theblemish.com Open in urlscan Pro
104.21.234.188 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://theblemish.com/
Effective URL:
https://theblemish.com/
Submission: On June 18 via manual (June 18th 2021, 7:29:38 pm UTC) from US

Summary HTTP 234 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 66 IPs in 10 countries across 72 domains to perform 234 HTTP transactions. The main IP is 104.21.234.188, located in United States and belongs to CLOUDFLARENET, US. The main domain is theblemish.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 5th 2021. Valid for: a year.

This is the only time theblemish.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 28	104.21.234.188 104.21.234.188	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
9	2606:4700:10:... 2606:4700:10::6816:1758	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2606:4700:10:... 2606:4700:10::6814:a25	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1 1	2a03:2880:f21... 2a03:2880:f21c:81c4:face:b00c:0:43fe	32934 (FACEBOOK) (FACEBOOK)
1 2	2a03:2880:f21... 2a03:2880:f21c:81e5:face:b00c:0:4420	32934 (FACEBOOK) (FACEBOOK)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
2	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	151.101.13.44 151.101.13.44	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
7	3.229.52.31 3.229.52.31	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1 3	65.9.77.30 65.9.77.30	16509 (AMAZON-02) (AMAZON-02)
3	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:400c:c01::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 32	2606:4700:20:... 2606:4700:20::681a:34e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	136.144.59.88 136.144.59.88	54825 (PACKET) (PACKET)
2	178.162.133.150 178.162.133.150	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
4	37.252.172.250 37.252.172.250	29990 (ASN-APPNEX) (ASN-APPNEX)
2	185.184.8.65 185.184.8.65	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
2 7	46.249.52.249 46.249.52.249	50673 (SERVERIUS-AS) (SERVERIUS-AS)
2	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	151.101.14.110 151.101.14.110	54113 (FASTLY) (FASTLY)
2	162.247.242.21 162.247.242.21	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
2	2606:4700:10:... 2606:4700:10::ac43:1faa	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:e2:... 2606:4700:e2::ac40:8127	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6814:b25	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.48.181.137 52.48.181.137	16509 (AMAZON-02) (AMAZON-02)
12 15	185.33.221.13 185.33.221.13	29990 (ASN-APPNEX) (ASN-APPNEX)
1	185.86.137.114 185.86.137.114	201081 (SMARTADSE...) (SMARTADSERVER)
2	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
34	2606:4700:10:... 2606:4700:10::ac43:db6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 4	72.251.249.13 72.251.249.13	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1 1	2a00:7c80:0:1... 2a00:7c80:0:120::2	49981 (WORLDSTREAM) (WORLDSTREAM)
3 3	213.19.147.44 213.19.147.44	26120 (RHYTHMONE) (RHYTHMONE)
6 8	13.248.242.197 13.248.242.197	16509 (AMAZON-02) (AMAZON-02)
8 8	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
4 6	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
2	37.157.2.238 37.157.2.238	198622 (ADFORM) (ADFORM)
2	199.232.137.44 199.232.137.44	54113 (FASTLY) (FASTLY)
2	2600:1f18:659... 2600:1f18:6593:f602:82a0:df8e:67ea:6e72	14618 (AMAZON-AES) (AMAZON-AES)
3	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4 4	2a05:d018:24:... 2a05:d018:24:b002:ebbe:4057:3491:6f67	16509 (AMAZON-02) (AMAZON-02)
4 4	52.17.93.232 52.17.93.232	16509 (AMAZON-02) (AMAZON-02)
2	54.78.254.47 54.78.254.47	16509 (AMAZON-02) (AMAZON-02)
2 2	151.1.205.165 151.1.205.165	3242 (ASN-ITNET) (ASN-ITNET)
2 2	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
4 4	35.201.81.244 35.201.81.244	15169 (GOOGLE) (GOOGLE)
2	89.163.159.103 89.163.159.103	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
5 6	54.194.226.253 54.194.226.253	16509 (AMAZON-02) (AMAZON-02)
2 2	212.82.100.182 212.82.100.182	34010 (YAHOO-IRD) (YAHOO-IRD)
2 2	3.127.52.31 3.127.52.31	16509 (AMAZON-02) (AMAZON-02)
2	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
4	34.246.41.247 34.246.41.247	16509 (AMAZON-02) (AMAZON-02)
2	168.119.149.178 168.119.149.178	24940 (HETZNER-AS) (HETZNER-AS)
4 4	151.101.14.49 151.101.14.49	54113 (FASTLY) (FASTLY)
2 2	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	107.21.231.45 107.21.231.45	14618 (AMAZON-AES) (AMAZON-AES)
2 4	52.95.123.167 52.95.123.167	16509 (AMAZON-02) (AMAZON-02)
2 2	23.45.99.241 23.45.99.241	16625 (AKAMAI-AS) (AKAMAI-AS)
2	54.170.215.80 54.170.215.80	16509 (AMAZON-02) (AMAZON-02)
4	178.162.133.149 178.162.133.149	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
4 4	198.148.27.139 198.148.27.139	19189 (PULSEPOINT) (PULSEPOINT)
4 4	18.184.153.186 18.184.153.186	16509 (AMAZON-02) (AMAZON-02)
6 8	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
2 2	35.170.112.41 35.170.112.41	14618 (AMAZON-AES) (AMAZON-AES)
4 4	188.42.191.196 188.42.191.196	7979 (SERVERS-COM) (SERVERS-COM)
2 2	88.214.206.142 88.214.206.142	46636 (NATCOWEB) (NATCOWEB)
2	51.89.9.251 51.89.9.251	16276 (OVH) (OVH)
2	67.202.110.21 67.202.110.21	32748 (STEADFAST) (STEADFAST)
4 13	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
2 4	52.94.232.32 52.94.232.32	16509 (AMAZON-02) (AMAZON-02)
2 2	51.178.20.140 51.178.20.140	16276 (OVH) (OVH)
2 2	2a02:fa8:8806... 2a02:fa8:8806:16::1370	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1	2606:4700:20:... 2606:4700:20::681a:bd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.171.36.131 35.171.36.131	14618 (AMAZON-AES) (AMAZON-AES)
234	66

28 104.21.234.188 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

theblemish.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
files.theblemish.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:10::6816:1758 (United States)

ASN13335 (CLOUDFLARENET, US)

services.bilsyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
biltag.bilsyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.bilsyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stats.bilsyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6814:a25 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ads.ayads.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sac.ayads.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f21c:81c4:face:b00c:0:43fe (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

platform.instagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f21c:81e5:face:b00c:0:4420 (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

www.instagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.13.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 3.229.52.31 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

antenna-us.ayads.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 65.9.77.30 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c01::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2606:4700:20::681a:34e (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

useast.quantumdex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.quantumdex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ms.quantumdex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 136.144.59.88 (Secaucus, United States)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.162.133.150 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-apex.go.sonobi.com

apex.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.172.250 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs-simple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 46.249.52.249 (Netherlands) 2 redirects

ASN50673 (SERVERIUS-AS, NL)

ads.us.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u-ams02.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.14.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.242.21 (United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-9.nr-data.net

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::ac43:1faa (United States)

ASN13335 (CLOUDFLARENET, US)

biltag.bilsyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:e2::ac40:8127 (United States)

ASN13335 (CLOUDFLARENET, US)

worldstatistics.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:b25 (United States)

ASN13335 (CLOUDFLARENET, US)

geoworker.ayads.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.48.181.137 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

optchk.ayads.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 185.33.221.13 (Amsterdam, Netherlands) 12 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.137.114 (France)

ASN201081 (SMARTADSERVER, FR)

www8.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 72.251.249.13 (Amsterdam, Netherlands) 4 redirects

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:7c80:0:120::2 (Netherlands) 1 redirects

ASN49981 (WORLDSTREAM, NL)

ufo.approximity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.44 (United Kingdom) 3 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 13.248.242.197 (United States) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 216.58.212.130 (Mountain View, United States) 8 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.227.248.159 (Kansas City, United States) 4 redirects

ASN15169 (GOOGLE, US)

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.2.238 (Denmark)

