner_1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&prev_scp=vli_adslot%3D55012%26vli_adtype%3Ddisplay%26hb_width%3D728%26hb_height%3D90%26vli_acc%3Dzmedia%26vli_sf%3D1%26hb_bidder%3Dquantumdex%26hb_adid%3D36ed01b1b2525ff%26hb_pb%3D0.13%26hb_size%3D728x90%26hb_source%3Dclient%26hb_format%3Dbanner%26hb_domain%3Dmiui.blog&eri=1&cust_params=hb_domain%3Dmiui.blog&cookie_enabled=1&bc=31&abxe=1&lmt=1622793908&dt=1622793908900&dlt=1622793903802&idt=1229&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=1230&adks=995254392&ucis=1&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fmiui.blog%2F&ref=http%3A%2F%2Fuk1.fastandroid.download%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x-1&msz=728x-1&ga_vid=875348142.1622793905&ga_sid=1622793909&ga_hid=208378288&ga_fc=false&fws=516&ohw=1600&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

d406d2bbf939a44020ef6d332f491c4cb50632d0bf1189eebabdded5c697de81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://miui.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 08:05:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7500
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://miui.blog
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
5cd9518feaf10d5358376384dfbd6d28.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5B43 6 KB
3 KB 80ms
27ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5cd9518feaf10d5358376384dfbd6d28.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 5cd9518feaf10d5358376384dfbd6d28.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://miui.blog/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://miui.blog/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Fri, 04 Jun 2021 08:05:09 GMT
expires: Sat, 04 Jun 2022 08:05:09 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11d71fc112df3977b9562151e6c75ce860c42779dddcc79af1d0a07366cd44d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://miui.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 08:05:09 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1622656037121142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28114
x-xss-protection: 0
expires: Fri, 04 Jun 2021 08:05:09 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
8 KB 89ms
51ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021052601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f40f704c7dd0e606d925f045946c0a23bdd84d38ec91a34d6a7b487feb251e86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://miui.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Jun 2021 08:05:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7725
x-xss-protection: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 90C6 89 KB
35 KB 30ms
28ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-128776493-29

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1622714986/884cee56d9bcf8a9bbc70005893b25a5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b3c82e9eb58ff3f9f294d2f65bdaa1e7ad9c4226aa09970d76ce18106d9c13a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://miui.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 08:05:09 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35926
x-xss-protection: 0
last-modified: Fri, 04 Jun 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 04 Jun 2021 08:05:09 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 90C6 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-128776493-29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://miui.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 3226
date: Fri, 04 Jun 2021 07:11:23 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Fri, 04 Jun 2021 09:11:23 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://miui.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 08:05:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Fri, 04 Jun 2021 08:05:09 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 0C1F 624 B
592 B 108ms
105ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CKfiYRCs8_wBGJzciqoBMAE&v=APEucNVjF_0IOMAHkMc8WXP5fpCQrjnsn1MaSrJ15nUZmceM0hb_G5fvgGBjz-Uut65YnxhXMXjEIYd5C9rg0HTwtsnBeEcFJSiZzVIjn_7Kkoh-Vr91U7alJo5wqJ-MWVFCVrFP6Seols8qkSY-xVk8MWOKa3SfTPCnyULZC_byTrNWzvQGsDc

Requested by

Host: 5cd9518feaf10d5358376384dfbd6d28.safeframe.googlesyndication.com
URL: https://5cd9518feaf10d5358376384dfbd6d28.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CKfiYRCs8_wBGJzciqoBMAE&v=APEucNVjF_0IOMAHkMc8WXP5fpCQrjnsn1MaSrJ15nUZmceM0hb_G5fvgGBjz-Uut65YnxhXMXjEIYd5C9rg0HTwtsnBeEcFJSiZzVIjn_7Kkoh-Vr91U7alJo5wqJ-MWVFCVrFP6Seols8qkSY-xVk8MWOKa3SfTPCnyULZC_byTrNWzvQGsDc
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://5cd9518feaf10d5358376384dfbd6d28.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://5cd9518feaf10d5358376384dfbd6d28.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 04 Jun 2021 08:05:09 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure IDE=AHWqTUlOS-_xFW9MPTDyuZK7rGMrD8GV8_jZaC-heKCNDU90hby1ys6LAfX5uG1a; expires=Wed, 29-Jun-2022 08:05:09 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 04 Jun 2021 08:05:09 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 5B43 59 KB
24 KB 55ms
52ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AyzyevCqozlDoK2hFNBtIlWnBzzwzIe0Grgdu0VbhDo7GZGC0wi2nbagtkT__pROKigLq85svr2tL25GL7TzLfbB9T-aNRyHtdZqzEtXbMykP1qPvM3Ac90tXRuC5ozRjhVvHFihWMgTRBWtkJcyzhoQ3ZrQ&dbm_d=AKAmf-Dv2a-aaA6FYqI8DJTUXcwZcztibhpVXS9iCDZo89Wq-Hx-mLjLpMVwC_3BWgoI0F7ljuH_7Z84fbwZt_roT9yau-rNzZL4XQWhZcTaYCbbNIoIF0QhIS82CMGgY_cF9NqZJ-ysHAHHrHwuq33D3NuGTNNChpM2zkmngVusXRHm15EASRvItfYBnHf2L_dIDlufPpptES1Wf5Flj9ph4XshOQ5I0obsiuKXyBT6hivQWgltYvkig5V2oKQYJtuIn_1EN69iR3OzhYVQUUWw-5UPJrvURG_tghr9z78gocqJrEaODJx1Qapj5WGaO0peOzhv9UArRbPt3ccDZsIbJNvF8Uvka3XtNHSYFltJpXVmNLTn4Ub-bNrYlVmQry0pCY9TQfw1GqkeSv6TZ9asUjcSCm2hjEMkZovzfGbkhHhNee7JEtZo6jImpx0xvHMmXpuClyuy2xNt5s8fgrHol9pRkl-eXrQmjRAEr1rOVFB-x-TxNYUx0uPi5Ku2ilEa4XdulvKBxR8z8KKkQmrdRusZU8k6EKfihQQ3jperUuWDBVdMwjlJovqWaDhDDJ2OAfEb_TmDgLxBNq5fEwb4U0VybLUj-qxwwMrd_whOU5GUFSbAg-BDL3fK3BDmBtAYLIwQnQb8nyZOsC9PHQ9QxcQXCSfjUGbQcFPa2NCrAMK_FL3n6cmICrKVjhU-G7988fpyYyU9NoFXsx_859wRPRMXPvM0M8YW5gNoplrhPeqNsGKDFTDWp8Be2xVxf9hZbQwO55g4cm6EkJCC2mkhdkhc9cuQH-sujm62_sdBkTv8_Ib6jAmzBSRzD7gjbDR2c6c2NQCnJRgANoOD34fCUzYD3MIxq6PtYd3ojv0R7bLn8oYT_XzHFN6x8OUzDwjQq6LGwr7o9NQMrLr2hEhBNWWuFB42HiUcupyH2eJX_Bz1YlCxc2a0eefrFizj0VBt-7I58QUl2WOKZl0Z7m5Ufo8QKlI76FDVBE-i5zGkJKfQ4F27_qBVx96ArUIUBWm4p72-S-Xc1P5cFZ0jOsbEtjKYxKknUTuz0qnbspnlJQjDgK7LL8axiHi-knoDUy8KQpcuFtxDonMqBW_XU35MKU0oDalDyFsgDJszM9C5tUPUFCJZsSqB3KeNdBk7QO0M6AEiDPhzUOitpKCpJM8afLvf2S9-UG1pwpZwpqQ7NWx9czhmi8PtjJziGgBMS--_VE5ZnyWJYMkbDO_CKD0O7UonXY5lrB3l6wnlZBGfyfN2FJoGlRcjsZyUzcRpWhMpdnWsJeYYrZqfVNoNxY6Zc-E_yPYI4_UergwTMk6xoXDrlyFpZkZH0PF65S1riGpVj5cakjKKzm2xk8V9nxDRHPrhlDFv09i6UblCywAQlhx-11mgY3St1xNBTT_RWEulUQQfouJ35BGRBLz7je5Rif225GJB4U8_9Zd061i-ZLbGh39z1JZv2Q3Z6f40zGwTZija7ldqCH-r7zy11N8A7mSkzk20DsheMlPg6ig27o227a3stEes2sF4idQagdMVuaWUv4Nneff-Yc6orRcvvJU7DbFLh8nu37oNBWUhm1LMTTtLmAEYYsC-Rce5PK09VeQa3bgMqyWDjeCDaexoQ_KcxT1cMeHO_7nvOmMTFHeAIzDiSlZQk2w-VmIeyH8znJJx9liYGLVPx3WM-Fxk38iYuMYM-wGKwUWiSwMhp5_D3aHLVZH9XNck9xletBb0e1cfaMWnMqtkAI8AUm-wCl26Xn1mJuiDt0_CYIDgP4Jw75S8ydleCn98DOJlllXTPjvVIXG_-k3zNiV8wLfne-taH1lL5LM3e8X_DpGH6BYI6EmiB1gUxmU7M7VjX-MhtVBvduci-2MSNW2wMihZMFocAzSbXqemvzSC-y2sL1RuWhCsycdENsq5A8bgk9iocR7G1RiGkg72i9NUNB_LdiLns31MntTfJJS4S0X2K3bD43wueRfETP4obp6sVbdeC14MMwJe6k_Ja9sxIcKUpGBTBLKkN9r9hIpt6de4o0gIOTcPzwjPAcKGO7JNqWlPVAm-n5tRatkGVmJYgVLcDHV7NMeF9Jl9CtgdZBopAGMmT2bKtjL8l8NuesbnzGIBesnlq2XVC_pzMSa5ykxnNi8nlcy_bE6ETvQKGSjsjSMyZjxJfpn-rnTjHrUIirm8LJZxTD5O5ID7Gqf7CrUbPh9LKVJnR0yc7VgTUffOqEtdu_uFxJ2SBrA78H7n03VtDJrCxjmjhGLPKXGAs4BPoOhLkagjAoGWJGffkbhbeB_Eq9Z9JRlJlL7VTZUpGM1CH7HRE1GjIv-i6TUnVlpR2oR85LMOVeqoxT06kyGRblpOpTO7JLocsF16ex2fcZw0De6yBmS0YIcO0901DNo1f51r-hIlNpzhHMDF1C80mE64wgEibJRC7uXZGpTRqCMvR1j-walF90ClE813pQ8DSFJmHg5puKbM3ZXxnde1sRuptj7yLwYe1blCfTbpskOJb45Dr9b_jG9so_1HLgFJONGloeUdLhdsW1hYbeq124vQalHwyXb05ZX8tqGGDxZBHys0Q0ls2h4bjr38XiMHXb5WmYkacuk3xYQrqYu9yAFL0VtfjSAMPMzfoDhf4JXpKDHE1HglhEAd_tnwY-Lz8dLOMXIYyNSSaBBF_-x-RetoGXATezp-YRLZ3PxeXTEhL0epamr8Ze1dqyPKyIK3XYD75HqJRur9qul3C90Zv7CF1naWp90cMeMtLbmqhj-DsK79hfpvo3lVRgkTSQi3FIsS44KGz6pJBQj23wpU3HBlk-5hGBKFLT7GJMc-gIrIA8qGayvPlgbK5jEpv0q4iEb3xSH3jVTgfhxF9c6R5DCkyI4xj8NocXdB7k4B06o75UoPLq5HNqnlYDVacrsOUJyEYmTJCf2NjGkMIinjpdiHeajev2-3JWOSrupuRvCZxHWiITG1qOlF-lo9uhSv_gM-Lk3A4qfN4h5NeAUcf-k08Nm0KAymrOqNf75zdRZGnYbHaarNwJ2d73x5kumfq-RzvKOHqKMbn8GtCvkat2NHnuYV4dXnL1238wISLIKxjRk8eCjnLkrZAxwRd72iuMKndv4gzufGuGuKr-tswDwkrD8JbkZ8YSJrZaKx2i6XHY27ceC6txffuBjDmAQxkWxfyBHMe7RSmRjbiEAznDoXfAz8GGyylq-VW5INtuZ2q4Me_2LBR5qUt2fWI7wbMq16kH0RPV8inGAcasdalYAcmvGu934&cid=CAASPeRoclZ7f-r0YOFtBcFSR_yoy6A3JXbSrsKRJ-QVsCLbCtx5QAHvWb_bc5HeY5IGggOGjcf8dVogWrY8Xa0&rfl=1%2Chttps%253A%252F%252Fmiui.blog%252F%240

Requested by

Host: uk1.fastandroid.download
URL: http://uk1.fastandroid.download/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c5ecd098fa8552ac9a1823dac63e428ea6c73ec3f7a2a62ea029b9709239c959

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5cd9518feaf10d5358376384dfbd6d28.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 08:05:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24740
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5B43 42 B
63 B 49ms
47ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AqZieu81lJXtzdjli4FLj5FvT_F3fqeAPlPbWd0aM3PvHMt-Vcm3QuMGHacgMeI496lXwd_2NW2YiZQtpuuL8joE2DW1Tw5OhIg2nLxTy3y2Fs6pQ

Requested by

Host: 5cd9518feaf10d5358376384dfbd6d28.safeframe.googlesyndication.com
URL: https://5cd9518feaf10d5358376384dfbd6d28.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5cd9518feaf10d5358376384dfbd6d28.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 08:05:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/ Frame 5B43 2 KB
1 KB 17ms
14ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/window_focus_fy2019.js

Requested by

Host: 5cd9518feaf10d5358376384dfbd6d28.safeframe.googlesyndication.com
URL: https://5cd9518feaf10d5358376384dfbd6d28.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5cd9518feaf10d5358376384dfbd6d28.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 08:02:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 156
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Jun 2021 08:02:33 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5B43 121 KB
37 KB 57ms
28ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 5cd9518feaf10d5358376384dfbd6d28.safeframe.googlesyndication.com
URL: https://5cd9518feaf10d5358376384dfbd6d28.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85e1be533dbdd83a22910cbee29a4d1f49d3e8d201f5f480517ecfd6bd282965

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5cd9518feaf10d5358376384dfbd6d28.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 08:05:09 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1622656031336809"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37735
x-xss-protection: 0
expires: Fri, 04 Jun 2021 08:05:09 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/ Frame 5B43 13 KB
6 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 5cd9518feaf10d5358376384dfbd6d28.safeframe.googlesyndication.com
URL: https://5cd9518feaf10d5358376384dfbd6d28.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

27466895d3e9250f3d0ae0e726f72b8a5c23e2aa83f9caaaf99dcb9f18fcac4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5cd9518feaf10d5358376384dfbd6d28.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 08:01:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 209
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5635
x-xss-protection: 0
server: cafe
etag: 1091097466425408374
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Jun 2021 08:01:40 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 5B43 0
0 22ms
20ms Image
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSaP6w1oaGi-sx6viV6AcJrezvTjqa0aeFxm3VcqSpr_rg1s7u6ZF3VwDgAq2rkVtDBnsA5
Requested by: Host: 5cd9518feaf10d5358376384dfbd6d28.safeframe.googlesyndication.com
URL: https://5cd9518feaf10d5358376384dfbd6d28.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://5cd9518feaf10d5358376384dfbd6d28.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ Frame 90C6 1 B
21 B 26ms
26ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1663565586&t=pageview&_s=1&dl=https%3A%2F%2Fmiui.blog%2F&ul=en-us&de=UTF-8&dt=Adx_smartbanner_miui.blog_0_Default&sd=24-bit&sr=1600x1200&vp=&je=0&cn=0&cs=miui.blog&cm=Adx_smartbanner&cc=Default&_u=YEBAAUABAAAAAC~&jid=481025750&gjid=1080625535&cid=1883876698.1622793910&tid=UA-128776493-29&_gid=438109130.1622793910&_r=1&gtm=2ou621&z=30958430

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://miui.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 08:05:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://miui.blog
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame A29A 12 KB
5 KB 66ms
65ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://miui.blog/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://miui.blog/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Fri, 04 Jun 2021 07:47:56 GMT
expires: Sat, 04 Jun 2022 07:47:56 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1033
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame AC70 783 B
532 B 66ms
66ms Document
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

242c72a4eb7b279e72a488813153e62a443d82ae9c7e297858fd3e3f4b1b812c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-XFmV1ikZITnCUlQUh4AvCg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://miui.blog/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://miui.blog/

Response headers

expires: Fri, 04 Jun 2021 08:05:09 GMT
date: Fri, 04 Jun 2021 08:05:09 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-XFmV1ikZITnCUlQUh4AvCg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 express_html_inpage_rendering_lib_200_271.js Show response
s0.2mdn.net/879366/ Frame 5B43 111 KB
39 KB 74ms
6ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Requested by

Host: uk1.fastandroid.download
URL: http://uk1.fastandroid.download/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://5cd9518feaf10d5358376384dfbd6d28.safeframe.googlesyndication.com
Referer: https://5cd9518feaf10d5358376384dfbd6d28.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Jun 2021 14:24:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63663
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39287
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 18:02:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Jun 2021 14:24:06 GMT