ASN198622 (ADFORM, DK)

dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.232.137.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:6593:f602:82a0:df8e:67ea:6e72 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dmp.v.fwmrm.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a05:d018:24:b002:ebbe:4057:3491:6f67 (Dublin, Ireland) 4 redirects

ASN16509 (AMAZON-02, US)

sync.tidaltv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.17.93.232 (Dublin, Ireland) 4 redirects

ASN16509 (AMAZON-02, US)

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.78.254.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com

loadeu.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.1.205.165 (Bellagio, Italy) 2 redirects

ASN3242 (ASN-ITNET, IT)

bn01.er.bemail.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.114.159.93 (Germany) 2 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.201.81.244 (Kansas City, United States) 4 redirects

ASN15169 (GOOGLE, US)

idsync.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.163.159.103 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

dmp.theadex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.194.226.253 (Dublin, Ireland) 5 redirects

ASN16509 (AMAZON-02, US)

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.82.100.182 (United Kingdom) 2 redirects

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.127.52.31 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.246.41.247 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 168.119.149.178 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.178.149.119.168.clients.your-server.de

sync.richaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.14.49 (Frankfurt am Main, Germany) 4 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.233.201 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.21.231.45 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.95.123.167 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.45.99.241 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-99-241.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.170.215.80 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.162.133.149 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 198.148.27.139 (New York, United States) 4 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.184.153.186 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 3.126.56.137 (Frankfurt am Main, Germany) 6 redirects

ASN16509 (AMAZON-02, US)

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.170.112.41 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)

nep.advangelists.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 188.42.191.196 (Luxembourg) 4 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.214.206.142 (United Kingdom) 2 redirects

ASN46636 (NATCOWEB, US)

cs.admanmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.89.9.251 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 67.202.110.21 (Crown Point, United States)

ASN32748 (STEADFAST, US)
PTR: ip21.67-202-110.static.steadfastdns.net

ssc-cms.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2.18.234.21 (Frankfurt am Main, Germany) 4 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.94.232.32 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.178.20.140 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: ns31193670.ip-51-178-20.eu

gu.dyntrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:fa8:8806:16::1370 (United States) 2 redirects

ASN41041 (VCLK-EU-SE, US)

casale-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.171.36.131 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

rtb.adentifi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	zeotap.com spl.zeotap.com mwzeom.zeotap.com	10 KB
32	quantumdex.io 2 redirects useast.quantumdex.io sync.quantumdex.io ms.quantumdex.io	13 KB
28	theblemish.com 1 redirects theblemish.com files.theblemish.com	1 MB
15	adnxs.com 12 redirects ib.adnxs.com	12 KB
13	casalemedia.com 4 redirects ssum-sec.casalemedia.com dsum-sec.casalemedia.com dsum.casalemedia.com	13 KB
11	ayads.co 1 redirects ads.ayads.co sac.ayads.co antenna-us.ayads.co geoworker.ayads.co optchk.ayads.co	109 KB
11	bilsyndication.com services.bilsyndication.com biltag.bilsyndication.com assets.bilsyndication.com stats.bilsyndication.com	322 KB
10	yahoo.com 8 redirects cms.analytics.yahoo.com ups.analytics.yahoo.com	7 KB
10	doubleclick.net 8 redirects stats.g.doubleclick.net securepubads.g.doubleclick.net cm.g.doubleclick.net	116 KB
8	amazon-adsystem.com 4 redirects aax-eu.amazon-adsystem.com s.amazon-adsystem.com	4 KB
8	adsrvr.org 6 redirects match.adsrvr.org	4 KB
7	e-planning.net 2 redirects ads.us.e-planning.net u-ams02.e-planning.net sync.e-planning.net	3 KB
7	google-analytics.com www.google-analytics.com	75 KB
6	krxd.net 2 redirects beacon.krxd.net usermatch.krxd.net	2 KB
6	crwdcntrl.net 5 redirects bcp.crwdcntrl.net	3 KB
6	tapad.com 4 redirects pixel.tapad.com	3 KB
6	sonobi.com apex.go.sonobi.com sync.go.sonobi.com	3 KB
5	pubmatic.com image6.pubmatic.com ads.pubmatic.com	11 KB
4	betweendigital.com 4 redirects ads.betweendigital.com	2 KB
4	advertising.com 4 redirects pixel.advertising.com	1 KB
4	contextweb.com 4 redirects bh.contextweb.com	2 KB
4	everesttech.net 4 redirects sync-tm.everesttech.net	1 KB
4	weborama.fr 4 redirects idsync.frontend.weborama.fr	1 KB
4	demdex.net 4 redirects dpm.demdex.net	4 KB
4	tidaltv.com 4 redirects sync.tidaltv.com	2 KB
4	lijit.com 4 redirects ap.lijit.com	2 KB
4	adnxs-simple.com ib.adnxs-simple.com	3 KB
4	taboola.com cdn.taboola.com trc.taboola.com	144 KB
4	facebook.net connect.facebook.net	174 KB
3	criteo.com bidder.criteo.com gum.criteo.com	2 KB
3	facebook.com www.facebook.com	400 B
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	3 KB
3	instagram.com 2 redirects platform.instagram.com www.instagram.com	5 KB
3	googleapis.com fonts.googleapis.com ajax.googleapis.com imasdk.googleapis.com	147 KB
2	dotomi.com 2 redirects casale-match.dotomi.com	373 B
2	dyntrk.com 2 redirects gu.dyntrk.com	850 B
2	33across.com ssc-cms.33across.com
2	onetag-sys.com onetag-sys.com	2 KB
2	admanmedia.com 2 redirects cs.admanmedia.com	802 B
2	advangelists.com 2 redirects nep.advangelists.com	447 B
2	imrworldwide.com obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com	75 B
2	bluekai.com 2 redirects tags.bluekai.com	692 B
2	mathtag.com 2 redirects pixel.mathtag.com	1 KB
2	richaudience.com sync.richaudience.com	720 B
2	mookie1.com odr.mookie1.com	430 B
2	agkn.com 2 redirects aa.agkn.com	765 B
2	theadex.com dmp.theadex.com	756 B
2	adition.com 2 redirects dsp.adfarm1.adition.com	1 KB
2	bemail.it 2 redirects bn01.er.bemail.it	1 KB
2	exelator.com loadeu.exelator.com	648 B
2	fwmrm.net dmp.v.fwmrm.net	822 B
2	adform.net dmp.adform.net	661 B
2	1rx.io 2 redirects sync.1rx.io	1 KB
2	criteo.net static.criteo.net	52 KB
2	worldstatistics.live worldstatistics.live	54 KB
2	nr-data.net bam.nr-data.net	456 B
2	creativecdn.com prebid-eu.creativecdn.com	352 B
2	a-mo.net prebid.a-mo.net	599 B
2	google.de ampcid.google.de www.google.de	1003 B
2	google.com ampcid.google.com www.google.com	1 KB
2	gstatic.com fonts.gstatic.com	60 KB
2	googletagmanager.com www.googletagmanager.com	67 KB
2	wp.com stats.wp.com pixel.wp.com	3 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com	70 KB
1	adentifi.com rtb.adentifi.com	88 B
1	ad4m.at ad4m.at
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com	490 B
1	approximity.com 1 redirects ufo.approximity.com	280 B
1	smartadserver.com www8.smartadserver.com	330 B
1	newrelic.com js-agent.newrelic.com	12 KB
1	jsdelivr.net cdn.jsdelivr.net	1 KB
1	googletagservices.com www.googletagservices.com	21 KB
234	72