GET
H3-29 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210601/r20110914/elements/html/ Frame 5B43 8 KB
3 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210601/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AyzyevCqozlDoK2hFNBtIlWnBzzwzIe0Grgdu0VbhDo7GZGC0wi2nbagtkT__pROKigLq85svr2tL25GL7TzLfbB9T-aNRyHtdZqzEtXbMykP1qPvM3Ac90tXRuC5ozRjhVvHFihWMgTRBWtkJcyzhoQ3ZrQ&dbm_d=AKAmf-Dv2a-aaA6FYqI8DJTUXcwZcztibhpVXS9iCDZo89Wq-Hx-mLjLpMVwC_3BWgoI0F7ljuH_7Z84fbwZt_roT9yau-rNzZL4XQWhZcTaYCbbNIoIF0QhIS82CMGgY_cF9NqZJ-ysHAHHrHwuq33D3NuGTNNChpM2zkmngVusXRHm15EASRvItfYBnHf2L_dIDlufPpptES1Wf5Flj9ph4XshOQ5I0obsiuKXyBT6hivQWgltYvkig5V2oKQYJtuIn_1EN69iR3OzhYVQUUWw-5UPJrvURG_tghr9z78gocqJrEaODJx1Qapj5WGaO0peOzhv9UArRbPt3ccDZsIbJNvF8Uvka3XtNHSYFltJpXVmNLTn4Ub-bNrYlVmQry0pCY9TQfw1GqkeSv6TZ9asUjcSCm2hjEMkZovzfGbkhHhNee7JEtZo6jImpx0xvHMmXpuClyuy2xNt5s8fgrHol9pRkl-eXrQmjRAEr1rOVFB-x-TxNYUx0uPi5Ku2ilEa4XdulvKBxR8z8KKkQmrdRusZU8k6EKfihQQ3jperUuWDBVdMwjlJovqWaDhDDJ2OAfEb_TmDgLxBNq5fEwb4U0VybLUj-qxwwMrd_whOU5GUFSbAg-BDL3fK3BDmBtAYLIwQnQb8nyZOsC9PHQ9QxcQXCSfjUGbQcFPa2NCrAMK_FL3n6cmICrKVjhU-G7988fpyYyU9NoFXsx_859wRPRMXPvM0M8YW5gNoplrhPeqNsGKDFTDWp8Be2xVxf9hZbQwO55g4cm6EkJCC2mkhdkhc9cuQH-sujm62_sdBkTv8_Ib6jAmzBSRzD7gjbDR2c6c2NQCnJRgANoOD34fCUzYD3MIxq6PtYd3ojv0R7bLn8oYT_XzHFN6x8OUzDwjQq6LGwr7o9NQMrLr2hEhBNWWuFB42HiUcupyH2eJX_Bz1YlCxc2a0eefrFizj0VBt-7I58QUl2WOKZl0Z7m5Ufo8QKlI76FDVBE-i5zGkJKfQ4F27_qBVx96ArUIUBWm4p72-S-Xc1P5cFZ0jOsbEtjKYxKknUTuz0qnbspnlJQjDgK7LL8axiHi-knoDUy8KQpcuFtxDonMqBW_XU35MKU0oDalDyFsgDJszM9C5tUPUFCJZsSqB3KeNdBk7QO0M6AEiDPhzUOitpKCpJM8afLvf2S9-UG1pwpZwpqQ7NWx9czhmi8PtjJziGgBMS--_VE5ZnyWJYMkbDO_CKD0O7UonXY5lrB3l6wnlZBGfyfN2FJoGlRcjsZyUzcRpWhMpdnWsJeYYrZqfVNoNxY6Zc-E_yPYI4_UergwTMk6xoXDrlyFpZkZH0PF65S1riGpVj5cakjKKzm2xk8V9nxDRHPrhlDFv09i6UblCywAQlhx-11mgY3St1xNBTT_RWEulUQQfouJ35BGRBLz7je5Rif225GJB4U8_9Zd061i-ZLbGh39z1JZv2Q3Z6f40zGwTZija7ldqCH-r7zy11N8A7mSkzk20DsheMlPg6ig27o227a3stEes2sF4idQagdMVuaWUv4Nneff-Yc6orRcvvJU7DbFLh8nu37oNBWUhm1LMTTtLmAEYYsC-Rce5PK09VeQa3bgMqyWDjeCDaexoQ_KcxT1cMeHO_7nvOmMTFHeAIzDiSlZQk2w-VmIeyH8znJJx9liYGLVPx3WM-Fxk38iYuMYM-wGKwUWiSwMhp5_D3aHLVZH9XNck9xletBb0e1cfaMWnMqtkAI8AUm-wCl26Xn1mJuiDt0_CYIDgP4Jw75S8ydleCn98DOJlllXTPjvVIXG_-k3zNiV8wLfne-taH1lL5LM3e8X_DpGH6BYI6EmiB1gUxmU7M7VjX-MhtVBvduci-2MSNW2wMihZMFocAzSbXqemvzSC-y2sL1RuWhCsycdENsq5A8bgk9iocR7G1RiGkg72i9NUNB_LdiLns31MntTfJJS4S0X2K3bD43wueRfETP4obp6sVbdeC14MMwJe6k_Ja9sxIcKUpGBTBLKkN9r9hIpt6de4o0gIOTcPzwjPAcKGO7JNqWlPVAm-n5tRatkGVmJYgVLcDHV7NMeF9Jl9CtgdZBopAGMmT2bKtjL8l8NuesbnzGIBesnlq2XVC_pzMSa5ykxnNi8nlcy_bE6ETvQKGSjsjSMyZjxJfpn-rnTjHrUIirm8LJZxTD5O5ID7Gqf7CrUbPh9LKVJnR0yc7VgTUffOqEtdu_uFxJ2SBrA78H7n03VtDJrCxjmjhGLPKXGAs4BPoOhLkagjAoGWJGffkbhbeB_Eq9Z9JRlJlL7VTZUpGM1CH7HRE1GjIv-i6TUnVlpR2oR85LMOVeqoxT06kyGRblpOpTO7JLocsF16ex2fcZw0De6yBmS0YIcO0901DNo1f51r-hIlNpzhHMDF1C80mE64wgEibJRC7uXZGpTRqCMvR1j-walF90ClE813pQ8DSFJmHg5puKbM3ZXxnde1sRuptj7yLwYe1blCfTbpskOJb45Dr9b_jG9so_1HLgFJONGloeUdLhdsW1hYbeq124vQalHwyXb05ZX8tqGGDxZBHys0Q0ls2h4bjr38XiMHXb5WmYkacuk3xYQrqYu9yAFL0VtfjSAMPMzfoDhf4JXpKDHE1HglhEAd_tnwY-Lz8dLOMXIYyNSSaBBF_-x-RetoGXATezp-YRLZ3PxeXTEhL0epamr8Ze1dqyPKyIK3XYD75HqJRur9qul3C90Zv7CF1naWp90cMeMtLbmqhj-DsK79hfpvo3lVRgkTSQi3FIsS44KGz6pJBQj23wpU3HBlk-5hGBKFLT7GJMc-gIrIA8qGayvPlgbK5jEpv0q4iEb3xSH3jVTgfhxF9c6R5DCkyI4xj8NocXdB7k4B06o75UoPLq5HNqnlYDVacrsOUJyEYmTJCf2NjGkMIinjpdiHeajev2-3JWOSrupuRvCZxHWiITG1qOlF-lo9uhSv_gM-Lk3A4qfN4h5NeAUcf-k08Nm0KAymrOqNf75zdRZGnYbHaarNwJ2d73x5kumfq-RzvKOHqKMbn8GtCvkat2NHnuYV4dXnL1238wISLIKxjRk8eCjnLkrZAxwRd72iuMKndv4gzufGuGuKr-tswDwkrD8JbkZ8YSJrZaKx2i6XHY27ceC6txffuBjDmAQxkWxfyBHMe7RSmRjbiEAznDoXfAz8GGyylq-VW5INtuZ2q4Me_2LBR5qUt2fWI7wbMq16kH0RPV8inGAcasdalYAcmvGu934&cid=CAASPeRoclZ7f-r0YOFtBcFSR_yoy6A3JXbSrsKRJ-QVsCLbCtx5QAHvWb_bc5HeY5IGggOGjcf8dVogWrY8Xa0&rfl=1%2Chttps%253A%252F%252Fmiui.blog%252F%240

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5cd9518feaf10d5358376384dfbd6d28.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 08:01:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 210
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Jun 2021 08:01:39 GMT

GET
H3-29 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210601/r20110914/ Frame 5B43 22 KB
8 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210601/r20110914/abg_lite.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

64fce9d17c5101524a6ee73191a1c97a2e47ddc83aed06b5bd22d5c898efd52b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5cd9518feaf10d5358376384dfbd6d28.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 08:04:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8594
x-xss-protection: 0
server: cafe
etag: 7958287194716579593
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Jun 2021 08:04:23 GMT

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 5B43 41 KB
15 KB 14ms
7ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 5cd9518feaf10d5358376384dfbd6d28.safeframe.googlesyndication.com
URL: https://5cd9518feaf10d5358376384dfbd6d28.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5cd9518feaf10d5358376384dfbd6d28.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:53:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4292
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 Jun 2022 06:53:37 GMT

GET
DATA 200
OK truncated
/ Frame 5B43 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5aaeaa0c9f84a9043057a9e63fa52736619abd9cc0f1731e09fa768477b057a2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame A3A8 22 KB
8 KB 7ms
6ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://5cd9518feaf10d5358376384dfbd6d28.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://5cd9518feaf10d5358376384dfbd6d28.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Fri, 04 Jun 2021 06:53:39 GMT
expires: Sat, 04 Jun 2022 06:53:39 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 4290
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 2021OP_Teletravail_728x90px-illustration_Avril_fond_blanc.html Show response
s0.2mdn.net/9229046/1622217574098/2021OP_Teletravail_728x90px-illustration_Avril_fond_blanc/ Frame F32F 7 KB
2 KB 35ms
6ms Document
text/html 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/9229046/1622217574098/2021OP_Teletravail_728x90px-illustration_Avril_fond_blanc/2021OP_Teletravail_728x90px-illustration_Avril_fond_blanc.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7f3e6a28477ac3203018c4b005d33fc4942966bd09bd4407aabc41ed9c95a6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /9229046/1622217574098/2021OP_Teletravail_728x90px-illustration_Avril_fond_blanc/2021OP_Teletravail_728x90px-illustration_Avril_fond_blanc.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://5cd9518feaf10d5358376384dfbd6d28.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://5cd9518feaf10d5358376384dfbd6d28.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 2466
date: Thu, 03 Jun 2021 17:07:40 GMT
expires: Fri, 04 Jun 2021 17:07:40 GMT
last-modified: Fri, 28 May 2021 15:59:34 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 53849
cache-control: public, max-age=86400
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5B43 0
575 B 407ms
73ms Ping
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstdA3nxQcYGjnid5NBzz5sDxafJ-lLMDuX6PxctNj6oR8kMPkfjab8mrz3aZI8N-KF5_gK6EVu4qB6b9njvg0CaqmtgC5NcYDNE9S-Ar0yUl-VG6o8sDHikrnYfNIbvAiLfThzu0XsiYEAEu_xvslfW4IriVOZ1J8EvlsCTcptQg9ci-SAYm7_fV0xzP8riPaTJgo09Y6_nQFGPiGPef0Wgeb8JbePJq8Kf9BilEmNa-9ingyDwgTjbY3mWP4LvzgVrqsjO5xWnDwm627vhd2kC2ChB4TSNr7l12nuIe5dbaSS7_6cwz-0m5JRbQxOK_vaIRyGBq6xMzdLrDb6K_YCB42iG8qO_MaePcEKk3YP8Fe6Q141B8u_dTG75v8wBcCjgMn8O602uV3pfGrBJuL0mki66fBxl10KMLma3m-VtViAgp5SJKjK-B-zfrHIMDwYBMkZWZeuL7NsRCHdOjvHOdgmWRw2jqclh8HbitmgZgDhG7mGrcjB2d7x3bpKMt03bEQYhGarG5FVycTX6GHImACCyxqpUWNTZdY4HZ48mKuqr_d20ft6G-lBXeWgJTOWYzbQOLXeVjd0Fjghzrz2fevr_yiHZFniXMimOCb058CR8RV7o8law51iuosr1-5e8lg8YfYHYNSroAP6nNswjZ8GcCk2lvbZtPxdeYutPne8T0d2mnOpLi6XnnrRUB9-VvHnrCC9ErTinFG4vo_y7dt75HcXbDhwGJ1ehRb0vvlIexCzmXvcTiZz1i0xbGA-Pw_qiseuyuq_VHZwiE_xtun-abUga93EHIkdW9SkCqyx4o751lX2rwfH_MtpOy4vLDhP_OZb8mUrnyATOIkkmdiPn_A3VSryTBbeDE3s8pAveHQepGcrJx7nSNvGmz9Dd7wykwyTFJ4l_yU6FrMy8KmYrn1OXieT3yt7CCT93g5cA52y_s0Gwmnd6gflHEIJ96SU_FoerREXNpjipM3IMGvrOChCX8AXZyubtfGaa5uZMbD0XMIjIWoIHoL02LyWXFVOLNHLmT2Wecc7TTJ-K12LvFmq6CpUyBZ-0q3psjRmVak__mk4BBRXYXCAGHpvG8VVMxga3rB1BzWJyGarGnQ0EosRXcFR5oE43HIaN6OqVH74EMd7V11OOTj96WwS0IUwklO8P6amLRoMpkIoU98p0OwvknS-hm1VV8HhvaBwwkfhKvFbvlH58BZKjAOxONyD1Q7NvqwjohNBo9_bPy7ntD8FIgUdQAHdHGbLT4oXQmRRh1MuBmHqkVY1s_WCTWbfPNk7ANLNJmFHF5mA3j-0&sai=AMfl-YQQsiptjB4RDaiCbVDEJGLxBK6zkMHMCyNmREos8xdoIo_iKOBPugjynpPRwfxWqU5iTg-8m2ALK1bmAIabUcoKYiMm6vtyG6ZXEL46A5_wEBX-q8MLLtwuyNuTMYztZk_sW1eWBkGnwR2Be-J10jD7mylMqGSB3vrKy7dZ-mgqxwMeLIHJcrH62MROjryAdBMN6ARg_W4hMX0dr9mMMmZE5iriQWElwf5rMHBmjneHKXHs28ckgFxUy2wf2BSr3w&sig=Cg0ArKJSzNpB2nMbgobHEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=263&cbvp=1&cstd=258&cisv=r20210601.14505&adurl=

Requested by

Host: uk1.fastandroid.download
URL: http://uk1.fastandroid.download/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5cd9518feaf10d5358376384dfbd6d28.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Fri, 04 Jun 2021 08:05:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 0C1F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMUvi_jSjCsBy8fivsK8l1Y&google_cver=1

43 B
1014 B

136ms
39ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMUvi_jSjCsBy8fivsK8l1Y&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKfiYRCs8_wBGJzciqoBMAE&v=APEucNVjF_0IOMAHkMc8WXP5fpCQrjnsn1MaSrJ15nUZmceM0hb_G5fvgGBjz-Uut65YnxhXMXjEIYd5C9rg0HTwtsnBeEcFJSiZzVIjn_7Kkoh-Vr91U7alJo5wqJ-MWVFCVrFP6Seols8qkSY-xVk8MWOKa3SfTPCnyULZC_byTrNWzvQGsDc
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 08:05:10 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 04 Jun 2021 08:05:10 GMT

Redirect headers

pragma: no-cache
date: Fri, 04 Jun 2021 08:05:10 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMUvi_jSjCsBy8fivsK8l1Y&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 0C1F
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YLnetvCEsFb3S-PMUvEwSwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMUvi_jSjCsBy8fivsK8l1Y&google_cver=1

43 B
894 B

43ms
40ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMUvi_jSjCsBy8fivsK8l1Y&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKfiYRCs8_wBGJzciqoBMAE&v=APEucNVjF_0IOMAHkMc8WXP5fpCQrjnsn1MaSrJ15nUZmceM0hb_G5fvgGBjz-Uut65YnxhXMXjEIYd5C9rg0HTwtsnBeEcFJSiZzVIjn_7Kkoh-Vr91U7alJo5wqJ-MWVFCVrFP6Seols8qkSY-xVk8MWOKa3SfTPCnyULZC_byTrNWzvQGsDc
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 08:05:10 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 04 Jun 2021 08:05:10 GMT

Redirect headers

pragma: no-cache
date: Fri, 04 Jun 2021 08:05:10 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMUvi_jSjCsBy8fivsK8l1Y&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 0C1F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESECYa0Fb2qn-F59fdqBLeCEs&google_cver=1

43 B
1022 B

127ms
30ms

Image
image/gif

37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESECYa0Fb2qn-F59fdqBLeCEs&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKfiYRCs8_wBGJzciqoBMAE&v=APEucNVjF_0IOMAHkMc8WXP5fpCQrjnsn1MaSrJ15nUZmceM0hb_G5fvgGBjz-Uut65YnxhXMXjEIYd5C9rg0HTwtsnBeEcFJSiZzVIjn_7Kkoh-Vr91U7alJo5wqJ-MWVFCVrFP6Seols8qkSY-xVk8MWOKa3SfTPCnyULZC_byTrNWzvQGsDc

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 08:05:10 GMT
X-Proxy-Origin: 185.128.25.84; 185.128.25.84; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.82:80
AN-X-Request-Uuid: ba1122ff-1793-4a4f-aead-0f69b0de0bad
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 04 Jun 2021 08:05:10 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESECYa0Fb2qn-F59fdqBLeCEs&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 0C1F
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODA3NjE2NTczOTQ1NzA5MDUzNQ%3D%3D

170 B
188 B

101ms
48ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODA3NjE2NTczOTQ1NzA5MDUzNQ%3D%3D

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 08:05:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 08:05:10 GMT
X-Proxy-Origin: 185.128.25.84; 185.128.25.84; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.154:80
AN-X-Request-Uuid: e4d23b76-81b2-4ff2-950b-c00badd57b14
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODA3NjE2NTczOTQ1NzA5MDUzNQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3-29 200 wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js Show response
pagead2.googlesyndication.com/bg/ Frame A29A 14 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c103e9952d8205b6a9c4f3ec2a32e30ade8bf51bf63fc3bcb32c7328b4a9c9a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Jun 2021 19:03:55 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
age: 219674
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5768
x-xss-protection: 0
expires: Wed, 01 Jun 2022 19:03:55 GMT

GET
H3-29 200 wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js Show response
pagead2.googlesyndication.com/bg/ Frame A3A8 14 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c103e9952d8205b6a9c4f3ec2a32e30ade8bf51bf63fc3bcb32c7328b4a9c9a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Jun 2021 19:03:55 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
age: 219674
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5768
x-xss-protection: 0
expires: Wed, 01 Jun 2022 19:03:55 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 83 KB
27 KB 253ms
24ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 982d34951038f20a2cfd09cb3fb85a55ccecd7016b73a10f5bac83cdc5d55fee

Request headers

Referer: https://miui.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 08:05:10 GMT
content-encoding: gzip
last-modified: Thu, 20 May 2021 06:12:34 GMT
server: nginx
etag: W/"60a5fdd2-14a5d"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 05 Jun 2021 08:05:10 GMT

GET
H2 200 createjs-2015.11.26.min.js Show response
code.createjs.com/ Frame F32F 186 KB
48 KB 145ms
122ms Script
text/javascript 2a02:26f0:6c00::210:ba1a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/createjs-2015.11.26.min.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/9229046/1622217574098/2021OP_Teletravail_728x90px-illustration_Avril_fond_blanc/2021OP_Teletravail_728x90px-illustration_Avril_fond_blanc.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00::210:ba1a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: 575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 08:05:10 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 49344
expires: Fri, 04 Jun 2021 08:20:10 GMT

GET
H3-29 200 2021OP_Teletravail_728x90px-illustration_Avril_fond_blanc.js Show response
s0.2mdn.net/9229046/1622217574098/2021OP_Teletravail_728x90px-illustration_Avril_fond_blanc/ Frame F32F 141 KB
22 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/9229046/1622217574098/2021OP_Teletravail_728x90px-illustration_Avril_fond_blanc/2021OP_Teletravail_728x90px-illustration_Avril_fond_blanc.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9229046/1622217574098/2021OP_Teletravail_728x90px-illustration_Avril_fond_blanc/2021OP_Teletravail_728x90px-illustration_Avril_fond_blanc.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b1d9e48db55e1673d443ef8a872a9fd41a3b411cb5ae66cc9698222ab43dce8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9229046/1622217574098/2021OP_Teletravail_728x90px-illustration_Avril_fond_blanc/2021OP_Teletravail_728x90px-illustration_Avril_fond_blanc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:18:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6400
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22178
x-xss-protection: 0
last-modified: Fri, 28 May 2021 15:59:34 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Sat, 05 Jun 2021 06:18:30 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame C7A0 2 KB
1 KB 61ms
14ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=miui.blog&gdpr=1&gdpr_consent=

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

7512ae62108af074eaa90622e9df04625f120ecf4a909443fa6dc1a2b071c7a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?origin=publishertag&topUrl=miui.blog&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://miui.blog/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://miui.blog/

Response headers

cache-control: private, max-age=0
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1521
set-cookie: uid=6af46f6b-4825-4270-af35-27898bc14f19; expires=Sat, 04 Jun 2022 08:05:10 GMT; domain=.criteo.com; path=/; secure; samesite=none
date: Fri, 04 Jun 2021 08:05:09 GMT
content-length: 1129

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 83 KB
27 KB 51ms
26ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 982d34951038f20a2cfd09cb3fb85a55ccecd7016b73a10f5bac83cdc5d55fee

Request headers

Referer: https://miui.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 08:05:10 GMT
content-encoding: gzip
last-modified: Thu, 20 May 2021 06:12:34 GMT
server: nginx
etag: W/"60a5fdd2-14a5d"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 05 Jun 2021 08:05:10 GMT

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5B43 0
23 B 113ms
65ms Ping
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: uk1.fastandroid.download
URL: http://uk1.fastandroid.download/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5cd9518feaf10d5358376384dfbd6d28.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Fri, 04 Jun 2021 08:05:10 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5B43 42 B
64 B 43ms
42ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvWik2F2u1VEhqNCfVDX4A5Vp1b4reIe7NRzd_HieKxqpmnYT_-b0eCxQpckjPlf-WdKPWfNJSrH0DaRFF_gJJ4idw_E_pd-nzgEi-m6_-xch6HNNJ6P0oCMLN0sw&sai=AMfl-YQ_L3aisti0gK0gSAMTBdi0kc43rAN91cpPSo9-1XvT4tboGnKGW_AGGhdaemVkv_6dx0IaF0VLwhmxs28y9-wAPnctTphCM3qO5mYxEpVyZzjlgFqQrygOxfXtH2II&sig=Cg0ArKJSzLVykCeCAACqEAE&cid=CAASPeRoclZ7f-r0YOFtBcFSR_yoy6A3JXbSrsKRJ-QVsCLbCtx5QAHvWb_bc5HeY5IGggOGjcf8dVogWrY8Xa0&id=lidar2&mcvt=1002&p=1110,436,1200,1164&mtos=834,950,1002,1002,1002&tos=834,116,52,0,0&v=20210602&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=995254392&rs=4&met=ce&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&eosm=0&rst=1622793909430&dlt=86&rpt=69&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5cd9518feaf10d5358376384dfbd6d28.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 08:05:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 22ms
22ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021052601&jk=1548360307539387&bg=!REelRwPNAAY6sG-_OrA7ACkAdvg8Wtb4b87fvMQlN0qoxFBuJmW2Wmu0xAmEyz2DwvUbnoLwh0qdrAIAAAH0UgAAABtoAQcKAL4e-ioWNWQHVO23XjGlvesjonnz-jYxjWLnPauDTn981sdLYwpb1TlYvd_8PzDKzPwz9BJRcCf41eQnchtiZ9HVED15711G0cEgqHry_hOSJQjOMbYD5ydmmQmAb-8qjOoUe8vVQViLoZsvL9n7yIUkObG8G5jIBedZ6dGiPbOA70ibW1m1q6nwxjmuq9qQndYnHMJ8jC047zPEVUAKXAtL63eY4yqr3rb1O_Ug8Z4GvZ7Nmk-Z5WVrBYM-mmFhmQJKD52z72_w60GMy3Rgi1dtOTsnbRM8n-1TzNb8efq01qbOM6sQOYrzkfRBJcoJ03zUb1ozPQOBYULdKaQVPOaqrkFG-GILIRKtDKH5d6WyQ8kBRdQCnB_ktD157dTiydMislOcfCefOFpjfnkUvlOKoUSu-1JVtv6rReSFw83FUcacx5CzK6TsKyRTT92qPCKntv1Ekd8h0SGiTphaQs8bXGDBz33ybqReUkZXVfEaw8xNy4Fs-_o8DbwBZNEtIuRGWrJ6Ly_OQ2pOkFy9ruCJ-HoG85TmN0xnn4CGlS243PUeuUDIufFVzG7gaL5w7IPH6JM-tXjd8rC8Yn5eUbUSy2rTyaJt0uWJ5QK0eC96DzZ6KzZSEEpQM3ElnMxh_zGuyDawWyCD0KbJU8RpNoRDgTxPe_ITrARt6jU3vxXtjFL-NxZsz-8ykrSvqqvSM2yKI8im3TFu9KTihbm-QcqgX-6XhgLki7Y-poex0jOxeyobkpPqlGW3JC8_HC6IHewDYA_KPTKOhSBWG0I2qQLRGGxSYx6C3soPnwEnBLFQQWm579QsrZOdactq-wvnOAqgkHlDalmWXWEadPND9FJOB-vMMALNapS4yYop-SM0bzvz2cqeBaRXUYtwb6TN8UFlSOT2n5zewulhHECbgGyG_RcxrqHynAjyQzxFSpQLDYa0XdSjd2tXvLKMwVW7ax5PZyOUYlWK-x89DCVf9eSZeuchYw7HYCn5JU1-7RpKm89NF7dW8VlT2rpxRKVtkyhgDI4SfpgSIBwlnw

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://miui.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 08:05:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A3A8 0
20 B 27ms
22ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BVCvStd65YO-yI5PC7_UPiOiVuAYAAAAAOAHgBAI&bg=!6-il6KzNAAY6sG-_OrA7ACkAdvg8Wjg2gf9ByMBCTDaiNHOeCkTGt3wtiETqwuDot1gVvi-AR_MLtwIAAAHBUgAAAB5oAQeZApe6v8zJ3Y5deKCceSCgQ-sN7emOor1YsPhFOTzXih9QxFKM1HRg_SiuRP5z7zylXtaUJZylKvY04Q_MBw9Plr_UlkwK6ZElX-Gku7JXXFUYK6k1MD-hBoo7vwqMTUsYwyb1kpZ0vfAu352lg8s-LUnUGpMnc7iWNzLCstuUkUkagWjJOSk4qdxAVHDIeGpcB-uuC8Kt-2vYdxYZSm__oaN-VmyvEM_lhpKR1ZWUGuVXs-ERdh-6h2e0ORk86nGJNfcCx9itJEB0rboTvfw0qei01VdeOzLYFp19MS2RsvZzNVU64eXbUiMtionQOGtc_4e7OJVm4q_hl6H4pkmdTwhDDmYo45xWC8YlGE0tn3YTKCVRV80_Jq_2fZ5emtxKIuK6w8usr5l1Vbp4BAPO0CgwQmO8fuKMybUV5kt2tDo-SnDmBjEOrhzUUWC5KGd76xv-qSSmb6yirWm2Yela3Y_Le1s2pNS_XHmNy-RNBNaE7sqi17Ztq83y94cb4_4cPQxGSDX43ACXS-47SAfBC-vZitKMCmOXMj1H8uKFZarh4YGOPWg4-E_GOBiBSGI5XhuueDVNVU8O6YPybgj1QfV6WDTGDue39003KWROAQjTIQYNC7PJ7805hlNC7Ii1YlDHeVATquSt7tBupcIe662HTTybnlRw70XOb7JvN5FcZCE_OsOTzgKmaEjPEJRuqfpRGMxQAVg_ja1iEy7xqQWJ74gw4k0EdPVpnWYM3rgcL0w7JxI9AXw1p6s9I2xmcDYnnx1PY1DVO67I_wkFMg51O1e77pBHRwiDQBQYPAkY53P2vZkIN82ywoP_j7Jt3EKNB33BtdgFUK0Nxaf9lOxHX9CAlyyhQOls8m5zmpbgbms_Zov6s5I

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 08:05:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
spl.zeotap.com/ Frame 0E3E 8 KB
2 KB 70ms
49ms Document
text/html 2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84d99e29db588c0dd40abd0597c058b3fcd575c4c8bc2f98020fdc1fe3c46cdd

Request headers

:method: GET
:authority: spl.zeotap.com
:scheme: https
:path: /?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://miui.blog/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://miui.blog/

Response headers

date: Fri, 04 Jun 2021 08:05:11 GMT
content-type: text/html
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://miui.blog
set-cookie: zc=6cf72470-ab84-4d96-666e-17a73ce0a507; Path=/; Domain=.zeotap.com; Max-Age=31536000; SameSite=None; Secure zsc=%DD%1CU%E1%0Fjf%9DQK%C8%A7%90%93%00%CBP%E6%7D%CA%ECd%98%965%AC%3E%DDS%B1%D9X%09%E2%03%81%A2%F9%CAC%5E%26%DF%C860p%EE%9F69%99%80%E5p-%00%97%E4%A5%EE%0B%93%17%AB%40%09%09%87%A9%9A%1E%3D%91%E4%0E%81%1B%BFS%A3%EA%5CXd%D2i%85%AENK%04%85%80h%B5%15%DB%F4%09%08%B1%15%B7%8EH%A3i%0Fo%FA%1E%94%3C%0F%3C%2CDs%21%FA%E9J%11G%B3%27%2B%F2%5E%1C%80%D7a%11d%01%E7%3D%2Fl%7F3%D3%F6%CC%A1%5C%AE%CC%3C2%A8%ED%07%88%8C%B5%82%86_%F99%3B%FB%C9%D1%96; Path=/; Domain=.zeotap.com; Max-Age=86400; SameSite=None; Secure
vary: Origin
via: 1.1 google
cf-cache-status: DYNAMIC
cf-request-id: 0a77a7147400001f35a098e000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 659fa79a5ea81f35-FRA
content-encoding: br

GET
H2 200 sync.html Show response
public.servenobid.com/ Frame 9441 5 KB
2 KB 72ms
24ms Document
text/html 2620:1ec:48::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://public.servenobid.com/sync.html?gdpr=1&gdpr_consent=
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:48::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 018ebd8a1ce51b1b47a9470603ce8a7ccdad7c2a19618c2fcf2cdb51400a35bc

Request headers

:method: GET
:authority: public.servenobid.com
:scheme: https
:path: /sync.html?gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://miui.blog/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://miui.blog/

Response headers

cache-control: max-age=86400
content-type: text/html
content-encoding: br
last-modified: Thu, 03 Jun 2021 01:38:25 GMT
accept-ranges: bytes
etag: "55549ccf6b1078e3f1c5d9d672a8ffb3"
x-cache: TCP_HIT
server: AmazonS3
x-amz-id-2: h7Yx67Nb0Wk8bs2I76ZevzbfMoPC+K78RtssGv+HGO5ibnKbSPkeWZUUHmfAIuLjFIyqc97vYFs=
x-amz-request-id: XSWTX7DDD40G4Q7Q
x-azure-ref: 0t965YAAAAAB2h3padBL9SZd2PBIZpEmRTE9OMjFFREdFMDIyMgA4NGU3ZGZhMi0xNDQyLTQzMzQtYjM0Zi1lNDJkM2Y3ZGRhZDk=
date: Fri, 04 Jun 2021 08:05:11 GMT

GET
H2 200 quantumdex Show response
sync.quantumdex.io/usersync/ Frame 48E1 4 KB
1 KB 132ms
129ms Document
text/html 2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.quantumdex.io/usersync/quantumdex
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f41975d33c9ebcb132537abc6f81c6f101187abbd4ac44e64aff94186893a0c8

Request headers

:method: GET
:authority: sync.quantumdex.io
:scheme: https
:path: /usersync/quantumdex
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://miui.blog/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: uid=9410695d-9aba-461f-a2d8-9ab8c00db6f7
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://miui.blog/

Response headers

date: Fri, 04 Jun 2021 08:05:11 GMT
content-type: text/html
set-cookie: uid=9410695d-9aba-461f-a2d8-9ab8c00db6f7; expires=Thu, 24 Jun 2021 08:05:11 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status: DYNAMIC
cf-request-id: 0a77a71463000016e65e90a000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=v6B4ux9BruO4QXSNnpOT%2BcmGCqW4A1juFGXFLv9Kzq2Yhr6JKfhA8EAKC2I5xBAIRha7nKwEkw0g7ZVDrFL7V5BnG5o0aInuDm4pzVPCLysPqpcKMaMYCPoDAFYhcP612F9tyG0WdahFXeg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 659fa79a38a716e6-FRA
content-encoding: br

GET
H2

200

um
u-ams02.e-planning.net/
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3c01f1a5a54da346%26fi%3Dd4a70bdad4348c56%26uid%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3c01f1a5a54da346%26fi%3Dd4a70bdad4348c56%26uid%3D%24UID&sovrn_retry=true
https://u-ams02.e-planning.net/um?dc=3c01f1a5a54da346&fi=d4a70bdad4348c56&uid=61245e177df90608480f5686

42 B
104 B

1113ms
36ms

Image
image/gif

46.249.52.248
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-ams02.e-planning.net/um?dc=3c01f1a5a54da346&fi=d4a70bdad4348c56&uid=61245e177df90608480f5686
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://miui.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 08:05:12 GMT
server: openresty
content-type: image/gif

Redirect headers

Date: Fri, 04 Jun 2021 08:05:11 GMT
Server: nginx
Location: https://u-ams02.e-planning.net/um?dc=3c01f1a5a54da346&fi=d4a70bdad4348c56&uid=61245e177df90608480f5686
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H/1.1 400
Request failed due to privacy signals getuid
ib.adnxs.com/ Frame 0E3E 0
0 30ms
29ms Image
text/html 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf72470-ab84-4d96-666e-17a73ce0a507&reqId=8ba4980b-8292-48f7-4f78-c2617ddf2dd6&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 0E3E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf72470-ab84-4d96-666e-17a73ce0a507&reqId=8ba4980b-8292-48f7-4f...
https://mwzeom.zeotap.com/mw?google_gid=CAESEHXYZ9lPHvZ_mWxTq6BnH_w&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf72470-ab84-4d96-666e-17a73ce0a507&reqId=8ba498...