	Domain	Requested by
28	mwzeom.zeotap.com	spl.zeotap.com
28	sync.quantumdex.io	assets.bilsyndication.com sync.quantumdex.io ssum-sec.casalemedia.com
17	files.theblemish.com	theblemish.com
15	ib.adnxs.com	12 redirects ads.ayads.co spl.zeotap.com
11	theblemish.com	1 redirects theblemish.com
8	ups.analytics.yahoo.com	6 redirects ssum-sec.casalemedia.com
8	cm.g.doubleclick.net	8 redirects
8	match.adsrvr.org	6 redirects ssum-sec.casalemedia.com
7	antenna-us.ayads.co	theblemish.com
7	www.google-analytics.com	theblemish.com www.google-analytics.com www.googletagmanager.com
6	ssum-sec.casalemedia.com	2 redirects sync.quantumdex.io ssum-sec.casalemedia.com
6	bcp.crwdcntrl.net	5 redirects ssum-sec.casalemedia.com
6	pixel.tapad.com	4 redirects spl.zeotap.com
6	spl.zeotap.com	assets.bilsyndication.com spl.zeotap.com
5	dsum-sec.casalemedia.com	2 redirects ssum-sec.casalemedia.com
4	s.amazon-adsystem.com	2 redirects ssum-sec.casalemedia.com
4	ads.betweendigital.com	4 redirects
4	pixel.advertising.com	4 redirects
4	bh.contextweb.com	4 redirects
4	sync.go.sonobi.com	sync.quantumdex.io
4	aax-eu.amazon-adsystem.com	2 redirects
4	sync-tm.everesttech.net	4 redirects
4	beacon.krxd.net	spl.zeotap.com
4	idsync.frontend.weborama.fr	4 redirects
4	dpm.demdex.net	4 redirects
4	sync.tidaltv.com	4 redirects
4	ap.lijit.com	4 redirects
4	ads.us.e-planning.net	2 redirects theblemish.com
4	ib.adnxs-simple.com	assets.bilsyndication.com
4	assets.bilsyndication.com	biltag.bilsyndication.com
4	connect.facebook.net	theblemish.com connect.facebook.net
3	image6.pubmatic.com	spl.zeotap.com ads.pubmatic.com
3	biltag.bilsyndication.com	services.bilsyndication.com biltag.bilsyndication.com
3	www.facebook.com	theblemish.com connect.facebook.net
3	sb.scorecardresearch.com	1 redirects cdn.taboola.com theblemish.com
2	dsum.casalemedia.com	ssum-sec.casalemedia.com
2	casale-match.dotomi.com	2 redirects
2	gu.dyntrk.com	2 redirects
2	ads.pubmatic.com	sync.quantumdex.io
2	ssc-cms.33across.com	sync.quantumdex.io
2	onetag-sys.com	sync.quantumdex.io
2	cs.admanmedia.com	2 redirects
2	nep.advangelists.com	2 redirects
2	ms.quantumdex.io	2 redirects
2	obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com	spl.zeotap.com
2	tags.bluekai.com	2 redirects
2	usermatch.krxd.net	2 redirects
2	pixel.mathtag.com	2 redirects
2	sync.richaudience.com	spl.zeotap.com
2	odr.mookie1.com	spl.zeotap.com
2	aa.agkn.com	2 redirects
2	cms.analytics.yahoo.com	2 redirects
2	dmp.theadex.com	spl.zeotap.com
2	dsp.adfarm1.adition.com	2 redirects
2	bn01.er.bemail.it	2 redirects
2	loadeu.exelator.com	spl.zeotap.com
2	dmp.v.fwmrm.net	spl.zeotap.com
2	trc.taboola.com	spl.zeotap.com
2	dmp.adform.net	spl.zeotap.com
2	sync.1rx.io	2 redirects
2	u-ams02.e-planning.net
2	static.criteo.net	assets.bilsyndication.com static.criteo.net
2	worldstatistics.live	biltag.bilsyndication.com worldstatistics.live
2	stats.bilsyndication.com	biltag.bilsyndication.com
2	bam.nr-data.net	js-agent.newrelic.com
2	bidder.criteo.com	assets.bilsyndication.com
2	prebid-eu.creativecdn.com	assets.bilsyndication.com
2	apex.go.sonobi.com	assets.bilsyndication.com
2	prebid.a-mo.net	assets.bilsyndication.com
2	useast.quantumdex.io	assets.bilsyndication.com
2	fonts.gstatic.com	fonts.googleapis.com
2	cdn.taboola.com	theblemish.com cdn.taboola.com
2	www.googletagmanager.com	theblemish.com biltag.bilsyndication.com
2	www.instagram.com	1 redirects theblemish.com
2	services.bilsyndication.com	theblemish.com services.bilsyndication.com
2	maxcdn.bootstrapcdn.com	theblemish.com maxcdn.bootstrapcdn.com
1	rtb.adentifi.com	ssum-sec.casalemedia.com
1	ad4m.at	ssum-sec.casalemedia.com
1	sync.e-planning.net
1	sync.targeting.unrulymedia.com	1 redirects
1	ufo.approximity.com	1 redirects
1	gum.criteo.com	static.criteo.net
1	www8.smartadserver.com	ads.ayads.co
1	optchk.ayads.co	ads.ayads.co
1	geoworker.ayads.co	ads.ayads.co
1	js-agent.newrelic.com	theblemish.com
1	cdn.jsdelivr.net	assets.bilsyndication.com
1	securepubads.g.doubleclick.net	www.googletagservices.com
1	pixel.wp.com	theblemish.com
1	www.google.de	theblemish.com
1	www.google.com	theblemish.com
1	imasdk.googleapis.com	biltag.bilsyndication.com
1	www.googletagservices.com	biltag.bilsyndication.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	ampcid.google.de	www.google-analytics.com
1	ampcid.google.com	www.google-analytics.com
1	stats.wp.com	theblemish.com
1	platform.instagram.com	1 redirects
1	ajax.googleapis.com	theblemish.com
1	sac.ayads.co	theblemish.com
1	ads.ayads.co	1 redirects
1	fonts.googleapis.com	theblemish.com
234	102

This site contains links to these domains. Also see Links.

Domain
www.patreon.com
www.facebook.com
twitter.com

Subject Issuer	Validity	Valid
theblemish.com Cloudflare Inc ECC CA-3	`2021-06-05` - `2022-06-04`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-03-01` - `2022-02-28`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-05-24` - `2021-08-16`	3 months	crt.sh
bilsyndication.com Cloudflare Inc ECC CA-3	`2021-06-08` - `2022-06-07`	a year	crt.sh
*.ayads.co DigiCert SHA2 Secure Server CA	`2020-06-01` - `2022-08-04`	2 years	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.www.instagram.com DigiCert SHA2 High Assurance Server CA	`2021-05-02` - `2021-07-31`	3 months	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-05-26` - `2021-08-24`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-05-24` - `2021-08-16`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.a-mo.net R3	`2021-05-11` - `2021-08-09`	3 months	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2020-12-06` - `2022-01-07`	a year	crt.sh
*.adnxs-simple.com GeoTrust ECC CA 2018	`2021-03-17` - `2022-03-15`	a year	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-30` - `2022-04-12`	a year	crt.sh
ads.us.e-planning.net R3	`2021-05-24` - `2021-08-22`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-04-14` - `2021-07-12`	3 months	crt.sh
f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-05-21` - `2022-04-10`	a year	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-04-14` - `2021-07-12`	3 months	crt.sh
*.e-planning.net R3	`2021-06-04` - `2021-09-02`	3 months	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
*.v.fwmrm.net DigiCert TLS RSA SHA256 2020 CA1	`2020-11-17` - `2021-12-18`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2020-12-07` - `2021-12-14`	a year	crt.sh
*.exelator.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-02` - `2022-06-07`	a year	crt.sh
*.tapad.com DigiCert SHA2 Secure Server CA	`2020-10-05` - `2021-11-06`	a year	crt.sh
*.theadex.com GeoTrust RSA CA 2018	`2019-10-11` - `2021-10-10`	2 years	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-22` - `2022-03-25`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-01-13` - `2022-01-07`	a year	crt.sh
*.richaudience.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-17` - `2022-03-16`	a year	crt.sh
aax-eu.amazon-adsystem.com Amazon	`2021-04-09` - `2022-03-20`	a year	crt.sh
*.redinuid.imrworldwide.com Amazon	`2021-06-08` - `2022-07-07`	a year	crt.sh
onetag-sys.com R3	`2021-05-02` - `2021-07-31`	3 months	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-01` - `2021-09-30`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
s.amazon-adsystem.com Amazon	`2020-08-28` - `2021-08-20`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2021-04-29` - `2022-05-31`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-03-22` - `2021-09-15`	6 months	crt.sh
adentifi.com Amazon	`2020-10-02` - `2021-11-02`	a year	crt.sh

This page contains 20 frames:

Primary Page: https://theblemish.com/
Frame ID: D5775AA4815C01B3ABF6AF19A84BF661
Requests: 104 HTTP requests in this frame

Frame: https://biltag.bilsyndication.com/passbacktarget/1624034661/?t=iframe&pbID=7&d=1002&z=2393&divID=vi_10022393_830&w=300&h=250
Frame ID: B7A2EDB411A453683C09B53A552053C5
Requests: 2 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=UA-128776493-30
Frame ID: C742CEDB4537733C6C87B6E9BA829A8C
Requests: 4 HTTP requests in this frame

Frame: https://biltag.bilsyndication.com/passback/?t=1624034661&d=1002&z=2417&divID=vi_10022417_430&w=300&h=600
Frame ID: ECBAD04A93A257324339B78FF07D2176
Requests: 2 HTTP requests in this frame

Frame: https://worldstatistics.live/bn.php?size=300x250
Frame ID: 8976051557C87FBC0D045B6957CC3C61
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=theblemish.com&gdpr=1&gdpr_consent=
Frame ID: CACC50EAE658A1ADFD6AA801F331E3A5
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c292db97-5755-4c20-4c50-899d0570d592&reqId=c1fc2cfd-b90a-4338-5a51-de81fd4da1f4&zdid=1361&cmp=0
Frame ID: 2560D6CC63693F7DC666A93A324C5E89
Requests: 31 HTTP requests in this frame

Frame: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=50480bb1-d6ad-4b96-6149-d9320f3f5448&reqId=df43fcd6-95c8-49a7-7ff7-41aed9c0fc3a&zdid=1361&cmp=0
Frame ID: F8C0F64669D4844F5CBD3C6ECD54F518
Requests: 31 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/quantumdex
Frame ID: A08B3DC99B437320019BD963695E6E90
Requests: 14 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/quantumdex
Frame ID: 5634B5CF1B97B1EF66399F08C2017723
Requests: 14 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: F1B2AAB8EEA2C8955E1385948CA0DF43
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Frame ID: 181D9853D7BF0A4B06B3184C1EB9B35D
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Frame ID: EA7A8DF3431974E00E120F1B7D115DFF
Requests: 10 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: 7218F8673E70EE9F8DD854E42C5D0DF7
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: A1F2E8CD98CF0CA84E7B3222A360F30D
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Frame ID: 779BC5DF6000B99B567BE7B7B5F436C5
Requests: 10 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: B0450CF84BC06D34F307519DD55C12D9
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 91C16D9DAC33662B19CF58C67E38C46D
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 99A1F45419ED90209526D71CD91137E3
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Frame ID: 4653E3110807A6C4C69E4B2CB8A3C547
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://theblemish.com/ HTTP 301
https://theblemish.com/ Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

Page Statistics

234
Requests

100 %
HTTPS

36 %
IPv6

72
Domains

102
Subdomains

66
IPs

10
Countries

2590 kB
Transfer

6047 kB
Size

7
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.patreon.com/theblemish
Title:

Search URL Search Domain Scan URL

URL: https://www.facebook.com/theblemish
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/theblemish
Title:

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://theblemish.com/ HTTP 301
https://theblemish.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

https://ads.ayads.co/ajs.php?zid=3914 HTTP 302
https://sac.ayads.co/sublime/3914

Request Chain 27

https://platform.instagram.com/en_US/embeds.js HTTP 301
https://www.instagram.com/embed.js HTTP 302
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/58b07fec4121.js

Request Chain 54

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1624044561673&ns_c=UTF-8&cv=3.5&c8=The%20Blemish%20%7C%20Entertainment%20News%20%26%20Pictures&c7=https%3A%2F%2Ftheblemish.com%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1624044561673&ns_c=UTF-8&cv=3.5&c8=The%20Blemish%20%7C%20Entertainment%20News%20%26%20Pictures&c7=https%3A%2F%2Ftheblemish.com%2F&c9=

Request Chain 73

https://ads.us.e-planning.net/pbjs/1/2c995/1/theblemish.com/ROS?rnd=0.20170573135514713&e=300x250_0%3A300x250%2C250x250%2C200x200%2C180x150&ur=https%3A%2F%2Ftheblemish.com%2F&pbv=5.0.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Ftheblemish.com%2F&gdpr=1&gdprcs= HTTP 302
https://ads.us.e-planning.net/hb/1/2c995/1/theblemish.com/ROS?ct=1&r=pbjs&rnd=0.20170573135514713&e=300x250_0%3A300x250%2C250x250%2C200x200%2C180x150&ur=https%3A%2F%2Ftheblemish.com%2F&pbv=5.0.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Ftheblemish.com%2F&gdpr=1&gdprcs=

Request Chain 83

https://ads.us.e-planning.net/pbjs/1/2c995/1/theblemish.com/ROS?rnd=0.20170573135514713&e=300x250_0%3A300x250%2C300x600%2C160x600%2C250x250%2C120x600%2C200x200%2C180x150&ur=https%3A%2F%2Ftheblemish.com%2F&pbv=5.0.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Ftheblemish.com%2F&gdpr=1&gdprcs= HTTP 302
https://ads.us.e-planning.net/hb/1/2c995/1/theblemish.com/ROS?ct=1&r=pbjs&rnd=0.20170573135514713&e=300x250_0%3A300x250%2C300x600%2C160x600%2C250x250%2C120x600%2C200x200%2C180x150&ur=https%3A%2F%2Ftheblemish.com%2F&pbv=5.0.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Ftheblemish.com%2F&gdpr=1&gdprcs=

Request Chain 114

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3c01f1a5a54da346%26fi%3D0e86ce90c24d1a37%26uid%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3c01f1a5a54da346%26fi%3D0e86ce90c24d1a37%26uid%3D%24UID&sovrn_retry=true HTTP 307
https://u-ams02.e-planning.net/um?dc=3c01f1a5a54da346&fi=0e86ce90c24d1a37&uid=e178fe267763ef61eaca8b90

Request Chain 115

https://ufo.approximity.com/mu?td=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Daa770806b4a66cf5%26fi%3D0e86ce90c24d1a37 HTTP 302
https://u-ams02.e-planning.net/um?dc=aa770806b4a66cf5&fi=0e86ce90c24d1a37&uid=020000000EF4CC60A424EF4802ADF360

Request Chain 116

https://sync.1rx.io/usersync2/eplanning HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7122903252 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7122903252 HTTP 302
https://sync.1rx.io/usersync/tradedesk/82568308-ad07-4688-b08a-9a5be29b3e97 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-6e996ce1-c177-4402-a4b1-fb3c5abb1dd4-003?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3DRX-6e996ce1-c177-4402-a4b1-fb3c5abb1dd4-003%26dc%3D1079cc634ca638f8%26iss%3D1 HTTP 302
https://sync.e-planning.net/um?uid=RX-6e996ce1-c177-4402-a4b1-fb3c5abb1dd4-003&dc=1079cc634ca638f8&iss=1

Request Chain 118

https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=50480bb1-d6ad-4b96-6149-d9320f3f5448&reqId=df43fcd6-95c8-49a7-7ff7-41aed9c0fc3a&zdid=1361 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=50480bb1-d6ad-4b96-6149-d9320f3f5448&reqId=df43fcd6-95c8-49a7-7ff7-41aed9c0fc3a&zdid=1361&google_tc= HTTP 302
https://mwzeom.zeotap.com/mw?google_gid=CAESENzZhXJNKcgKWt7ZCzwGG-U&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=50480bb1-d6ad-4b96-6149-d9320f3f5448&reqId=df43fcd6-95c8-49a7-7ff7-41aed9c0fc3a&zdid=1361

Request Chain 119

https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D50480bb1-d6ad-4b96-6149-d9320f3f5448%26reqId%3Ddf43fcd6-95c8-49a7-7ff7-41aed9c0fc3a%26zdid%3D1361 HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D50480bb1-d6ad-4b96-6149-d9320f3f5448%26reqId%3Ddf43fcd6-95c8-49a7-7ff7-41aed9c0fc3a%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=826cf9dc-990e-4153-afc8-aa345432b3db&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=50480bb1-d6ad-4b96-6149-d9320f3f5448&reqId=df43fcd6-95c8-49a7-7ff7-41aed9c0fc3a&zdid=1361