95 B
189 B

37ms
36ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?google_gid=CAESEHXYZ9lPHvZ_mWxTq6BnH_w&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf72470-ab84-4d96-666e-17a73ce0a507&reqId=8ba4980b-8292-48f7-4f78-c2617ddf2dd6&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 08:05:11 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 659fa79affb31f35-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 0a77a714d700001f35bc0a4000000001

Redirect headers

pragma: no-cache
date: Fri, 04 Jun 2021 08:05:11 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://mwzeom.zeotap.com/mw?google_gid=CAESEHXYZ9lPHvZ_mWxTq6BnH_w&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf72470-ab84-4d96-666e-17a73ce0a507&reqId=8ba4980b-8292-48f7-4f78-c2617ddf2dd6&zdid=1361
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 470
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 0E3E
Redirect Chain

https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
https://mwzeom.zeotap.com/mw?cid=864fed5d-2c16-4606-861c-99603a67178a&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf72470-ab84-4d96-666e-17a73ce0a507&reqId=8ba4980b-8292-48f7...

95 B
178 B

39ms
38ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=864fed5d-2c16-4606-861c-99603a67178a&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf72470-ab84-4d96-666e-17a73ce0a507&reqId=8ba4980b-8292-48f7-4f78-c2617ddf2dd6&zdid=1361
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 08:05:11 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 659fa79b58851f35-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 0a77a7151b00001f35ea8c1000000001

Redirect headers

date: Fri, 04 Jun 2021 08:05:11 GMT
via: 1.1 google
server: Jetty(9.4.36.v20210114)
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://mwzeom.zeotap.com/mw?cid=864fed5d-2c16-4606-861c-99603a67178a&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf72470-ab84-4d96-666e-17a73ce0a507&reqId=8ba4980b-8292-48f7-4f78-c2617ddf2dd6&zdid=1361
alt-svc: clear
content-length: 0

GET
H2 403 /
dmp.adform.net/serving/cookie/match/ Frame 0E3E 0
331 B 134ms
42ms Image
text/plain 37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf72470-ab84-4d96-666e-17a73ce0a507&reqId=8ba4980b-8292-48f7-4f78-c2617ddf2dd6&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 08:05:11 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 0E3E
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D6cf72470-ab84-4d96-666e-17a73ce0a507%26reqId%3D8...
https://match.adsrvr.org/track/cmb/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D6cf72470-ab84-4d96-666e-17a73ce0a507%26reqId%3D8...
https://mwzeom.zeotap.com/mw?cid=4ab078b0-6108-42ab-a233-00ff7852299c&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf72470-ab84-4d96-666e-17a73ce0a507&reqId=8ba4980b-8292-48f7...

95 B
178 B

41ms
41ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=4ab078b0-6108-42ab-a233-00ff7852299c&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf72470-ab84-4d96-666e-17a73ce0a507&reqId=8ba4980b-8292-48f7-4f78-c2617ddf2dd6&zdid=1361
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 08:05:11 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 659fa79bc91f1f35-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 0a77a7155c00001f359f1f1000000001

Redirect headers

pragma: no-cache
date: Fri, 04 Jun 2021 08:05:11 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://mwzeom.zeotap.com/mw?cid=4ab078b0-6108-42ab-a233-00ff7852299c&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf72470-ab84-4d96-666e-17a73ce0a507&reqId=8ba4980b-8292-48f7-4f78-c2617ddf2dd6&zdid=1361
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 481

GET
H2 200 cm
trc.taboola.com/sg/zeotap/1/ Frame 0E3E 0
162 B 109ms
36ms Image
text/plain 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf72470-ab84-4d96-666e-17a73ce0a507&reqId=8ba4980b-8292-48f7-4f78-c2617ddf2dd6&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 8
date: Fri, 04 Jun 2021 08:05:11 GMT
via: 1.1 varnish
server: nginx
x-timer: S1622793912.549870,VS0,VE8
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-hhn11536-HHN

GET
H/1.1 200
OK u
dmp.v.fwmrm.net/ad/ Frame 0E3E 0
411 B 413ms
97ms Image
text/html 2600:1f18:6593:f602:4d5e:ab92:54cb:6c57
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:6593:f602:4d5e:ab92:54cb:6c57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 08:05:11 GMT
P3P: policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control: no-store
Connection: keep-alive
Content-Type: text/html
Keep-Alive: timeout=300
Content-Length: 0
Expires: 0

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 0E3E 0
166 B 92ms
27ms Image
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D6cf72470-ab84-4d96-666e-17a73ce0a507%26reqId%3D8ba4980b-8292-48f7-4f78-c2617ddf2dd6%26zdid%3D1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 08:05:11 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 0E3E
Redirect Chain

https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf72470-ab84-4d96-666e-17a73ce0a507&reqId=8ba4980b-8292-48f7-4f78-c2617ddf2dd6&zdid=1361
https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf72470-ab84-4d96-666e-17a73ce0a507&reqId=8ba4980b-8292-48f7-4f78-c2617ddf2dd6&zdid=136...
https://mwzeom.zeotap.com/mw?cid=fc6952ad-32f5-47d7-a83c-a56ab00e8f78&zpartnerid=317&gdpr=1&gdpr_consent=

95 B
178 B

1085ms
1084ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=fc6952ad-32f5-47d7-a83c-a56ab00e8f78&zpartnerid=317&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 08:05:12 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 659fa79b98e01f35-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 0a77a7153e00001f350d088000000001

Redirect headers

pragma: no-cache
date: Fri, 04 Jun 2021 08:05:11 GMT
server: Apache-Coyote/1.1
location: https://mwzeom.zeotap.com/mw?cid=fc6952ad-32f5-47d7-a83c-a56ab00e8f78&zpartnerid=317&gdpr=1&gdpr_consent=
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
x-xss-protection: 1; mode=block
expires: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 0E3E
Redirect Chain

https://dpm.demdex.net/ibs:dpid=199624&dpuuid=6cf72470-ab84-4d96-666e-17a73ce0a507&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=6cf72470-ab84-4d96-666e-17a73ce0a507&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
https://mwzeom.zeotap.com/mw?cid=41344945576930350092590715152152937250&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf72470-ab84-4d96-666e-17a73ce0a507&reqId=8ba4980b-8292-...

95 B
178 B

31ms
31ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=41344945576930350092590715152152937250&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf72470-ab84-4d96-666e-17a73ce0a507&reqId=8ba4980b-8292-48f7-4f78-c2617ddf2dd6&zdid=1361
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 08:05:11 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 659fa79c39de1f35-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 0a77a7159f00001f35ff39f000000001

Redirect headers

DCS: dcs-prod-irl1-1-v008-0f3fad5e1.edge-irl1.demdex.com 6.3.0.20210527085910-PR_1432-SNAPSHOT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: SXl7c6b2QZE=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://mwzeom.zeotap.com/mw?cid=41344945576930350092590715152152937250&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf72470-ab84-4d96-666e-17a73ce0a507&reqId=8ba4980b-8292-48f7-4f78-c2617ddf2dd6&zdid=1361
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 204 /
loadeu.exelator.com/load/ Frame 0E3E 0
324 B 122ms
38ms Image
text/plain 18.198.69.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf72470-ab84-4d96-666e-17a73ce0a507&reqId=8ba4980b-8292-48f7-4f78-c2617ddf2dd6&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.69.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 08:05:11 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 0E3E
Redirect Chain

https://bn01.er.bemail.it/zeotap.php?_bid=6cf72470-ab84-4d96-666e-17a73ce0a507&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf72470-ab84-4d96-666e-17a73ce0a507&reqId=8ba4980b-...
https://mwzeom.zeotap.com/mw?cid=BE1-2021060410-14147-0.640017001622793911-e59d47c7dbd2b38b38c6af96fd1104db&zdid=533&env=mWeb

95 B
178 B

30ms
29ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=BE1-2021060410-14147-0.640017001622793911-e59d47c7dbd2b38b38c6af96fd1104db&zdid=533&env=mWeb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 08:05:11 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 659fa79c4a121f35-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 0a77a715b000001f35d6a5a000000001

Redirect headers

Location: https://mwzeom.zeotap.com/mw?cid=BE1-2021060410-14147-0.640017001622793911-e59d47c7dbd2b38b38c6af96fd1104db&zdid=533&env=mWeb
Date: Fri, 04 Jun 2021 08:05:11 GMT
Server: nginx/1.10.2
Connection: keep-alive
X-Powered-By: PHP/5.4.16
Transfer-Encoding: chunked
Content-Type: text/html

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 0E3E
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
https://mwzeom.zeotap.com/mw?cid=6969846775909382293&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf72470-ab84-4d96-666e-17a73ce0a507&reqId=8ba4980b-8292-48f7-4f78-...

95 B
178 B

32ms
31ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=6969846775909382293&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf72470-ab84-4d96-666e-17a73ce0a507&reqId=8ba4980b-8292-48f7-4f78-c2617ddf2dd6&zdid=1361
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 08:05:11 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 659fa79d7c501f35-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 0a77a7166d00001f35dc334000000001

Redirect headers

Location: https://mwzeom.zeotap.com/mw?cid=6969846775909382293&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf72470-ab84-4d96-666e-17a73ce0a507&reqId=8ba4980b-8292-48f7-4f78-c2617ddf2dd6&zdid=1361
Date: Fri, 04 Jun 2021 08:05:11 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2 200 receive
pixel.tapad.com/idsync/ex/ Frame 0E3E 95 B
425 B 30ms
30ms Image
image/png 35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=6cf72470-ab84-4d96-666e-17a73ce0a507

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.248.227.35.bc.googleusercontent.com

Software

Jetty(9.4.36.v20210114) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 08:05:11 GMT
via: 1.1 google
server: Jetty(9.4.36.v20210114)
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/png
alt-svc: clear
content-length: 95

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 0E3E
Redirect Chain

https://idsync.frontend.weborama.fr/ids?key=zeotap&value=6cf72470-ab84-4d96-666e-17a73ce0a507&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
https://idsync.frontend.weborama.fr/ids?key=zeotap&value=6cf72470-ab84-4d96-666e-17a73ce0a507&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
https://mwzeom.zeotap.com/mw?webouuid=t.QPWmz5hHyWnMe2RYmwte&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf72470-ab84-4d96-666e-17a73ce0a507&reqId=8ba4980b-8292-48...

95 B
281 B

30ms
30ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?webouuid=t.QPWmz5hHyWnMe2RYmwte&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf72470-ab84-4d96-666e-17a73ce0a507&reqId=8ba4980b-8292-48f7-4f78-c2617ddf2dd6&zdid=1361
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 08:05:14 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 659fa7af097c1f35-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 0a77a7216500001f3514155000000001

Redirect headers

pragma: no-cache
date: Fri, 04 Jun 2021 08:05:14 GMT
via: 1.1 google
last-modified: Fri, 04 Jun 2021 08:05:14 GMT
server: nginx/1.12.0
location: https://mwzeom.zeotap.com/mw?webouuid=t.QPWmz5hHyWnMe2RYmwte&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf72470-ab84-4d96-666e-17a73ce0a507&reqId=8ba4980b-8292-48f7-4f78-c2617ddf2dd6&zdid=1361
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: clear
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 200 2.gif
dmp.theadex.com/d/949/i/ Frame 0E3E 36 B
378 B 3151ms
49ms Image
image/gif 89.163.159.104
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=6cf72470-ab84-4d96-666e-17a73ce0a507&axd_pid=175
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 89.163.159.104 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx /
Resource Hash: 204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 08:05:14 GMT
server: nginx
p3p: CP="CAO PSAa PSDa IVAa IVDa OUR UNI COM NAV"
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
content-length: 36
expires: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 0E3E
Redirect Chain

https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=6cf72470-ab84-4d96-666e-17a73ce0a507?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_con...
https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=6cf72470-ab84-4d96-666e-17a73ce0a507?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdp...
https://mwzeom.zeotap.com/mw?pid=87135aa1c5438555154e7dec268386e9&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf72470-ab84-4d96-666e-17a73ce0a507&reqId=8ba4980b-82...

95 B
178 B

39ms
39ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?pid=87135aa1c5438555154e7dec268386e9&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf72470-ab84-4d96-666e-17a73ce0a507&reqId=8ba4980b-8292-48f7-4f78-c2617ddf2dd6&zdid=1361
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 08:05:14 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 659fa7afaac71f35-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 0a77a721ce00001f35cb362000000001

Redirect headers

pragma: no-cache
date: Fri, 04 Jun 2021 08:05:14 GMT
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://mwzeom.zeotap.com/mw?pid=87135aa1c5438555154e7dec268386e9&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf72470-ab84-4d96-666e-17a73ce0a507&reqId=8ba4980b-8292-48f7-4f78-c2617ddf2dd6&zdid=1361
cache-control: no-cache
x-server: 10.45.16.221
content-length: 0
expires: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 0E3E
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
https://mwzeom.zeotap.com/mw?cid=y-hS94qnFE2ortTwqUEjlGjwGU9Unvuku1KA--~A&zpartnerid=570&env=mWeb

95 B
178 B

37ms
37ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=y-hS94qnFE2ortTwqUEjlGjwGU9Unvuku1KA--~A&zpartnerid=570&env=mWeb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 08:05:14 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 659fa7af6a231f35-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 0a77a721a100001f3501985000000001

Redirect headers

date: Fri, 04 Jun 2021 08:05:14 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: text/html;charset=utf-8
location: https://mwzeom.zeotap.com/mw?cid=y-hS94qnFE2ortTwqUEjlGjwGU9Unvuku1KA--~A&zpartnerid=570&env=mWeb
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000
content-length: 0
x-content-type-options: nosniff

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 0E3E
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf72470-ab84-4d96-666e-17a73ce0a507&reqId=8ba4980b-8292-48f7-4f78-c2617ddf2dd6&zd...
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=HI0y5K%2BpxWW0Ur2JZBcqGPKaRTDB9%2BME%2BS41iYitP1U%3D

95 B
201 B

50ms
50ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=HI0y5K%2BpxWW0Ur2JZBcqGPKaRTDB9%2BME%2BS41iYitP1U%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 08:05:12 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 659fa79e2da11f35-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 0a77a716dd00001f35018a7000000001

Redirect headers

pragma: no-cache
date: Fri, 04 Jun 2021 08:05:12 GMT
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=HI0y5K%2BpxWW0Ur2JZBcqGPKaRTDB9%2BME%2BS41iYitP1U%3D
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H2 200 v2
odr.mookie1.com/t/ Frame 0E3E 43 B
324 B 75ms
33ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=6cf72470-ab84-4d96-666e-17a73ce0a507&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf72470-ab84-4d96-666e-17a73ce0a507&reqId=8ba4980b-8292-48f7-4f78-c2617ddf2dd6&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 08:05:11 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 0E3E 0
337 B 361ms
36ms Image
text/plain 34.254.85.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf72470-ab84-4d96-666e-17a73ce0a507&reqId=8ba4980b-8292-48f7-4f78-c2617ddf2dd6&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.85.82 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-85-82.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 08:05:12 GMT
cache-control: private, no-cache, no-store
x-request-time: D=51 t=1622793912
x-served-by: beacon-n021-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 /
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame 0E3E 95 B
358 B 1396ms
41ms Image
image/png 168.119.146.39
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=6cf72470-ab84-4d96-666e-17a73ce0a507&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf72470-ab84-4d96-666e-17a73ce0a507&reqId=8ba4980b-8292-48f7-4f78-c2617ddf2dd6&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 168.119.146.39 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.39.146.119.168.clients.your-server.de
Software: nginx/1.10.3 /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 08:05:13 GMT
server: nginx/1.10.3
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: image/png

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 0E3E
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr...
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YLneugABehGX9QAC&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf72470-ab84-4d96-666e-17a73ce0a507&reqId=8ba4980b-8292-48f7-4f78-c26...

95 B
178 B

31ms
31ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YLneugABehGX9QAC&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf72470-ab84-4d96-666e-17a73ce0a507&reqId=8ba4980b-8292-48f7-4f78-c2617ddf2dd6&zdid=1361&_test=YLneugABehGX9QAC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 08:05:14 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 659fa7b00b7a1f35-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 0a77a7220900001f351b0da000000001

Redirect headers

pragma: no-cache
date: Fri, 04 Jun 2021 08:05:14 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1622793915.866934,VS0,VE0
x-served-by: cache-hhn4021-HHN
x-cache: HIT
location: https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YLneugABehGX9QAC&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf72470-ab84-4d96-666e-17a73ce0a507&reqId=8ba4980b-8292-48f7-4f78-c2617ddf2dd6&zdid=1361&_test=YLneugABehGX9QAC
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 0E3E
Redirect Chain

https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
https://mwzeom.zeotap.com/mw?cid=c14760b9-deb8-4d00-bbbf-0ea27364777e&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf72470-ab84-4d96-666e-17a73ce0a507&reqId=8ba4980...