Request Chain 121

https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D50480bb1-d6ad-4b96-6149-d9320f3f5448%26reqId%3Ddf43fcd6-95c8-49a7-7ff7-41aed9c0fc3a%26zdid%3D1361 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D50480bb1-d6ad-4b96-6149-d9320f3f5448%26reqId%3Ddf43fcd6-95c8-49a7-7ff7-41aed9c0fc3a%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=82568308-ad07-4688-b08a-9a5be29b3e97&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=50480bb1-d6ad-4b96-6149-d9320f3f5448&reqId=df43fcd6-95c8-49a7-7ff7-41aed9c0fc3a&zdid=1361

Request Chain 125

https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=50480bb1-d6ad-4b96-6149-d9320f3f5448&reqId=df43fcd6-95c8-49a7-7ff7-41aed9c0fc3a&zdid=1361 HTTP 302
https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=50480bb1-d6ad-4b96-6149-d9320f3f5448&reqId=df43fcd6-95c8-49a7-7ff7-41aed9c0fc3a&zdid=1361&s_h=1 HTTP 302
https://mwzeom.zeotap.com/mw?cid=f8e3050f-278e-4a12-a87d-79caa8c9b309&zpartnerid=317&gdpr=1&gdpr_consent=

Request Chain 126

https://dpm.demdex.net/ibs:dpid=199624&dpuuid=50480bb1-d6ad-4b96-6149-d9320f3f5448&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D50480bb1-d6ad-4b96-6149-d9320f3f5448%26reqId%3Ddf43fcd6-95c8-49a7-7ff7-41aed9c0fc3a%26zdid%3D1361 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=50480bb1-d6ad-4b96-6149-d9320f3f5448&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D50480bb1-d6ad-4b96-6149-d9320f3f5448%26reqId%3Ddf43fcd6-95c8-49a7-7ff7-41aed9c0fc3a%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=28254230488440678173683730893007832478&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=50480bb1-d6ad-4b96-6149-d9320f3f5448&reqId=df43fcd6-95c8-49a7-7ff7-41aed9c0fc3a&zdid=1361

Request Chain 128

https://bn01.er.bemail.it/zeotap.php?_bid=50480bb1-d6ad-4b96-6149-d9320f3f5448&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=50480bb1-d6ad-4b96-6149-d9320f3f5448&reqId=df43fcd6-95c8-49a7-7ff7-41aed9c0fc3a&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=BE1-2021061821-15717-0.593412001624044563-f605ad9fc8df66fad0100b3c9cbc3ded&zdid=533&env=mWeb

Request Chain 129

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D50480bb1-d6ad-4b96-6149-d9320f3f5448%26reqId%3Ddf43fcd6-95c8-49a7-7ff7-41aed9c0fc3a%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=6975218293929932944&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=50480bb1-d6ad-4b96-6149-d9320f3f5448&reqId=df43fcd6-95c8-49a7-7ff7-41aed9c0fc3a&zdid=1361

Request Chain 131

https://idsync.frontend.weborama.fr/ids?key=zeotap&value=50480bb1-d6ad-4b96-6149-d9320f3f5448&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D50480bb1-d6ad-4b96-6149-d9320f3f5448%26reqId%3Ddf43fcd6-95c8-49a7-7ff7-41aed9c0fc3a%26zdid%3D1361 HTTP 302
https://idsync.frontend.weborama.fr/ids?key=zeotap&value=50480bb1-d6ad-4b96-6149-d9320f3f5448&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D50480bb1-d6ad-4b96-6149-d9320f3f5448%26reqId%3Ddf43fcd6-95c8-49a7-7ff7-41aed9c0fc3a%26zdid%3D1361&bounce=1&random=1513916163 HTTP 302
https://mwzeom.zeotap.com/mw?webouuid=9eNMxK4vPTKN/BcpgvzHQe&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=50480bb1-d6ad-4b96-6149-d9320f3f5448&reqId=df43fcd6-95c8-49a7-7ff7-41aed9c0fc3a&zdid=1361

Request Chain 133

https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=50480bb1-d6ad-4b96-6149-d9320f3f5448?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=50480bb1-d6ad-4b96-6149-d9320f3f5448&reqId=df43fcd6-95c8-49a7-7ff7-41aed9c0fc3a&zdid=1361 HTTP 302
https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=50480bb1-d6ad-4b96-6149-d9320f3f5448?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=50480bb1-d6ad-4b96-6149-d9320f3f5448&reqId=df43fcd6-95c8-49a7-7ff7-41aed9c0fc3a&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?pid=b8591f9075019083ed62639cc030944f&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=50480bb1-d6ad-4b96-6149-d9320f3f5448&reqId=df43fcd6-95c8-49a7-7ff7-41aed9c0fc3a&zdid=1361

Request Chain 134

https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
https://mwzeom.zeotap.com/mw?cid=y-DAEoo3VE2opRnwlYvHDvlOUJcxA8ykXIVw--~A&zpartnerid=570&env=mWeb

Request Chain 135

https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=50480bb1-d6ad-4b96-6149-d9320f3f5448&reqId=df43fcd6-95c8-49a7-7ff7-41aed9c0fc3a&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=cKLyBD%2BMDtTX2C%2FKgfruWTOr%2Ft%2Fu9Sjx%2BS41iYitP1U%3D

Request Chain 139

https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D50480bb1-d6ad-4b96-6149-d9320f3f5448%26reqId%3Ddf43fcd6-95c8-49a7-7ff7-41aed9c0fc3a%26zdid%3D1361 HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D50480bb1-d6ad-4b96-6149-d9320f3f5448%26reqId%3Ddf43fcd6-95c8-49a7-7ff7-41aed9c0fc3a%26zdid%3D1361&_test=YMz0FgABrQ2zlQBg HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YMz0FgABrQ2zlQBg&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=50480bb1-d6ad-4b96-6149-d9320f3f5448&reqId=df43fcd6-95c8-49a7-7ff7-41aed9c0fc3a&zdid=1361&_test=YMz0FgABrQ2zlQBg

Request Chain 140

https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D50480bb1-d6ad-4b96-6149-d9320f3f5448%26reqId%3Ddf43fcd6-95c8-49a7-7ff7-41aed9c0fc3a%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=c62a60cc-f415-4c00-90e0-610965890e20&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=50480bb1-d6ad-4b96-6149-d9320f3f5448&reqId=df43fcd6-95c8-49a7-7ff7-41aed9c0fc3a&zdid=1361

Request Chain 141

https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=50480bb1-d6ad-4b96-6149-d9320f3f5448&reqId=df43fcd6-95c8-49a7-7ff7-41aed9c0fc3a&zdid=1361 HTTP 302
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=50480bb1-d6ad-4b96-6149-d9320f3f5448&reqId=df43fcd6-95c8-49a7-7ff7-41aed9c0fc3a&zdid=1361

Request Chain 142

https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=50480bb1-d6ad-4b96-6149-d9320f3f5448&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=50480bb1-d6ad-4b96-6149-d9320f3f5448&reqId=df43fcd6-95c8-49a7-7ff7-41aed9c0fc3a&zdid=1361 HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=50480bb1-d6ad-4b96-6149-d9320f3f5448&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=50480bb1-d6ad-4b96-6149-d9320f3f5448&reqId=df43fcd6-95c8-49a7-7ff7-41aed9c0fc3a&zdid=1361&dcc=t

Request Chain 143

https://tags.bluekai.com/site/87734?id=50480bb1-d6ad-4b96-6149-d9320f3f5448&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=50480bb1-d6ad-4b96-6149-d9320f3f5448&reqId=df43fcd6-95c8-49a7-7ff7-41aed9c0fc3a&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734

Request Chain 147

https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c292db97-5755-4c20-4c50-899d0570d592&reqId=c1fc2cfd-b90a-4338-5a51-de81fd4da1f4&zdid=1361 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c292db97-5755-4c20-4c50-899d0570d592&reqId=c1fc2cfd-b90a-4338-5a51-de81fd4da1f4&zdid=1361&google_tc= HTTP 302
https://mwzeom.zeotap.com/mw?google_gid=CAESEDN9C7FGZqiQiJtpAmFvdSs&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c292db97-5755-4c20-4c50-899d0570d592&reqId=c1fc2cfd-b90a-4338-5a51-de81fd4da1f4&zdid=1361

Request Chain 148

https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dc292db97-5755-4c20-4c50-899d0570d592%26reqId%3Dc1fc2cfd-b90a-4338-5a51-de81fd4da1f4%26zdid%3D1361 HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dc292db97-5755-4c20-4c50-899d0570d592%26reqId%3Dc1fc2cfd-b90a-4338-5a51-de81fd4da1f4%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=826cf9dc-990e-4153-afc8-aa345432b3db&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c292db97-5755-4c20-4c50-899d0570d592&reqId=c1fc2cfd-b90a-4338-5a51-de81fd4da1f4&zdid=1361

Request Chain 150

https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dc292db97-5755-4c20-4c50-899d0570d592%26reqId%3Dc1fc2cfd-b90a-4338-5a51-de81fd4da1f4%26zdid%3D1361 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dc292db97-5755-4c20-4c50-899d0570d592%26reqId%3Dc1fc2cfd-b90a-4338-5a51-de81fd4da1f4%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=82568308-ad07-4688-b08a-9a5be29b3e97&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c292db97-5755-4c20-4c50-899d0570d592&reqId=c1fc2cfd-b90a-4338-5a51-de81fd4da1f4&zdid=1361

Request Chain 154

https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c292db97-5755-4c20-4c50-899d0570d592&reqId=c1fc2cfd-b90a-4338-5a51-de81fd4da1f4&zdid=1361 HTTP 302
https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c292db97-5755-4c20-4c50-899d0570d592&reqId=c1fc2cfd-b90a-4338-5a51-de81fd4da1f4&zdid=1361&s_h=1 HTTP 302
https://mwzeom.zeotap.com/mw?cid=f8e3050f-278e-4a12-a87d-79caa8c9b309&zpartnerid=317&gdpr=1&gdpr_consent=

Request Chain 155

https://dpm.demdex.net/ibs:dpid=199624&dpuuid=c292db97-5755-4c20-4c50-899d0570d592&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dc292db97-5755-4c20-4c50-899d0570d592%26reqId%3Dc1fc2cfd-b90a-4338-5a51-de81fd4da1f4%26zdid%3D1361 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=c292db97-5755-4c20-4c50-899d0570d592&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dc292db97-5755-4c20-4c50-899d0570d592%26reqId%3Dc1fc2cfd-b90a-4338-5a51-de81fd4da1f4%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=38054003663975413562669029602504682078&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c292db97-5755-4c20-4c50-899d0570d592&reqId=c1fc2cfd-b90a-4338-5a51-de81fd4da1f4&zdid=1361

Request Chain 157

https://bn01.er.bemail.it/zeotap.php?_bid=c292db97-5755-4c20-4c50-899d0570d592&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c292db97-5755-4c20-4c50-899d0570d592&reqId=c1fc2cfd-b90a-4338-5a51-de81fd4da1f4&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=BE1-2021061821-13884-0.594279001624044563-5bb6f325994a182d02af287083ccf1f5&zdid=533&env=mWeb

Request Chain 158

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dc292db97-5755-4c20-4c50-899d0570d592%26reqId%3Dc1fc2cfd-b90a-4338-5a51-de81fd4da1f4%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=6975218293930195097&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c292db97-5755-4c20-4c50-899d0570d592&reqId=c1fc2cfd-b90a-4338-5a51-de81fd4da1f4&zdid=1361

Request Chain 160

https://idsync.frontend.weborama.fr/ids?key=zeotap&value=c292db97-5755-4c20-4c50-899d0570d592&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dc292db97-5755-4c20-4c50-899d0570d592%26reqId%3Dc1fc2cfd-b90a-4338-5a51-de81fd4da1f4%26zdid%3D1361 HTTP 302
https://idsync.frontend.weborama.fr/ids?key=zeotap&value=c292db97-5755-4c20-4c50-899d0570d592&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dc292db97-5755-4c20-4c50-899d0570d592%26reqId%3Dc1fc2cfd-b90a-4338-5a51-de81fd4da1f4%26zdid%3D1361&bounce=1&random=3093976307 HTTP 302
https://mwzeom.zeotap.com/mw?webouuid=9eNMxK4vPTKN/BcpgvzHQe&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c292db97-5755-4c20-4c50-899d0570d592&reqId=c1fc2cfd-b90a-4338-5a51-de81fd4da1f4&zdid=1361

Request Chain 162

https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=c292db97-5755-4c20-4c50-899d0570d592?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c292db97-5755-4c20-4c50-899d0570d592&reqId=c1fc2cfd-b90a-4338-5a51-de81fd4da1f4&zdid=1361 HTTP 302
https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=c292db97-5755-4c20-4c50-899d0570d592?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c292db97-5755-4c20-4c50-899d0570d592&reqId=c1fc2cfd-b90a-4338-5a51-de81fd4da1f4&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?pid=b8591f9075019083ed62639cc030944f&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c292db97-5755-4c20-4c50-899d0570d592&reqId=c1fc2cfd-b90a-4338-5a51-de81fd4da1f4&zdid=1361

Request Chain 163

https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
https://mwzeom.zeotap.com/mw?cid=y-NJ3XvXZE2oolfQva0qDAKqV__KaSm1DKXw--~A&zpartnerid=570&env=mWeb

Request Chain 164

https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c292db97-5755-4c20-4c50-899d0570d592&reqId=c1fc2cfd-b90a-4338-5a51-de81fd4da1f4&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=7e7kM3VyDGfX2C%2FKgfruWejSGrFknjRx%2BS41iYitP1U%3D

Request Chain 168

https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dc292db97-5755-4c20-4c50-899d0570d592%26reqId%3Dc1fc2cfd-b90a-4338-5a51-de81fd4da1f4%26zdid%3D1361 HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dc292db97-5755-4c20-4c50-899d0570d592%26reqId%3Dc1fc2cfd-b90a-4338-5a51-de81fd4da1f4%26zdid%3D1361&_test=YMz0FgABrRGzoQBg HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YMz0FgABrRGzoQBg&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c292db97-5755-4c20-4c50-899d0570d592&reqId=c1fc2cfd-b90a-4338-5a51-de81fd4da1f4&zdid=1361&_test=YMz0FgABrRGzoQBg

Request Chain 169

https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dc292db97-5755-4c20-4c50-899d0570d592%26reqId%3Dc1fc2cfd-b90a-4338-5a51-de81fd4da1f4%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=228160cc-f415-4000-9451-3c1f0f19fdc2&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c292db97-5755-4c20-4c50-899d0570d592&reqId=c1fc2cfd-b90a-4338-5a51-de81fd4da1f4&zdid=1361

Request Chain 170

https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c292db97-5755-4c20-4c50-899d0570d592&reqId=c1fc2cfd-b90a-4338-5a51-de81fd4da1f4&zdid=1361 HTTP 302
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c292db97-5755-4c20-4c50-899d0570d592&reqId=c1fc2cfd-b90a-4338-5a51-de81fd4da1f4&zdid=1361

Request Chain 171

https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=c292db97-5755-4c20-4c50-899d0570d592&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c292db97-5755-4c20-4c50-899d0570d592&reqId=c1fc2cfd-b90a-4338-5a51-de81fd4da1f4&zdid=1361 HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=c292db97-5755-4c20-4c50-899d0570d592&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c292db97-5755-4c20-4c50-899d0570d592&reqId=c1fc2cfd-b90a-4338-5a51-de81fd4da1f4&zdid=1361&dcc=t

Request Chain 172

https://tags.bluekai.com/site/87734?id=c292db97-5755-4c20-4c50-899d0570d592&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c292db97-5755-4c20-4c50-899d0570d592&reqId=c1fc2cfd-b90a-4338-5a51-de81fd4da1f4&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734