95 B
178 B

64ms
64ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=c14760b9-deb8-4d00-bbbf-0ea27364777e&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf72470-ab84-4d96-666e-17a73ce0a507&reqId=8ba4980b-8292-48f7-4f78-c2617ddf2dd6&zdid=1361
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 08:05:12 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 659fa79fe98d1f35-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 0a77a717f000001f35b39e2000000001

Redirect headers

Date: Fri, 04 Jun 2021 08:05:12 GMT
Server: MT3 3759 5f8f15b master cdg-pixel-x13
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://mwzeom.zeotap.com/mw?cid=c14760b9-deb8-4d00-bbbf-0ea27364777e&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf72470-ab84-4d96-666e-17a73ce0a507&reqId=8ba4980b-8292-48f7-4f78-c2617ddf2dd6&zdid=1361
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 0
Expires: Fri, 04 Jun 2021 08:06:58 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 0E3E
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf72470-ab84-4d96-666e-17a73ce0a507&reqId=8ba4980b-8292-48f7-4f78-c2617ddf2dd6&zdid=1361
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf72470-ab84-4d96-666e-17a73ce0a507&reqId=8ba4980b-8292-48f7-4f78-c2617ddf...

0
336 B

35ms
35ms

Image
text/plain

34.254.85.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf72470-ab84-4d96-666e-17a73ce0a507&reqId=8ba4980b-8292-48f7-4f78-c2617ddf2dd6&zdid=1361
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.85.82 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-85-82.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 08:05:12 GMT
cache-control: private, no-cache, no-store
x-request-time: D=40 t=1622793912
x-served-by: beacon-n005-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf72470-ab84-4d96-666e-17a73ce0a507&reqId=8ba4980b-8292-48f7-4f78-c2617ddf2dd6&zdid=1361
date: Fri, 04 Jun 2021 08:05:12 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a005-ash-prod.krxd.net

GET
H/1.1

200
OK

dcm
aax-eu.amazon-adsystem.com/s/ Frame 0E3E
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=6cf72470-ab84-4d96-666e-17a73ce0a507&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf72470-ab84-4d96-666...
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=6cf72470-ab84-4d96-666e-17a73ce0a507&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf72470-ab84-4d96-666...

43 B
433 B

38ms
38ms

Image
image/gif

52.95.116.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=6cf72470-ab84-4d96-666e-17a73ce0a507&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf72470-ab84-4d96-666e-17a73ce0a507&reqId=8ba4980b-8292-48f7-4f78-c2617ddf2dd6&zdid=1361&dcc=t
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.116.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 08:05:12 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 08:05:12 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=6cf72470-ab84-4d96-666e-17a73ce0a507&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf72470-ab84-4d96-666e-17a73ce0a507&reqId=8ba4980b-8292-48f7-4f78-c2617ddf2dd6&zdid=1361&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 0E3E
Redirect Chain

https://tags.bluekai.com/site/87734?id=6cf72470-ab84-4d96-666e-17a73ce0a507&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK...
https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734

95 B
178 B

41ms
40ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 08:05:12 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 659fa7a1bd441f35-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 0a77a7191500001f35a626e000000001

Redirect headers

Location: https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
Date: Fri, 04 Jun 2021 08:05:12 GMT
Connection: keep-alive
Content-Length: 0
BK-Server: c46f
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H2 200 zeo
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/ Frame 0E3E 0
38 B 121ms
42ms Image
text/plain 54.170.215.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D6cf72470-ab84-4d96-666e-17a73ce0a507%26reqId%3D8ba4980b-8292-48f7-4f78-c2617ddf2dd6%26zdid%3D1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.170.215.80 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-170-215-80.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 08:05:12 GMT
content-length: 0

GET
H2 200 cmp.min.js Show response
spl.zeotap.com/ Frame 0E3E 557 B
491 B 38ms
37ms Script
text/plain 2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf72470-ab84-4d96-666e-17a73ce0a507&reqId=8ba4980b-8292-48f7-4f78-c2617ddf2dd6&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9bedb63ea2288d63b47fd92158e2e52262249680a55aa37b0ea1dcfcdfa9bb6

Request headers

Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray: 659fa79abf601f35-FRA
date: Fri, 04 Jun 2021 08:05:11 GMT
via: 1.1 google
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
content-encoding: br
access-control-allow-headers: *
cf-request-id: 0a77a714b400001f35b1004000000001

GET
H2 200 13926 Show response
g2.gumgum.com/usync/ Frame 6732 4 KB
2 KB 124ms
41ms Document
text/html 52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/usync/13926?gdpr=1&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: f834ed5f735a1ddb17d2cd03957d4874d62d53f201b543345861ac96b588fa58

Request headers

:method: GET
:authority: g2.gumgum.com
:scheme: https
:path: /usync/13926?gdpr=1&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://public.servenobid.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://public.servenobid.com/

Response headers

date: Fri, 04 Jun 2021 08:05:11 GMT
content-type: text/html;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
set-cookie: vst=e_86c5cf05-5e0b-4b43-b9c2-04bcdd8e0703; Domain=.gumgum.com; Expires=Sat, 04-Jun-2022 08:05:11 GMT; Path=/; Secure; SameSite=None
etag: W/"024193ed9f6c1a38b296ce64239c6abf5"
timing-allow-origin: *
content-encoding: gzip

GET
H2 204 ps
pixel.33across.com/ Frame 896F 0
0 336ms
110ms Document
text/plain 67.202.110.23
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.33across.com/ps?m=xch&rt=html&id=0010b00002Mq2FYAAZ&ru=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D304%26uid%3D33XUSERID33X
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.110.23 Crown Point, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip23.67-202-110.static.steadfastdns.net
Software: 33XP004 /
Resource Hash

Request headers

:method: GET
:authority: pixel.33across.com
:scheme: https
:path: /ps?m=xch&rt=html&id=0010b00002Mq2FYAAZ&ru=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D304%26uid%3D33XUSERID33X
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://public.servenobid.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://public.servenobid.com/

Response headers

x-33x-status: 2000208
server: 33XP004
date: Fri, 04 Jun 2021 08:05:11 GMT

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame E2BC 2 KB
818 B 96ms
29ms Document
text/html 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=1&gdpr_consent=&us_privacy=1---&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D

Requested by

Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?gdpr=1&gdpr_consent=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?pubId=694e68b73971b58&gdpr=1&gdpr_consent=&us_privacy=1---&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://public.servenobid.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://public.servenobid.com/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK sync Show response
ssbsync.smartadserver.com/api/ Frame 4822 965 B
1 KB 74ms
23ms Document
text/html 185.86.139.103
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=1&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?gdpr=1&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.103 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 94ada01275df73eb7df839d145593c3214a96730ee15c93e658175e4222c0719

Request headers

Host: ssbsync.smartadserver.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://public.servenobid.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://public.servenobid.com/

Response headers

date: Fri, 04 Jun 2021 08:05:11 GMT
content-type: text/html
content-length: 965
set-cookie: pid=8383173539417482685; expires=Tue, 05 Jul 2022 08:04:11 GMT; domain=smartadserver.com; path=/; samesite=None; secure; samesite=none

GET
H2

200

sync
ads.servenobid.com/ Frame 9441
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
https://ads.servenobid.com/sync?pid=312&uid=8076165739457090535

0
287 B

113ms
37ms

Image
image/avif

54.246.172.223
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=312&uid=8076165739457090535
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.172.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 04 Jun 2021 08:05:11 GMT
access-control-allow-credentials: true
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
content-length: 0
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin

Redirect headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 08:05:11 GMT
X-Proxy-Origin: 185.128.25.84; 185.128.25.84; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.217:80
AN-X-Request-Uuid: d8b076fa-b57e-4ad6-be66-fc50fe398e2f
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ads.servenobid.com/sync?pid=312&uid=8076165739457090535
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sync
ads.servenobid.com/ Frame 9441
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID&sovrn_retry=true
https://ads.servenobid.com/sync?pid=310&uid=f7f00827064127582dba397c

0
289 B

44ms
39ms

Image
image/avif

54.246.172.223
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=310&uid=f7f00827064127582dba397c
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.172.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 04 Jun 2021 08:05:11 GMT
access-control-allow-credentials: true
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
content-length: 0
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin

Redirect headers

Date: Fri, 04 Jun 2021 08:05:11 GMT
Server: nginx
Location: https://ads.servenobid.com/sync?pid=310&uid=f7f00827064127582dba397c
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2

200

usersync
rtb.gumgum.com/ Frame 9441
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6150967574
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6150967574
https://sync.1rx.io/usersync/tradedesk/d52ddfc2-dd73-4528-97d2-f790ef7edf33
https://sync.targeting.unrulymedia.com/csync/RX-83bb1c57-9bbe-4f85-86a7-9e2c321c14a6-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-83bb1c57-9bbe-4f85-86a7-9e2c321c14a6-003
https://rtb.gumgum.com/usersync?b=rhy&i=RX-83bb1c57-9bbe-4f85-86a7-9e2c321c14a6-003

35 B
237 B

51ms
51ms

Image
image/gif

54.77.19.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=rhy&i=RX-83bb1c57-9bbe-4f85-86a7-9e2c321c14a6-003
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.19.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 08:05:12 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

location: https://rtb.gumgum.com/usersync?b=rhy&i=RX-83bb1c57-9bbe-4f85-86a7-9e2c321c14a6-003
date: Fri, 04 Jun 2021 08:05:12 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX83bb1c579bbe4f8586a79e2c321c14a6003
content-type: text/html

GET
H2 200 101954
jadserve.postrelease.com/suid/ Frame 9441 43 B
427 B 315ms
104ms Image
image/gif 54.173.100.33
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/suid/101954?ntv_r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D322%26uid%3DNTV_USER_ID
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.173.100.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-173-100-33.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 08:05:11 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2

200

sync
ads.servenobid.com/ Frame 9441
Redirect Chain

https://cs.admanmedia.com/sync/durationmedia?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D328%26uid%3D%7B%24UID%7D
https://ads.servenobid.com/sync?pid=328&uid=52179556cc5651e3fa2fab6f4579f9ae8ded9c53

0
301 B

37ms
37ms

Image
image/avif

54.246.172.223
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=328&uid=52179556cc5651e3fa2fab6f4579f9ae8ded9c53
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.172.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 04 Jun 2021 08:05:11 GMT
access-control-allow-credentials: true
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
content-length: 0
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin

Redirect headers

Location: https://ads.servenobid.com/sync?pid=328&uid=52179556cc5651e3fa2fab6f4579f9ae8ded9c53
Date: Fri, 04 Jun 2021 08:05:11 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked

GET
H2

200

sync
ads.servenobid.com/ Frame 9441
Redirect Chain

https://p.rfihub.com/cm?pub=44007&in=1
https://ads.servenobid.com/sync?pid=324&uid=1870471595660608388

0
286 B

84ms
83ms

Image
image/avif

54.246.172.223
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=324&uid=1870471595660608388
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.172.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 04 Jun 2021 08:05:11 GMT
access-control-allow-credentials: true
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
content-length: 0
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin

Redirect headers

Location: https://ads.servenobid.com/sync?pid=324&uid=1870471595660608388
Date: Fri, 04 Jun 2021 08:05:11 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 204 cmp
spl.zeotap.com/ Frame 0E3E 0
0 55ms
54ms Document
text/plain 2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf72470-ab84-4d96-666e-17a73ce0a507&reqId=8ba4980b-8292-48f7-4f78-c2617ddf2dd6&zdid=1361&cmp=0
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf72470-ab84-4d96-666e-17a73ce0a507&reqId=8ba4980b-8292-48f7-4f78-c2617ddf2dd6&zdid=1361
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: spl.zeotap.com
:scheme: https
:path: /cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=6cf72470-ab84-4d96-666e-17a73ce0a507&reqId=8ba4980b-8292-48f7-4f78-c2617ddf2dd6&zdid=1361&cmp=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: zc=6cf72470-ab84-4d96-666e-17a73ce0a507; zsc=%DD%1CU%E1%0Fjf%9DQK%C8%A7%90%93%00%CBP%E6%7D%CA%ECd%98%965%AC%3E%DDS%B1%D9X%09%E2%03%81%A2%F9%CAC%5E%26%DF%C860p%EE%9F69%99%80%E5p-%00%97%E4%A5%EE%0B%93%17%AB%40%09%09%87%A9%9A%1E%3D%91%E4%0E%81%1B%BFS%A3%EA%5CXd%D2i%85%AENK%04%85%80h%B5%15%DB%F4%09%08%B1%15%B7%8EH%A3i%0Fo%FA%1E%94%3C%0F%3C%2CDs%21%FA%E9J%11G%B3%27%2B%F2%5E%1C%80%D7a%11d%01%E7%3D%2Fl%7F3%D3%F6%CC%A1%5C%AE%CC%3C2%A8%ED%07%88%8C%B5%82%86_%F99%3B%FB%C9%D1%96
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Response headers

date: Fri, 04 Jun 2021 08:05:11 GMT
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://spl.zeotap.com
vary: Origin
via: 1.1 google
cf-cache-status: DYNAMIC
cf-request-id: 0a77a714e300001f35a0996000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 659fa79b0fd61f35-FRA

GET
H2

200

setuid
sync.quantumdex.io/ Frame 48E1
Redirect Chain

https://cs.admanmedia.com/sync/valueimpression?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadman%26uid%3D%7B%24UID%7D
https://sync.quantumdex.io/setuid?bidder=adman&uid=52179556cc5651e3fa2fab6f4579f9ae8ded9c53

43 B
361 B

137ms
137ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=adman&uid=52179556cc5651e3fa2fab6f4579f9ae8ded9c53
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 08:05:11 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=qZLVT5Fmtd7dKJydYL6GQIMKcursn%2F2yA6zqmPFz7xn3JbJ86CenOkZbaJeFYaLvIvUpRNZFJ4kGiQA5i1nSycUZ8aWdeos6HabnZW7NLvVERgbGVezGEcO6sWstw4YWnznfur3vbc4AAGU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 659fa79cef2f16e6-FRA
content-length: 43
cf-request-id: 0a77a71610000016e60a8ca000000001

Redirect headers

Location: https://sync.quantumdex.io/setuid?bidder=adman&uid=52179556cc5651e3fa2fab6f4579f9ae8ded9c53
Date: Fri, 04 Jun 2021 08:05:11 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked

GET
H2

200

setuid
sync.quantumdex.io/ Frame 48E1
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8076165739457090535

43 B
355 B

125ms
125ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8076165739457090535
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 08:05:11 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=eTqdYpwVSQom5rJOlLtI9HcFqUQJc%2FvIIibpIKrKBTegFDgUQ6jJIm1yzKdr2WVuUXXhueaKMSo%2FTFbqyOEy53H3cTCSDlrrzBVlQnfZWUU4mqIKckDOt8q%2ByfOdfwsleoBo5Iddnn%2BguT8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 659fa79b4b0f16e6-FRA
content-length: 43
cf-request-id: 0a77a7150e000016e63187c000000001

Redirect headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 08:05:11 GMT
X-Proxy-Origin: 185.128.25.84; 185.128.25.84; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.102:80
AN-X-Request-Uuid: 4d5f1814-3e99-495f-8482-1d740729eafe
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8076165739457090535
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 48E1
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=8076165739457090535

43 B
350 B

130ms
130ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=anx152media&uid=8076165739457090535
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 08:05:11 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=XmvrQmkaPQdkwHHOzGKYCyGoKhd5CZgqvq3SpA8BYR%2BsMoHzeVuWGBIxNqfKj68DEIMK6REKNLo25Vo2u%2Buhxa6%2BoCnq7D4o8sIgVOzNUZLS5iGX%2FDdMu3LtAA%2BCDh%2B3MSKwPjXWpl1F%2Fvc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 659fa79b8ba316e6-FRA
content-length: 43
cf-request-id: 0a77a71534000016e648027000000001

Redirect headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 08:05:11 GMT
X-Proxy-Origin: 185.128.25.84; 185.128.25.84; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.56:80
AN-X-Request-Uuid: 6608e75c-8cd1-443f-920a-71b679c72997
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=anx152media&uid=8076165739457090535
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK us
sync.go.sonobi.com/ Frame 48E1 0
478 B 185ms
44ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 08:05:11 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 48E1
Redirect Chain

https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-39481e10-40db-4d5a-bf20-b7ec0c968a43

43 B
357 B

131ms
131ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-39481e10-40db-4d5a-bf20-b7ec0c968a43
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 08:05:11 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=34Eqeqyj0h5kA3tw6B%2BWfrWTqcSc5gSBpuQCf3p%2B%2FzVizfkoAizNDYmfQAFD54wLkCr7nHp8K6w3hbrd1BGkuWbIRjcrgF9qt7Jn7ill%2FxLiZ0T57VCPRU3K%2F%2BWjMUozfgmZnQxCaFJgMzs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 659fa79d0f8116e6-FRA
content-length: 43
cf-request-id: 0a77a71620000016e65e935000000001

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-39481e10-40db-4d5a-bf20-b7ec0c968a43
date: Fri, 04 Jun 2021 08:05:11 GMT
server: Apache-Coyote/1.1
content-length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 48E1
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=f7f00827064127582dba397c

43 B
344 B

134ms
133ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=f7f00827064127582dba397c
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 08:05:11 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=DCHW1sFnbOLHi%2FWFT7UiqVRLXuk5HVc3LgEeaq7yARPtvwTHJjOnWuKN4vnS%2F0c4ZyqHNdhwGGCrevLCloTmXK7CgN0BX3XeGlPLx%2FTI82DjrLZ2j1ZCQSXnCb7horHIR7f0ZDEJiNfSqL0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 659fa79b8ba016e6-FRA
content-length: 43
cf-request-id: 0a77a71534000016e62f07e000000001

Redirect headers

Date: Fri, 04 Jun 2021 08:05:11 GMT
Server: nginx
Location: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=f7f00827064127582dba397c
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 48E1
Redirect Chain

https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true
https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP95fa4174-c50b-11eb-8cdb-02770eac6a52
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP95fa4174-c50b-11eb-8cdb-02770eac6a52

43 B
344 B

135ms
135ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP95fa4174-c50b-11eb-8cdb-02770eac6a52
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 08:05:11 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=kD75T3FHxyd3oHZ%2BItuLjWoZJ1Qa9FpLFBu9aDEfow88ga5KyzTBxtHkSwkiJgY0I%2FGDhOIx4mO7t2CUIjx3i6aigzwSUtUIc%2Boxr34gXol0PNo7%2Bhz7uba%2F0TteRjAWMnHRpRn0fjUSnUQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 659fa79c9e5f16e6-FRA
content-length: 43
cf-request-id: 0a77a715e2000016e605146000000001

Redirect headers

Date: Fri, 04 Jun 2021 08:05:11 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP95fa4174-c50b-11eb-8cdb-02770eac6a52
Connection: keep-alive
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 48E1
Redirect Chain

https://ups.analytics.yahoo.com/ups/58424/occ
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-qizxQG1E2uEbfD6kyP.hxf_tIhqeV.7b8_85cXM-~A

43 B
343 B

132ms
132ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-qizxQG1E2uEbfD6kyP.hxf_tIhqeV.7b8_85cXM-~A
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 08:05:11 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=OJEuOO%2F0vNJ5VvjGpfuD1XzQ1QsuqaqaDjOqzFeImu%2F0gvoq0z3jsUILN8pU7oedV64Tn%2BLCh9okVS0BEztPU4lvGpXHvvdNaAxRza31UlPYe%2BFtSF1YoV9YCVqYGsMCuHcq1tXhADDPrio%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 659fa79c5d9b16e6-FRA
content-length: 43
cf-request-id: 0a77a715b9000016e621383000000001

Redirect headers

Date: Fri, 04 Jun 2021 08:05:11 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-qizxQG1E2uEbfD6kyP.hxf_tIhqeV.7b8_85cXM-~A
Connection: keep-alive
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 48E1
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=8076165739457090535

43 B
348 B

127ms
127ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=8076165739457090535
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 08:05:11 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=BzArh%2Fz4Zh0wyjyXcA6Mr648CzlDWuG%2FzzyYl4wO348TLZNejbKurO1BBqYaxXmqITi2U6yUv2e0gE19BNwm%2Foy2OUwXLi%2BmhGrCSW05X3ha6kZzZjhycRXLFFk%2Fxmn8lXBxC%2B7loQgc6XA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 659fa79bcc2916e6-FRA
content-length: 43
cf-request-id: 0a77a7155b000016e67b073000000001

Redirect headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 08:05:11 GMT
X-Proxy-Origin: 185.128.25.84; 185.128.25.84; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.239:80
AN-X-Request-Uuid: e689cec6-d79f-453e-91a6-f438a50843b9
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=8076165739457090535
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 48E1
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
https://sync.quantumdex.io/setuid?bidder=between&uid=5c35f82d-6931-519b-8f0c-f6bfefb52808

43 B
345 B

132ms
132ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=between&uid=5c35f82d-6931-519b-8f0c-f6bfefb52808
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 08:05:11 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=1phhGbG9cSXSLIQe2dgZXm9%2Ft6CpX0WGnD%2BR9zS4chQAlhFC3C%2F0g%2BhdK8anauGzWeXPFC1MPblWITvxIKgHZMBmxq96kBLxXu1i4RYWL6d5wprK4GA5zFbiAqK1p9nn4ZfQvA%2B7lrBw028%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 659fa79cff7d16e6-FRA
content-length: 43
cf-request-id: 0a77a71620000016e6702fd000000001

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=between&uid=5c35f82d-6931-519b-8f0c-f6bfefb52808
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 48E1
Redirect Chain

https://ms.quantumdex.io/user/sync/quantumdex
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=3311a46b-cf0e-461e-b66f-df93cff0fcb6

43 B
370 B

135ms
135ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=3311a46b-cf0e-461e-b66f-df93cff0fcb6
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 08:05:12 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=10rSCSy3Ej5%2FErxkpZcYTcMDf7SOP3r%2FmTiy4%2FPEzOTWtHg2msFgryrJ4xQg%2Bd8STOrAPeA0sPCS%2BGfhVco1n5LNKn3WksFMh0sFo4xStFFmrJiyJFWY0a%2BrdaKcuYg6Bz%2FxL9QDTFo0yNU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 659fa79d988516e6-FRA
content-length: 43
cf-request-id: 0a77a71685000016e6823e4000000001

Redirect headers

date: Fri, 04 Jun 2021 08:05:11 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=5tnpHHXOJ3VFu%2F7lB5I3mFAyhO%2Bz%2F%2B05tq5RMY6g5cgDXNkkOGBenUy5A8ucAx0lqJ7dyNYTPSCHufws5ez104QeYmNqUglQdxqpCzojSnU1ugFY069V%2FwArWOt64JYZ73vGMDYAAV3X"}],"group":"cf-nel","max_age":604800}
location: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=3311a46b-cf0e-461e-b66f-df93cff0fcb6
cf-ray: 659fa79c2d1d16e6-FRA
content-length: 0
cf-request-id: 0a77a7159d000016e621380000000001

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame 824C 0
0 337ms
110ms Document
text/plain 67.202.110.23
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.110.23 Crown Point, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip23.67-202-110.static.steadfastdns.net
Software: 33XP002 /
Resource Hash

Request headers

:method: GET
:authority: ssc-cms.33across.com
:scheme: https
:path: /ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

x-33x-status: 2000208
server: 33XP002
date: Fri, 04 Jun 2021 08:05:11 GMT

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame CFA5 2 KB
818 B 42ms
30ms Document
text/html 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2bb78272a859ca6

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?pubId=2bb78272a859ca6
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK Cookie set usermatch Show response
ssum-sec.casalemedia.com/ Frame B0F6 2 KB
3 KB 3144ms
45ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 3ff1a53e50a716e94e9663a38493cd6b12eb4ac524fb69f7de623f8ec508e087

Request headers

Host: ssum-sec.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://sync.quantumdex.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMID=YLnetvCEsFb3S-PMUvEwSwAA; CMPS=1215; CMPRO=1138; CMST=YLnetmC53rYA; CMRUM3=2d60b9deb62760CAESEMUvi_jSjCsBy8fivsK8l1Y
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 241|39|230|46|8|73|105|206
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1676
Expires: Fri, 04 Jun 2021 08:05:14 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 04 Jun 2021 08:05:14 GMT
Connection: keep-alive
Set-Cookie: CMID=YLnetvCEsFb3S-PMUvEwSwAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 04 Jun 2022 08:05:14 GMT CMPS=1215;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 02 Sep 2021 08:05:14 GMT CMPRO=1138;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 02 Sep 2021 08:05:14 GMT CMRUM3=f160b9deba05a0&ce60b9deba05a0&e660b9deba2760&2760b9deba0b40&2e60b9deba05a0&0860b9deba05a00&6960b9deba05a0&2d60b9deb62760CAESEMUvi_jSjCsBy8fivsK8l1Y&4960b9deba05a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 04 Jun 2022 08:05:14 GMT CMST=YLnetmC53roA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 05 Jun 2021 08:05:14 GMT

GET
H/1.1 200
OK Cookie set uc.html Show response
sync.go.sonobi.com/ Frame D854 43 B
551 B 128ms
32ms Document
text/html 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Host: sync.go.sonobi.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://sync.quantumdex.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

Date: Fri, 04 Jun 2021 08:05:11 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, no-store, private
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma: no-cache
Tcn: Choice
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
X-Xss-Protection: 0
Content-Encoding: gzip
Server: sonobi-go
Set-Cookie: HAPLB5S=s579|YLneu; path=/; domain=.go.sonobi.com

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 289D 8 KB
3 KB 1105ms
29ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: adeacac4167dc188f54213893f0444ea5d60995143ad0552dcb4c383199a740b

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

last-modified: Tue, 01 Jun 2021 06:44:25 GMT
etag: "1300708-2080-5c3aeac410031"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 2586
content-type: text/html; charset=UTF-8
cache-control: max-age=64888
expires: Sat, 05 Jun 2021 02:06:40 GMT
date: Fri, 04 Jun 2021 08:05:12 GMT
vary: Accept-Encoding

GET
H2 200 sync
ads.servenobid.com/ Frame 4822 0
286 B 55ms
39ms Image
image/avif 54.246.172.223
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=317&uid=8383173539417482685&gdpr=1&gdpr_consent=
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=1&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.172.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 04 Jun 2021 08:05:11 GMT
access-control-allow-credentials: true
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
content-length: 0
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin

GET
H/1.1

200
OK

sync
ssbsync.smartadserver.com/api/ Frame 4822
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Fssbsync.smartadserver.com%2Fapi%2Fsync%3Fcallerid%3D9%26gdpr%3D1%26gdpr_consent%3D%26partnerid%3D22%26buid%3DYOUR_USER_ID
https://c1.adform.net/serving/cookie/match?CC=1&party=10&sspurl=https%3A%2F%2Fssbsync.smartadserver.com%2Fapi%2Fsync%3Fcallerid%3D9%26gdpr%3D1%26gdpr_consent%3D%26partnerid%3D22%26buid%3DYOUR_USER_ID
https://ssbsync.smartadserver.com/api/sync?callerid=9&gdpr=1&gdpr_consent=&partnerid=22&buid=6030728100479429585

0
75 B

23ms
20ms

Image
text/plain

185.86.139.103
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerid=9&gdpr=1&gdpr_consent=&partnerid=22&buid=6030728100479429585
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=1&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.103 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 08:05:11 GMT
content-length: 0

Redirect headers

pragma: no-cache
date: Fri, 04 Jun 2021 08:05:11 GMT
server: nginx
location: https://ssbsync.smartadserver.com/api/sync?callerid=9&gdpr=1&gdpr_consent=&partnerid=22&buid=6030728100479429585
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1

200
OK

sync
ssbsync.smartadserver.com/api/ Frame 4822
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fssbsync.smartadserver.com%2Fapi%2Fsync%3Fcallerid%3D9%26gdpr%3D1%26gdpr_consent%3D%26partnerid%3D86%26buid%3D$UID
https://ssbsync.smartadserver.com/api/sync?callerid=9&gdpr=1&gdpr_consent=&partnerid=86&buid=8076165739457090535

0
75 B

20ms
20ms

Image
text/plain

185.86.139.103
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerid=9&gdpr=1&gdpr_consent=&partnerid=86&buid=8076165739457090535
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=1&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.103 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 08:05:11 GMT
content-length: 0

Redirect headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 08:05:11 GMT
X-Proxy-Origin: 185.128.25.84; 185.128.25.84; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.154:80
AN-X-Request-Uuid: d9fea634-83be-40ee-9d02-711f6496ead5
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ssbsync.smartadserver.com/api/sync?callerid=9&gdpr=1&gdpr_consent=&partnerid=86&buid=8076165739457090535
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

sync
ssbsync.smartadserver.com/api/ Frame 4822
Redirect Chain

https://sync.adotmob.com/cookie/smart?r=https%3A%2F%2Fssbsync.smartadserver.com%2Fapi%2Fsync%3Fcallerid%3D9%26gdpr%3D1%26gdpr_consent%3D%26partnerid%3D66%26buid%3D%7Bamob_user_id%7D
https://ssbsync.smartadserver.com/api/sync?callerid=9&gdpr=1&gdpr_consent=&partnerid=66&buid=064f22040067c2d3d0b17562

0
75 B

27ms
20ms

Image
text/plain

185.86.139.103
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerid=9&gdpr=1&gdpr_consent=&partnerid=66&buid=064f22040067c2d3d0b17562
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=1&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.103 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 08:05:14 GMT
content-length: 0

Redirect headers

Location: https://ssbsync.smartadserver.com/api/sync?callerid=9&gdpr=1&gdpr_consent=&partnerid=66&buid=064f22040067c2d3d0b17562
Date: Fri, 04 Jun 2021 08:05:14 GMT
Access-Control-Allow-Credentials: true
X-Powered-By: Express
Content-Length: 0
Vary: Origin

GET
H/1.1

200
OK

sync
ssbsync.smartadserver.com/api/ Frame 4822
Redirect Chain

https://eu-u.openx.net/w/1.0/cm?id=a547219b-814b-4e3e-8a4f-35c044fa1891&ph=ec81d0b7-c42e-4a42-b97a-9305af647d30&r=https%3A%2F%2Fssbsync.smartadserver.com%2Fapi%2Fsync%3Fcallerid%3D9%26gdpr%3D1%26gd...
https://eu-u.openx.net/w/1.0/cm?cc=1&id=a547219b-814b-4e3e-8a4f-35c044fa1891&ph=ec81d0b7-c42e-4a42-b97a-9305af647d30&r=https%3A%2F%2Fssbsync.smartadserver.com%2Fapi%2Fsync%3Fcallerid%3D9%26gdpr%3D1...
https://ssbsync.smartadserver.com/api/sync?callerid=9&gdpr=1&gdpr_consent=&partnerid=100&buid=6f1bdd90-a0ed-0cf0-07da-fbac60b20d9e

0
75 B

20ms
20ms

Image
text/plain

185.86.139.103
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerid=9&gdpr=1&gdpr_consent=&partnerid=100&buid=6f1bdd90-a0ed-0cf0-07da-fbac60b20d9e
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=1&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.103 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 08:05:14 GMT
content-length: 0

Redirect headers

date: Fri, 04 Jun 2021 08:05:14 GMT
content-encoding: gzip
server: OXGW/16.208.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://ssbsync.smartadserver.com/api/sync?callerid=9&gdpr=1&gdpr_consent=&partnerid=100&buid=6f1bdd90-a0ed-0cf0-07da-fbac60b20d9e
content-type: image/gif
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H2

200

usersync
rtb.gumgum.com/ Frame 6732
Redirect Chain

https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID
https://rtb.gumgum.com/usersync?b=apn&i=8076165739457090535

35 B
237 B

76ms
52ms

Image
image/gif

54.77.19.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=apn&i=8076165739457090535
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=1&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.19.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 08:05:11 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 08:05:11 GMT
X-Proxy-Origin: 185.128.25.84; 185.128.25.84; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.71:80
AN-X-Request-Uuid: 5416f57d-75b1-458f-b874-c8c18a4a9f06
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://rtb.gumgum.com/usersync?b=apn&i=8076165739457090535
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 sync
x.bidswitch.net/ Frame 6732 43 B
146 B 3158ms
52ms Image
image/gif 35.157.168.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_86c5cf05-5e0b-4b43-b9c2-04bcdd8e0703&gdpr=1&gdpr_consent=&us_privacy=1---
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=1&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.168.25 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 08:05:14 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame 6732
Redirect Chain

https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=1&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D
https://rtb.gumgum.com/usersync?b=obn&i=ENC%28DaZYBG8BG8rrfB-N1C31iT_5DGhrj9edntU6pNct7XX8MmZjlE_DIvOPsMsEN8MH%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26pla...
https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_86c5cf05-5e0b-4b43-b9c2-04bcdd8e0703&obuid=ENC(DaZYBG8BG8rrfB-N1C31iT_5DGhrj9edntU6pNct7XX8MmZjlE_DIvOPsMsEN8MH)
https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
https://ib.adnxs.com/getuid?https://sync.outbrain.com/cookie-sync?p=appnexus&uid=DaZYBG8BG8rrfB-N1C31iT_5DGhrj9edntU6pNct7XX8MmZjlE_DIvOPsMsEN8MH
https://sync.outbrain.com/cookie-sync?p=appnexus&uid=DaZYBG8BG8rrfB-N1C31iT_5DGhrj9edntU6pNct7XX8MmZjlE_DIvOPsMsEN8MH

0
336 B

96ms
96ms

Image
text/plain

64.202.112.191
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=appnexus&uid=DaZYBG8BG8rrfB-N1C31iT_5DGhrj9edntU6pNct7XX8MmZjlE_DIvOPsMsEN8MH
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=1&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.191 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 04 Jun 2021 08:05:12 GMT
Cache-Control: no-cache
X-TraceId: 58baba91f3d4e3e8d5ae3d15873f44b5
Content-Length: 0

Redirect headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 08:05:12 GMT
X-Proxy-Origin: 185.128.25.84; 185.128.25.84; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.247:80
AN-X-Request-Uuid: 6f8f87f7-5167-42d3-ba47-b0e572ed8f39
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.outbrain.com/cookie-sync?p=appnexus&uid=DaZYBG8BG8rrfB-N1C31iT_5DGhrj9edntU6pNct7XX8MmZjlE_DIvOPsMsEN8MH
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

usersync
rtb.gumgum.com/ Frame 6732
Redirect Chain

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=1&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=1&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
https://rtb.gumgum.com/usersync?b=opx&i=613b29a0-fb90-4f06-a182-acf4c8f20f2e