Request Chain 177

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2734687890487579040

Request Chain 178

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danx152media%2526uid%253D%2524UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=489450943534794481

Request Chain 179

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danswermedia%2526uid%253D%2524UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=5555583536721370301

Request Chain 180

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=e178fe267763ef61eaca8b90

Request Chain 181

https://ms.quantumdex.io/user/sync/quantumdex HTTP 302
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=2a7f175e-e375-4d5d-a3c1-02b5e8d16603

Request Chain 183

https://bh.contextweb.com/rtset?pid=561205&ev=1&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpulsepoint%26uid%3D%25%25VGUID%25%25 HTTP 302
https://sync.quantumdex.io/setuid?bidder=pulsepoint&uid=ip9iB1ABCNYC&ev=1&pid=561205

Request Chain 184

https://bh.contextweb.com/rtset?pid=557779&ev=1&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpulsepoint%26uid%3D%25%25VGUID%25%25 HTTP 302
https://sync.quantumdex.io/setuid?bidder=pulsepoint&uid=6k8ipm40tH9D&ev=1&pid=557779

Request Chain 185

https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP7f83e3b4-d06b-11eb-9173-063661f31842 HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP7f83e3b4-d06b-11eb-9173-063661f31842

Request Chain 186

https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D HTTP 302
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-9e00eca2-7fbe-4a41-8aac-73dde9f1e12c

Request Chain 187

https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-DWUM7LVE2uH5scbXdkz.YtkWCbDg0PYid07E1hY-~A

Request Chain 188

https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
https://sync.quantumdex.io/setuid?bidder=between&uid=4d9a8294-dc2a-52a9-8a40-6fa4ea8c9bb1

Request Chain 189

https://cs.admanmedia.com/sync/valueimpression?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadman%26uid%3D%7B%24UID%7D HTTP 302
https://sync.quantumdex.io/setuid?bidder=adman&uid=670e2fc9c09785aabfbf0ac05112e6e7690c96c7

Request Chain 192

https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

Request Chain 195

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danx152media%2526uid%253D%2524UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=2369233646043512192

Request Chain 196

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danswermedia%2526uid%253D%2524UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=733142116511177062

Request Chain 197

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=e178fe267763ef61eaca8b90

Request Chain 198

https://ms.quantumdex.io/user/sync/quantumdex HTTP 302
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=53ea6cd3-18ce-4695-ab28-370035ad9f9a

Request Chain 199

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=489450943534794481

Request Chain 201

https://bh.contextweb.com/rtset?pid=561205&ev=1&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpulsepoint%26uid%3D%25%25VGUID%25%25 HTTP 302
https://sync.quantumdex.io/setuid?bidder=pulsepoint&uid=1eqCafM504MV&ev=1&pid=561205

Request Chain 202

https://bh.contextweb.com/rtset?pid=557779&ev=1&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpulsepoint%26uid%3D%25%25VGUID%25%25 HTTP 302
https://sync.quantumdex.io/setuid?bidder=pulsepoint&uid=0LHaC17cIfba&ev=1&pid=557779

Request Chain 203

https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP7f840acb-d06b-11eb-a91f-02cf5c076976 HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP7f840acb-d06b-11eb-a91f-02cf5c076976

Request Chain 204

https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D HTTP 302
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-a64df95a-131f-4e1d-9ff8-8400cb8ca70d

Request Chain 205

https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-RPiYkdVE2uE8zEnifKsjy7mxQNXK7nqhzHtCHgg-~A

Request Chain 206

https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
https://sync.quantumdex.io/setuid?bidder=between&uid=4d9a8294-dc2a-52a9-8a40-6fa4ea8c9bb1

Request Chain 207

https://cs.admanmedia.com/sync/valueimpression?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadman%26uid%3D%7B%24UID%7D HTTP 302
https://sync.quantumdex.io/setuid?bidder=adman&uid=670e2fc9c09785aabfbf0ac05112e6e7690c96c7

Request Chain 208

https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

Request Chain 214

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YMz0GJnrLbNa40vpkQX0SQAABIMAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEDFRMcvtfBp6m2s-27kr9Sc&google_cver=1

Request Chain 215

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YMz0GJnrLbNa40vpkQX0SQAABIMAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YMz0GJnrLbNa40vpkQX0SQAABIMAAAAB&dcc=t

Request Chain 216

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YMz0GJnrLbNa40vpkQX0SQAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPLNMk6gIzrGh5rJXvHSfDk&google_cver=1&gdpr=1

Request Chain 218

https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1 HTTP 302
https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=

Request Chain 219

https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YMz0GJnrLbNa40vpkQX0SQAA%261155?gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YMz0GJnrLbNa40vpkQX0SQAA%261155?gdpr_consent=&us_privacy=&gdpr=1

Request Chain 221

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1624130968&gdpr=1

Request Chain 223

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YMz0GNxfBGuV-h-v3q--mQAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPLNMk6gIzrGh5rJXvHSfDk&google_cver=1&gdpr=1

Request Chain 224

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YMz0GNxfBGuV_h_v3q__mQAABHAAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YMz0GNxfBGuV_h_v3q__mQAABHAAAAAB&dcc=t

Request Chain 226

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YMz0GNxfBGuV_h_v3q__mQAABHAAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEDFRMcvtfBp6m2s-27kr9Sc&google_cver=1

Request Chain 229

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1624130968&gdpr=1

234 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
theblemish.com/
Redirect Chain

http://theblemish.com/
https://theblemish.com/

85 KB
16 KB

244ms
211ms

Document
text/html

104.21.234.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theblemish.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.234.188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 497cfa9a8ffd69d991580fdc6f2db4b8d4acd70c5fbe4686c8cd88bf88770f96

Request headers

:method: GET
:authority: theblemish.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:21 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
age: 7036
x-cache: HIT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-request-id: 0ac2327a6d00004c49d71df000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=wDJOZSYBxLGF7uIZJUUZ0ZSkWIMKSGQVPLdU5H21EXuiVxJRvwGYmETdMj%2F6Pt%2BKyNZPixlX3pZohyDTxxyzBA1UykNFu2PnmsvXqCzqZNBL0M7yaKca9tjZdkE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6616ed0a4fe84c49-AMS
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

Date: Fri, 18 Jun 2021 19:29:20 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://theblemish.com/
Access-Control-Allow-Origin: *
CF-Cache-Status: DYNAMIC
cf-request-id: 0ac2327986000001f8b93e4000000001
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=rDIUgTRLc7MYgA6JxVLJXYG5vOL1%2BM2CwhzaiPwECRlJpD%2FLTz%2BwjoVnzdAfyb89DFOUuhU%2F%2Bl28cinfJOH4NEBtbNIdIIecb9H6dd1%2BVV0SZuPX159Ku9wuRX8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 6616ed08dd8801f8-ZRH
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 style.min.css
theblemish.com/wp-includes/css/dist/block-library/ 57 KB
9 KB 171ms
137ms Stylesheet
text/css 104.21.234.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theblemish.com/wp-includes/css/dist/block-library/style.min.css?ver=5.7.2
Requested by: Host: theblemish.com
URL: https://theblemish.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.21.234.188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde

Request headers

:path: /wp-includes/css/dist/block-library/style.min.css?ver=5.7.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: theblemish.com
referer: https://theblemish.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:21 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 19661
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0ac2327b8d00004e978d8e1000000001
last-modified: Thu, 15 Apr 2021 03:00:06 GMT
server: cloudflare
etag: W/"6077ac36-e33b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=iR10yFHnBfyVFeu364h80L0Ofu%2Bit4%2Fc%2BlbjV7CETuUii7SAiaVSgQ7dQWUKKb1YqJgxS7vJr4hGB2p7JhW07g3WiaD%2Fo940K%2F%2FppH7He13zRpVYgFVFvfVwVWU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=16070400
cf-ray: 6616ed0bd8524e97-FRA
expires: Sun, 18 Jul 2021 13:59:34 GMT

GET
H3-29 200 style.css
theblemish.com/wp-content/themes/theblemish/ 53 KB
10 KB 178ms
144ms Stylesheet
text/css 104.21.234.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theblemish.com/wp-content/themes/theblemish/style.css?ver=1603170731
Requested by: Host: theblemish.com
URL: https://theblemish.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.21.234.188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9aaafad273dcec6735540020fb5126f85e4a83e85b0deef6dbd2a3ee1fa682ec