35 B
237 B

47ms
47ms

Image
image/gif

54.77.19.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=opx&i=613b29a0-fb90-4f06-a182-acf4c8f20f2e
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=1&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.19.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 08:05:14 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

date: Fri, 04 Jun 2021 08:05:14 GMT
content-encoding: gzip
server: OXGW/16.208.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://rtb.gumgum.com/usersync?b=opx&i=613b29a0-fb90-4f06-a182-acf4c8f20f2e
content-type: image/gif
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H/1.1 200
OK sync
sync.srv.stackadapt.com/ Frame 6732 43 B
168 B 3420ms
98ms Image
image/gif 54.87.192.123
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.srv.stackadapt.com/sync?nid=1&gdpr=1&gdpr_consent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=1&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.87.192.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 04 Jun 2021 08:05:14 GMT
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2

200

usersync
rtb.gumgum.com/ Frame 6732
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=1&gdpr_consent=
https://rtb.gumgum.com/usersync?b=oth&i=y-kAa7m8BE2peQ9.1hu7aR2UsaGAJFU5IOnZuv~A

35 B
238 B

102ms
52ms

Image
image/gif

54.77.19.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=oth&i=y-kAa7m8BE2peQ9.1hu7aR2UsaGAJFU5IOnZuv~A
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=1&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.19.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 08:05:11 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

date: Fri, 04 Jun 2021 08:05:11 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://rtb.gumgum.com/usersync?b=oth&i=y-kAa7m8BE2peQ9.1hu7aR2UsaGAJFU5IOnZuv~A
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

usersync
rtb.gumgum.com/ Frame 6732
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=1&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%...
https://rtb.gumgum.com/usersync?b=vnt&i=97f88264-c50b-11eb-9224-373fc127c282

35 B
237 B

47ms
47ms

Image
image/gif

54.77.19.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=vnt&i=97f88264-c50b-11eb-9224-373fc127c282
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=1&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.19.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 08:05:15 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Location: https://rtb.gumgum.com/usersync?b=vnt&i=97f88264-c50b-11eb-9224-373fc127c282
Date: Fri, 04 Jun 2021 08:05:14 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
Content-Length: 0
X-CI-RTID: 97f88265-c50b-11eb-9224-373fc127c282

GET
H2 204 services
sync.technoratimedia.com/ Frame 6732 0
293 B 1307ms
99ms Image
text/plain 193.122.130.38
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=1&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 193.122.130.38 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 08:05:12 GMT
via: 1.1 varnish
server: nginx
age: 0
access-control-allow-methods: POST,GET,HEAD,OPTIONS
x-varnish: 451084981
access-control-allow-origin: https://g2.gumgum.com/
access-control-allow-credentials: true

GET
H2 200 142
match.deepintent.com/usersync/ Frame 6732 0
44 B 3339ms
115ms Image
text/plain 169.197.150.7
DEEPINTENT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.deepintent.com/usersync/142?redir=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=1&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software: b /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 08:05:14 GMT
content-length: 0
server: b

GET
H2

200

usersync
rtb.gumgum.com/ Frame 6732
Redirect Chain

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_86c5cf05-5e0b-4b43-b9c2-04bcdd8e0703&gdpr=1&gdpr_consent=&us_privacy=1---
https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=1&us_privacy=1---

35 B
237 B

47ms
47ms

Image
image/gif

54.77.19.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=1&us_privacy=1---
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=1&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.19.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 08:05:15 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Location: https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=1&us_privacy=1---
Pragma: no-cache
Date: Fri, 04 Jun 2021 08:05:14 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 98
Content-Type: text/html; charset=utf-8

GET
H2

200

usersync
rtb.gumgum.com/ Frame 6732
Redirect Chain

https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
https://rtb.gumgum.com/usersync?b=idi&i=ffa4cd69-1059-4bbd-94ed-3613f346eff6

35 B
237 B

48ms
47ms

Image
image/gif

54.77.19.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=idi&i=ffa4cd69-1059-4bbd-94ed-3613f346eff6
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=1&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.19.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 08:05:15 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

location: https://rtb.gumgum.com/usersync?b=idi&i=ffa4cd69-1059-4bbd-94ed-3613f346eff6
date: Fri, 04 Jun 2021 08:05:15 GMT
access-control-allow-origin: *
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

usersync
rtb.gumgum.com/ Frame 6732
Redirect Chain

https://sync.1rx.io/usersync2/floor6&gdpr=1&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1664610463
https://sync.1rx.io/usersync/tradedesk/4ab078b0-6108-42ab-a233-00ff7852299c
https://sync.targeting.unrulymedia.com/csync/RX-83bb1c57-9bbe-4f85-86a7-9e2c321c14a6-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-83bb1c57-9bbe-4f85-86a7-9e2c321c14a6-003
https://rtb.gumgum.com/usersync?b=rhy&i=RX-83bb1c57-9bbe-4f85-86a7-9e2c321c14a6-003

35 B
237 B

51ms
51ms

Image
image/gif

54.77.19.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=rhy&i=RX-83bb1c57-9bbe-4f85-86a7-9e2c321c14a6-003
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=1&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.19.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 08:05:12 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

location: https://rtb.gumgum.com/usersync?b=rhy&i=RX-83bb1c57-9bbe-4f85-86a7-9e2c321c14a6-003
date: Fri, 04 Jun 2021 08:05:12 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX83bb1c579bbe4f8586a79e2c321c14a6003
content-type: text/html

GET
H2

200

usersync
rtb.gumgum.com/ Frame 6732
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
https://rtb.gumgum.com/usersync?b=pln&i=1leMvBSrZDIV&ev=1&pid=558355

35 B
237 B

48ms
47ms

Image
image/gif

54.77.19.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=pln&i=1leMvBSrZDIV&ev=1&pid=558355
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=1&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.19.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 08:05:13 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: en-US
location: https://rtb.gumgum.com/usersync?b=pln&i=1leMvBSrZDIV&ev=1&pid=558355
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-555c8fd69d-mljl9
expires: -1

GET
H2 200 sync
ads.servenobid.com/ Frame 6732 0
299 B 44ms
38ms Image
image/avif 54.246.172.223
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=309&uid=e_86c5cf05-5e0b-4b43-b9c2-04bcdd8e0703
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=1&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.172.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 04 Jun 2021 08:05:11 GMT
access-control-allow-credentials: true
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
content-length: 0
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 0BCB
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=1&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
https://rtb.gumgum.com/usersync?b=mmh&i=123360b9-deba-4000-8980-7ed1d41e2cc5&gdpr=1&gdpr_consent=

35 B
237 B

47ms
47ms

Document
image/gif

54.77.19.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=mmh&i=123360b9-deba-4000-8980-7ed1d41e2cc5&gdpr=1&gdpr_consent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=1&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.19.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=mmh&i=123360b9-deba-4000-8980-7ed1d41e2cc5&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://g2.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://g2.gumgum.com/

Response headers

date: Fri, 04 Jun 2021 08:05:14 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

Date: Fri, 04 Jun 2021 08:07:24 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=360
Server: MT3 3759 5f8f15b master cdg-pixel-x4
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: uuid=123360b9-deba-4000-8980-7ed1d41e2cc5; domain=.mathtag.com; path=/; expires=Sat, 02-Jul-2022 08:05:14 GMT; SameSite=None; Secure
location: https://rtb.gumgum.com/usersync?b=mmh&i=123360b9-deba-4000-8980-7ed1d41e2cc5&gdpr=1&gdpr_consent=
Expires: Fri, 04 Jun 2021 08:07:23 GMT

GET
H2

200

URnmbSKM Show response
sync-tm.everesttech.net/ct/upi/pid/ Frame 0F29
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=&_test=YLneugABUGMuPwBg

85 B
161 B

32ms
31ms

Document
image/png

151.101.114.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=&_test=YLneugABUGMuPwBg
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=1&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

:method: GET
:authority: sync-tm.everesttech.net
:scheme: https
:path: /ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=&_test=YLneugABUGMuPwBg
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://g2.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: everest_g_v2=g_surferid~YLneugABehGX9QAC
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://g2.gumgum.com/

Response headers

content-type: image/png
server: Jetty(9.4.35.v20201120)
accept-ranges: bytes
date: Fri, 04 Jun 2021 08:05:14 GMT
via: 1.1 varnish
age: 1676
x-served-by: cache-hhn4021-HHN
x-cache: HIT
x-cache-hits: 16722
x-timer: S1622793915.867004,VS0,VE0
cache-control: no-cache
pragma: no-cache
content-length: 85

Redirect headers

p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
set-cookie: everest_g_v2=g_surferid~YLneugABUGMuPwBg; Path=/; Domain=.everesttech.net; Expires=Sat, 04-Jun-2022 08:05:14 GMT; Max-Age=31536000;SameSite=None;Secure
location: https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=&_test=YLneugABUGMuPwBg
server: Jetty(9.4.35.v20201120)
accept-ranges: bytes
date: Fri, 04 Jun 2021 08:05:14 GMT
via: 1.1 varnish
x-served-by: cache-hhn4021-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1622793915.733319,VS0,VE97
cache-control: no-cache
pragma: no-cache
content-length: 0

GET
H3-29 200 pixel Show response
cm.g.doubleclick.net/ Frame 027B 170 B
188 B 47ms
45ms Document
image/png 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV84NmM1Y2YwNS01ZTBiLTRiNDMtYjljMi0wNGJjZGQ4ZTA3MDM=&gdpr=1&gdpr_consent=

Requested by

Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=1&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

:method: GET
:authority: cm.g.doubleclick.net
:scheme: https
:path: /pixel?google_nid=gumgum_dbm&google_hm=ZV84NmM1Y2YwNS01ZTBiLTRiNDMtYjljMi0wNGJjZGQ4ZTA3MDM=&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://g2.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlOS-_xFW9MPTDyuZK7rGMrD8GV8_jZaC-heKCNDU90hby1ys6LAfX5uG1a
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://g2.gumgum.com/

Response headers

content-type: image/png
date: Fri, 04 Jun 2021 08:05:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
server: HTTP server (unknown)
content-length: 170
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame D802 8 KB
3 KB 1030ms
31ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=1&gdprConsent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=1&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: adeacac4167dc188f54213893f0444ea5d60995143ad0552dcb4c383199a740b

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=1&gdprConsent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://g2.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://g2.gumgum.com/

Response headers

last-modified: Tue, 01 Jun 2021 06:44:25 GMT
etag: "1300708-2080-5c3aeac410031"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 2586
content-type: text/html; charset=UTF-8
cache-control: max-age=64888
expires: Sat, 05 Jun 2021 02:06:40 GMT
date: Fri, 04 Jun 2021 08:05:12 GMT
vary: Accept-Encoding

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame 9511 0
0 250ms
110ms Document
text/plain 67.202.110.23
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=1&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.110.23 Crown Point, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip23.67-202-110.static.steadfastdns.net
Software: 33XP005 /
Resource Hash

Request headers

:method: GET
:authority: ssc-cms.33across.com
:scheme: https
:path: /ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://g2.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://g2.gumgum.com/

Response headers

x-33x-status: 2000208
server: 33XP005
date: Fri, 04 Jun 2021 08:05:11 GMT

GET
H2 200 generic Show response
match.adsrvr.org/track/cmf/ Frame 1C88 70 B
264 B 40ms
39ms Document
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=1&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

:method: GET
:authority: match.adsrvr.org
:scheme: https
:path: /track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://g2.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: TDID=4ab078b0-6108-42ab-a233-00ff7852299c; TDCPM=CAEYBSgCMgsI7Pzj08bO0zkQBTgB
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://g2.gumgum.com/

Response headers

date: Fri, 04 Jun 2021 08:05:11 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET um
cs.emxdgt.com/ Frame C82D 0
0

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 3227
Redirect Chain

https://tg.socdm.com/aux/idsync?proto=gumgum
https://rtb.gumgum.com/usersync?b=sus&i=YLneucCo5sEAACbki9YAAAAA

35 B
237 B

50ms
49ms

Document
image/gif

54.77.19.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=sus&i=YLneucCo5sEAACbki9YAAAAA
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=1&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.19.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=sus&i=YLneucCo5sEAACbki9YAAAAA
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://g2.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://g2.gumgum.com/

Response headers

date: Fri, 04 Jun 2021 08:05:13 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

Server: nginx
Date: Fri, 04 Jun 2021 08:05:13 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: private
Location: https://rtb.gumgum.com/usersync?b=sus&i=YLneucCo5sEAACbki9YAAAAA
P3P: CP="See also http://www.scaleout.jp/privacy/"
X-SO-Ads-Time: 1
X-SO-HostName: m-ad157.dc4p.scaleout.jp
X-SO-LB-Hostname: a-tgng40003.dc2p.scaleout.jp
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":42,"gdpr":true,"ipv4":"0.0.0.0","key":"YLneucCo5sEAACbki9YAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad157"}
X-SO-Key: YLneucCo5sEAACbki9YAAAAA
X-SO-IP: 185.128.25.84
X-SO-Cluster-ID: 42
X-SO-Upstream-ID: m-ad157

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame A536
Redirect Chain

https://p.rfihub.com/cm?pub=42796&in=1
https://rtb.gumgum.com/usersync?b=zet&i=1870471595660608388

35 B
237 B

158ms
53ms

Document
image/gif

54.77.19.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=zet&i=1870471595660608388
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=1&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.19.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=zet&i=1870471595660608388
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://g2.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_86c5cf05-5e0b-4b43-b9c2-04bcdd8e0703
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://g2.gumgum.com/

Response headers

date: Fri, 04 Jun 2021 08:05:11 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

Date: Fri, 04 Jun 2021 08:05:11 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: rud=H4sIAAAAAAAAAOMSNrQwNzAxNzS1NDUzMzAzsDC2sBDiM9S11NXN9Q7zzjLzK0uT4jU0MzIytzS2NASpAwDxNXl7NAAAAA; Path=/; Domain=.rfihub.com; Expires=Wed, 29 Jun 2022 08:05:11 GMT; Secure; SameSite=None eud=H4sIAAAAAAAAAFslxmtoZmRkbmlsaWhoZmJ5ShyJb2ppCgC_dyh2IAAAAA; Path=/; Domain=.rfihub.com; Expires=Wed, 29 Jun 2022 08:05:11 GMT; Secure; SameSite=None ruds=H4sIAAAAAAAAAOMSNrQwNzAxNzS1NDUzMzAzsDC2sBDiM9S11NXN9Q7zzjLzK0sDAEBfP28lAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
Location: https://rtb.gumgum.com/usersync?b=zet&i=1870471595660608388
Content-Length: 0
Server: Jetty(9.3.29.v20201019)

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame A07D
Redirect Chain

https://creativecdn.com/cm-notify?pi=gumgum
https://creativecdn.com/cm-notify?pi=gumgum&tc=1
https://rtb.gumgum.com/usersync?b=rth&i=VE8b2iyCv3FsFO2E3sRi&pi=gumgum&tc=1

35 B
237 B

48ms
47ms

Document
image/gif

54.77.19.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=rth&i=VE8b2iyCv3FsFO2E3sRi&pi=gumgum&tc=1
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=1&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.19.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=rth&i=VE8b2iyCv3FsFO2E3sRi&pi=gumgum&tc=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://g2.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://g2.gumgum.com/

Response headers

date: Fri, 04 Jun 2021 08:05:15 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

date: Fri, 04 Jun 2021 08:05:15 GMT Fri, 04 Jun 2021 08:05:15 GMT
location: https://rtb.gumgum.com/usersync?b=rth&i=VE8b2iyCv3FsFO2E3sRi&pi=gumgum&tc=1
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-length: 0

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 7830 38 KB
14 KB 30ms
29ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/showad.js
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D

Response headers

last-modified: Tue, 11 May 2021 05:24:02 GMT
etag: "13006b6-96ca-5c2071a26cca4"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13964
content-type: text/html; charset=UTF-8
cache-control: public, max-age=114607
expires: Sat, 05 Jun 2021 15:55:19 GMT
date: Fri, 04 Jun 2021 08:05:12 GMT
vary: Accept-Encoding

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 526D 38 KB
14 KB 32ms
30ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=1&gdprConsent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/showad.js
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=1&gdprConsent=
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=1&gdprConsent=

Response headers

last-modified: Tue, 11 May 2021 05:24:02 GMT
etag: "13006b6-96ca-5c2071a26cca4"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13964
content-type: text/html; charset=UTF-8
cache-control: public, max-age=114607
expires: Sat, 05 Jun 2021 15:55:19 GMT
date: Fri, 04 Jun 2021 08:05:12 GMT
vary: Accept-Encoding

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 7830 0
39 B 29ms
28ms Script
text/plain 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=31660999&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 08:05:10 GMT
content-length: 0

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame B0F6
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YLnetvCEsFb3S_PMUvEwSwAABHIAAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YLnetvCEsFb3S_PMUvEwSwAABHIAAAAB&dcc=t

43 B
433 B

104ms
104ms

Image
image/gif

52.46.130.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YLnetvCEsFb3S_PMUvEwSwAABHIAAAAB&dcc=t
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.46.130.13 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 08:05:16 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 08:05:15 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YLnetvCEsFb3S_PMUvEwSwAABHIAAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame B0F6 70 B
264 B 39ms
37ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=39&cm_user_id=YLnetvCEsFb3S-PMUvEwSwAA&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 08:05:14 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame B0F6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YLnetvCEsFb3S_PMUvEwSwAABHIAAAAB&gdpr_consent=&us_privacy=&gdpr=1
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YLnetvCEsFb3S_PMUvEwSwAABHIAAAAB&gdpr_consent=&us_privacy=&gdpr=1&google_tc=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEKQfrjSqpWNYpjMmCnCs3s4&google_cver=1

43 B
315 B

33ms
32ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEKQfrjSqpWNYpjMmCnCs3s4&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 08:05:14 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Fri, 04 Jun 2021 08:05:14 GMT

Redirect headers

pragma: no-cache
date: Fri, 04 Jun 2021 08:05:14 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEKQfrjSqpWNYpjMmCnCs3s4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 400
Request failed due to privacy signals getuid
secure.adnxs.com/ Frame B0F6 0
0 30ms
29ms Image
text/html 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame B0F6
Redirect Chain

https://beacon.lynx.cognitivlabs.com/ix.gif
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=7f2d7f85-f194-4911-9926-f9845c2e3b30&expiration=1654329915
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=7f2d7f85-f194-4911-9926-f9845c2e3b30&expiration=1654329915&C=1

43 B
1023 B

40ms
39ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=7f2d7f85-f194-4911-9926-f9845c2e3b30&expiration=1654329915&C=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 08:05:16 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 04 Jun 2021 08:05:16 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 08:05:16 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=7f2d7f85-f194-4911-9926-f9845c2e3b30&expiration=1654329915&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 325
Expires: Fri, 04 Jun 2021 08:05:16 GMT

GET
H2 200 YLnetvCEsFb3S_PMUvEwSwAABHIAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame B0F6 43 B
587 B 34ms
32ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/YLnetvCEsFb3S_PMUvEwSwAABHIAAAAB?gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 08:05:14 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame B0F6
Redirect Chain

https://d.adroll.com/cm/index/ssp?gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0

43 B
1 KB

44ms
44ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 08:05:15 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 04 Jun 2021 08:05:15 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
date: Fri, 04 Jun 2021 08:05:15 GMT
server: nginx/1.18.0
content-length: 76

GET
H/1.1 204
No Content sync
ups.analytics.yahoo.com/ups/55940/ Frame B0F6 0
234 B 158ms
39ms Image
text/plain 18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YLnetvCEsFb3S_PMUvEwSwAABHIAAAAB&gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS/7.1.2.128 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 04 Jun 2021 08:05:14 GMT
Server: ATS/7.1.2.128
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 setuid
sync.quantumdex.io/ Frame B0F6 43 B
368 B 134ms
133ms Image
image/gif 2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=ix&uid=YLnetvCEsFb3S_PMUvEwSwAABHIAAAAB
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 08:05:14 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=WmRA2uehkZb3JQmtX4v3OS0F8%2BBuIFqlwTe7Sl0HZkZnjJYZVIEnI%2FVgEGm9ewvgwyPOxOiE1arjXVT5dMvtMBn3OW3hbkV8EKz%2F5mEK8ECOkmxIl%2FO9h8hZ73DIU2OkNp3kVqliraJgvi0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 659fa7aed9f916e6-FRA
content-length: 43
cf-request-id: 0a77a7214b000016e629273000000001

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cs.emxdgt.com
URL: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID

Verdicts & Comments Add Verdict or Comment

114 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.miui.blog/	1970-01-19 18:46:33	Name: _gat_gtag_UA_82879647_3 Value: 1
miui.blog/	1970-01-19 18:46:41	Name: __vliIPL Value: {"value":["2a01:4f8:192:5414::2"],"expiredAt":1622801104614}
.miui.blog/	1970-01-19 18:48:00	Name: _gid Value: GA1.2.1874762472.1622793905
.miui.blog/	1970-01-20 12:17:45	Name: _ga Value: GA1.2.875348142.1622793905

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn.miui.blog/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2(Line 2) Message: JQMIGRATE: Migrate is installed, version 3.3.2
console-api	error	URL: https://assets.vlitag.com/plugins/cmptcf2/cmp-v2.0.1.js(Line 439) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://assets.vlitag.com/prebid/default/prebid-v4.38.0.js(Line 1) Message: fun-hooks: referenced 'registerAdserver' but it was never created
console-api	log	URL: https://tag.vlitag.com/v1/1622714986/884cee56d9bcf8a9bbc70005893b25a5.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	log	URL: https://tag.vlitag.com/v1/1622714986/884cee56d9bcf8a9bbc70005893b25a5.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5cd9518feaf10d5358376384dfbd6d28.safeframe.googlesyndication.com
aa.agkn.com
aax-eu.amazon-adsystem.com
ad.360yield.com
ads.betweendigital.com
ads.pubmatic.com
ads.servenobid.com
ads.us.e-planning.net
adservice.google.com
adservice.google.de
ap.lijit.com
assets.vlitag.com
b1sync.zemanta.com
bcp.crwdcntrl.net
beacon.krxd.net
beacon.lynx.cognitivlabs.com
bh.contextweb.com
bidder.criteo.com
bn01.er.bemail.it
c1.adform.net
c2shb.ssp.yahoo.com
cdn.jsdelivr.net
cdn.miui.blog
cm.g.doubleclick.net
cms.analytics.yahoo.com
code.createjs.com
creativecdn.com
cs.admanmedia.com
cs.emxdgt.com
d.adroll.com
dmp.adform.net
dmp.theadex.com
dmp.v.fwmrm.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eu-u.openx.net
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
idsync.frontend.weborama.fr
image6.pubmatic.com
imasdk.googleapis.com
jadserve.postrelease.com
loadeu.exelator.com
match.adsrvr.org
match.deepintent.com
media.vlitag.com
miui.blog
ms.quantumdex.io
mwzeom.zeotap.com
nep.advangelists.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
odr.mookie1.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
pixel.33across.com
pixel.advertising.com
pixel.mathtag.com
pixel.tapad.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
public.servenobid.com
r5---sn-4g5edns6.googlevideo.com
redirector.googlevideo.com
rtb.gumgum.com
s.amazon-adsystem.com
s0.2mdn.net
secure.adnxs.com
securepubads.g.doubleclick.net
services.vlitag.com
spl.zeotap.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssum-sec.casalemedia.com
stackpath.bootstrapcdn.com
static.criteo.net
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.quantumdex.io
sync.richaudience.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
sync.tidaltv.com
tag.vlitag.com
tags.bluekai.com
tg.socdm.com
tpc.googlesyndication.com
trc.taboola.com
u-ams02.e-planning.net
uk1.fastandroid.download
ups.analytics.yahoo.com
us-u.openx.net
useast.quantumdex.io
usermatch.krxd.net
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
cs.emxdgt.com
136.144.59.88
142.250.181.226
142.250.184.194
142.250.185.226
151.1.205.165
151.101.114.49
168.119.146.39
169.197.150.7
178.162.133.149
178.250.2.131
18.156.0.31
18.184.153.186
18.198.69.109
18.203.106.177
184.30.20.207
185.183.112.148
185.184.8.65
185.29.135.233
185.59.220.194
185.64.190.78
185.86.139.103
193.0.160.128
193.122.130.38
198.148.27.139
199.232.137.44
2.18.233.180
2.18.234.21
202.241.208.57
212.82.100.182
213.19.147.44
23.111.200.117
23.45.99.241
2600:1f18:6593:f602:4d5e:ab92:54cb:6c57
2606:4700:10::6816:1857
2606:4700:20::681a:34e
2606:4700:20::ac43:4597
2606:4700:3034::ac43:cb41
2606:4700::6812:acf
2620:1ec:48::67
2a00:1288:110:c305::8000
2a00:1450:4001:6d::a
2a00:1450:4001:801::2002
2a00:1450:4001:802::2002
2a00:1450:4001:803::2001
2a00:1450:4001:803::2002
2a00:1450:4001:803::2006
2a00:1450:4001:809::2001
2a00:1450:4001:809::2003
2a00:1450:4001:809::2004
2a00:1450:4001:80f::2002
2a00:1450:4001:811::200e
2a00:1450:4001:828::200a
2a00:1450:4001:82a::2008
2a00:1450:4001:831::2002
2a00:1450:4001:831::200a
2a00:1450:4001:831::200e
2a02:2638:1::13
2a02:2638:1::3
2a02:26f0:6c00::210:ba1a
2a04:4e42:1b::621
2a05:d018:24:b002:ebbe:4057:3491:6f67
3.91.110.183
34.226.132.24
34.236.212.156
34.239.198.206
34.254.85.82
34.98.67.61
35.157.168.25
35.178.117.251
35.201.81.244
35.227.248.159
35.244.159.8
37.157.6.253
37.252.173.27
46.249.52.248
51.89.9.252
52.208.103.128
52.208.210.171
52.28.203.152
52.46.130.13
52.48.65.146
52.58.236.252
52.95.116.38
54.170.215.80
54.173.100.33
54.246.172.223
54.77.19.59
54.87.192.123
64.202.112.191
67.202.110.23
70.42.32.159
72.251.249.13
76.223.111.131
85.114.159.93
88.214.206.247
89.163.159.104
94.130.151.18
018ebd8a1ce51b1b47a9470603ce8a7ccdad7c2a19618c2fcf2cdb51400a35bc
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0406a91b492632e08e3e6eabbc919823dfe97dd296911d1d88342b785dfe27bc
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cf56e637f3bcb035fc496ae264ae9ace595b1ee7f4ee5420cbae70126c32bd9
11d71fc112df3977b9562151e6c75ce860c42779dddcc79af1d0a07366cd44d3
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74
1eceda0aac3a25fba204008e15abc182f0a6f14e6c7e448d8ed2509a2eccdedf
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223
242c72a4eb7b279e72a488813153e62a443d82ae9c7e297858fd3e3f4b1b812c
24a104ef6529cb9bbceaeca4e037ecf14d40db5207009ac23e8224703fa11bb8
268d81a69a9e1910b84cf74017fba73517adac9e466f83ba8f264da82e07e74d
27466895d3e9250f3d0ae0e726f72b8a5c23e2aa83f9caaaf99dcb9f18fcac4c
2ac10d374c5298f4be6f4a2efd9e585b3342dee950b5ad900a9769e2f62705d8
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
31370f14534e5bb78d3da68b6cf0e72369feea1bd68aaeac1b61d07094aa1deb
33e99eab4ab61afd2bbf6eb1236c731005bf5e633513306a46b6ceac3ca1ba4c
351c16469a540f02b91600bda25088bf1f4ca41d47e5a3b46a79e3e915f1c766
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
3b881ed293bcbd0a836ce1da1f039a7652af514141e6938da37cd27c97279d72
3e3ae924112de9098a173b4903d406f76c12f625d1b1ad97428f952ecf2faa44
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ff1a53e50a716e94e9663a38493cd6b12eb4ac524fb69f7de623f8ec508e087
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48ccd98f7a54a86f780caba6c22847d2f7c20568c2cd6d08264cb7c9d5e257e1
48eb46a2c1c327e958d2dad516e508996c8cfc0d11bdbe24babf512afd0b52bd
4a19ad93b8c725e7f19dcc851248a683bffb63243553bb91f6fafd3bc41302a6
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
530c865512f3cb31bbf16f61fa7f8e5fa5bf1a9db96fe2f34d5aceb292856320
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55af2c37b183312d14ff01ec9b01350808819ca5e9bd1b1a3b273ec9641c01c4
575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e
57a50c99a31ef4e89e86664e96f6dfbdde163a2eb96e88b3b492c49aa4be2f37
58694600a9bb19ab424e8752ab649f1365563963d2541becd627f15045a107aa
5aaeaa0c9f84a9043057a9e63fa52736619abd9cc0f1731e09fa768477b057a2
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5db53bf6a77148dae0aece6b6512e4a6bf94603af72e449a0f23ed03e8b96ff3
5f3f9165bdb3164d4370d9b936dbee1d1bfd3b8a107349a37cecc735bd980405
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
645c745c972fa286538b481ff3da9a58bf2a8b2fba6b8a195853f6d221a4775e
64fce9d17c5101524a6ee73191a1c97a2e47ddc83aed06b5bd22d5c898efd52b
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
6a9f4a4cc23bbe232be7f4ca796c9cf6f5edeabb85c1332a077df626c084cf4e
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6dcdae50c45cb56cb6ae85e7f98cd603edab430fed7d962809da175903cbb80f
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
7512ae62108af074eaa90622e9df04625f120ecf4a909443fa6dc1a2b071c7a1
76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
79c50f0d74e44a35d7a9270c4ed6679e1e030d139622304b343f517af0e85654
803c0b1898318311136897de06327e9226b42c381786098070a906c693cf96bc
846a1122be617a4fa37bf15f1a5c7db750c37d330048b163c9b7b00c8aa771f4
84d99e29db588c0dd40abd0597c058b3fcd575c4c8bc2f98020fdc1fe3c46cdd
85e1be533dbdd83a22910cbee29a4d1f49d3e8d201f5f480517ecfd6bd282965
8b1d9e48db55e1673d443ef8a872a9fd41a3b411cb5ae66cc9698222ab43dce8
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
94a1096d4ddd1232128b8a52859680031fd1aa9df3bec2a6e25e7cf4ffd95282
94ada01275df73eb7df839d145593c3214a96730ee15c93e658175e4222c0719
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
982d34951038f20a2cfd09cb3fb85a55ccecd7016b73a10f5bac83cdc5d55fee
9a524d377a6d328f1d94a9cbb1189e2ccf7c4e164f58d11e8c9132ee9461e095
9ba5d43c9dd36a944737e8c670e3d0e730fdf7fa511181cb72767a7d3240fffc
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ac159ba83a3577f07427d7f4c30bc2b10e332709a3c9dc9e0df556811a07862f
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
adeacac4167dc188f54213893f0444ea5d60995143ad0552dcb4c383199a740b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3c82e9eb58ff3f9f294d2f65bdaa1e7ad9c4226aa09970d76ce18106d9c13a3
b6499b477583d27805fe0cba8249540dcf41778ab911c091dcf475eae304de08
b8341f341848ee9eec71870d976b0895ef1084190c2e0b0349d2ba1c9b9ef64e
b8e149178358873942c6a434f9ae62dd952769a87c2abdf7e659c129acd398fd
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
bf56d0c6b86f69d3f6dfb156399577c16da981c390a16d26c7752ed85bc38ac4
c103e9952d8205b6a9c4f3ec2a32e30ade8bf51bf63fc3bcb32c7328b4a9c9a6
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c5ecd098fa8552ac9a1823dac63e428ea6c73ec3f7a2a62ea029b9709239c959
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
d406d2bbf939a44020ef6d332f491c4cb50632d0bf1189eebabdded5c697de81
d5374a45e50b24e0912f173194d13f34f7338e431a0dd26cb25190f362aa7466
dbeb241324f4c3e889518c86ec74c1f6f634fff0c6f23f8c5af28273b8f31112
dcf27db433b6458706b5ac5c5c400cc4d66531e8e5658a74496949df98ccb232
dd40f3e26baac6d93b92df01cacfcdd5f01ff58cce5e14dc260524617c52db57
e2d67488066c12ac9e54eb586f2d1a0826c60c330de66c369020c13c4b635ccb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7f3e6a28477ac3203018c4b005d33fc4942966bd09bd4407aabc41ed9c95a6b
e9217d029d0d57cfd2eb6cb2b0d26993538b76932939f9862e5aa505350d3c2f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1ec354b805ad520082c3b2f746892e5d2fbae1d98ce92d06cea57698a1b7dca
f40f704c7dd0e606d925f045946c0a23bdd84d38ec91a34d6a7b487feb251e86
f41975d33c9ebcb132537abc6f81c6f101187abbd4ac44e64aff94186893a0c8
f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df
f834ed5f735a1ddb17d2cd03957d4874d62d53f201b543345861ac96b588fa58
f8bd4b68a45676a56db8bdb60ce594671cb1fdd3503db89f3b965b5101f54709
f9bedb63ea2288d63b47fd92158e2e52262249680a55aa37b0ea1dcfcdfa9bb6
fba6d826607f8740cbaa6097a614c18399e0cca5e92973ff8a91be9524b4fa62
ff17fae67a8461e89b15329dfc863d7c1f75dcc594b897d5cbcc1cc2a3323cfc

miui.blog Open in urlscan Pro 94.130.151.18 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

199 Requests

99 %HTTPS

30 %IPv6

80 Domains

111 Subdomains

68 IPs

10 Countries

2451 kBTransfer

5184 kBSize

4 Cookies

2 Outgoing links

Page URL History

Redirected requests

199 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

miui.blog Open in urlscan Pro
94.130.151.18 Public Scan

Screenshot
Live screenshot

Full Image

199
Requests

99 %
HTTPS

30 %
IPv6

80
Domains

111
Subdomains

68
IPs

10
Countries

2451 kB
Transfer

5184 kB
Size

4
Cookies

199 HTTP transactions
1 data transactions