Request headers

:path: /wp-content/themes/theblemish/style.css?ver=1603170731
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: theblemish.com
referer: https://theblemish.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:21 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 19660
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0ac2327b8300004e97a6869000000001
last-modified: Tue, 20 Oct 2020 05:12:11 GMT
server: cloudflare
etag: W/"5f8e71ab-d2b6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=i6uRB%2F44P1sy7yorNFnPlL9YxdrhmI9%2FjtMNxsraOvXcW7TMfa8We%2BD%2Bco4VqwgAvtOKdWifuDWZGTJx%2Fxn9GIPQhyu0g9Y%2BqhLeBE8q9SLPD5ALXba4HgAAdjg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=16070400
cf-ray: 6616ed0bd84c4e97-FRA
expires: Sun, 18 Jul 2021 13:59:34 GMT

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/ 26 KB
6 KB 53ms
34ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css?ver=5.7.2

Requested by

Host: theblemish.com
URL: https://theblemish.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 632, 617, 617
age: 3176051
cdn-cachedat: 2021-05-13 03:03:04
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0ac2327b55000063e9260aa000000001
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 2a43eb12ae391889334a82e4b5bee237
cf-ray: 6616ed0bba5863e9-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 css
fonts.googleapis.com/ 5 KB
806 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Sans%7COpen+Sans%7CRoboto&ver=5.7.2

Requested by

Host: theblemish.com
URL: https://theblemish.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a2b0aa1a3013b8ca56ea08beb786549a64a05e583b40239dca4a36139867b48d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 18 Jun 2021 19:22:50 GMT
server: ESF
date: Fri, 18 Jun 2021 19:29:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 18 Jun 2021 19:29:21 GMT

GET
H2 200 / Show response
services.bilsyndication.com/adv1/ 951 B
984 B 187ms
160ms Script
application/javascript 2606:4700:10::6816:1758
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://services.bilsyndication.com/adv1/?d=1002

Requested by

Host: theblemish.com
URL: https://theblemish.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1758 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3babd624816c7880c7c10cf229de4d260cbc3bce61eb7bc1d87aeff8e77631f

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 19:29:21 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Fri, 18 Jun 2021 19:29:21 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
cf-ray: 6616ed0ceb014a98-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0ac2327c1100004a987695a000000001
expires: on, 01 Jan 1970 00:00:00 GMT

GET
H2

200

3914 Show response
sac.ayads.co/sublime/
Redirect Chain

https://ads.ayads.co/ajs.php?zid=3914
https://sac.ayads.co/sublime/3914

474 KB
108 KB

146ms
137ms

Script
application/javascript

2606:4700:10::6814:a25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sac.ayads.co/sublime/3914
Requested by: Host: theblemish.com
URL: https://theblemish.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:a25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84c4fe27bc5ba9ec7ab2c3e8e2402e316c4653ef1cfc660e7481b4dc08cd1d82

Request headers

Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Fri, 18 Jun 2021 19:29:21 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600
cf-ray: 6616ed0bf9921f41-FRA
cf-request-id: 0ac2327b7c00001f4148b6b000000001
expires: Fri, 18 Jun 2021 20:29:21 GMT

Redirect headers

date: Fri, 18 Jun 2021 19:29:21 GMT
cf-cache-status: HIT
server: cloudflare
age: 66080
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
location: https://sac.ayads.co/sublime/3914
cache-control: public, max-age=86400
cf-ray: 6616ed0bc93f1f41-FRA
cf-request-id: 0ac2327b5f00001f4174ba7000000001
expires: Sat, 19 Jun 2021 19:29:21 GMT

GET
H2 200 marvel-500x360.jpg
files.theblemish.com/images/2020/06/ 13 KB
14 KB 35ms
20ms Image
image/jpeg 104.21.234.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.theblemish.com/images/2020/06/marvel-500x360.jpg
Requested by: Host: theblemish.com
URL: https://theblemish.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.234.188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e329af33b10e61476009e1936f9300b4335dd0fe52c41b593c4b2b08e295232

Request headers

Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:21 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 19346
cf-ray: 6616ed0cec204c49-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 13492
x-amz-id-2: PzeuG7BiTxFcZQ0xlidbaSCcmbt1HiDPeBrj5RzHH+GYvyB7/S8KWF2JDbWmq6TJXj0Egweg5Lc=
last-modified: Thu, 04 Jun 2020 06:11:22 GMT
server: cloudflare
etag: "a3850eae6a4478b1117a1c8aee9d368e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=I30%2BYvM5%2FbRbHOpTeJZzb3kTsyZrgtICU6TF2Hd9ec5BvXoGIx2llTSvNNrc5HbDvBpg4RqE5CFFt2ISgq0c4oh9DWqGxKhtedeAhSVGy7N%2BwZ67%2F09ha5C318rTqJ50sy4%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: RHETTCCDYHK8D39W
cache-control: max-age=31536000
cf-request-id: 0ac2327c0c00004c49ec252000000001
accept-ranges: bytes
content-type: image/jpeg
expires: Fri, 04 Jun 2021 06:11:21 GMT

GET
H2 200 rainbow-pride-500x360.jpg
files.theblemish.com/images/2021/06/ 75 KB
76 KB 54ms
39ms Image
image/jpeg 104.21.234.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.theblemish.com/images/2021/06/rainbow-pride-500x360.jpg
Requested by: Host: theblemish.com
URL: https://theblemish.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.234.188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e569e1c271b04827ae65f754cd848bbb421b7d13ffdbd3eef077414d0284e64

Request headers

Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:21 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 19346
cf-ray: 6616ed0cec234c49-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 77038
x-amz-id-2: ZhQAND2VCp5ggDDmPj6CLz6iuGTWrzxmyp5zhEdywf12B6FD6Hx0LfHEC8SegyirothzqwktGAU=
last-modified: Thu, 03 Jun 2021 07:39:48 GMT
server: cloudflare
etag: "ad760f498911721ef5574a4141b7f4c6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=JLx5IHGtJDLjL78XKRmW3NjZ%2FpARlZeA9%2BbwzTeYj0jBzKeG%2FuOQ7K24rhyqkAIaYNVnzWkNM%2BG8tJDLSCyjBkmF8q1btd6ibVkKEpY%2FAqB7R2P2NCmZ9kbbL0MnBd9yr2g%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: RHEN8W1KEKAHJ47Q
cache-control: max-age=31536000
cf-request-id: 0ac2327c0d00004c49cf0a8000000001
accept-ranges: bytes
content-type: image/jpeg
expires: Fri, 03 Jun 2022 07:39:47 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 9ms
5ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: theblemish.com
URL: https://theblemish.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 1844
date: Fri, 18 Jun 2021 18:58:37 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Fri, 18 Jun 2021 20:58:37 GMT

GET
H2 200 bill-cosby-500x360.jpg
files.theblemish.com/images/2021/05/ 65 KB
65 KB 37ms
22ms Image
image/jpeg 104.21.234.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.theblemish.com/images/2021/05/bill-cosby-500x360.jpg
Requested by: Host: theblemish.com
URL: https://theblemish.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.234.188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 21f6e30ca887061ff2540f1734c068d4dfdb217dfe2e3c8c358c29c4b65f272c

Request headers

Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:21 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 19346
cf-ray: 6616ed0cec214c49-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 66282
x-amz-id-2: pfJRMUFnewMkOa/+26yaICm4LpDJLwAyKMQ+GbUMp1+wJ88G4XYkZ+zjAl7qbxwMadciU/FSHME=
last-modified: Mon, 31 May 2021 06:28:34 GMT
server: cloudflare
etag: "8d01f73e7bd2081b84e83641469bdcbb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Pv%2FayYvW6gW2rY5cjhT6%2FB6ZfunaIqYyMgnyrFALdYgU5gTSdIciZ5oLJyfip2QYl5tqOF18J0Z1mPOu2TjV8w496eSyRN7xSqZL5dqf6343w9XYlYIciJmnDdbEUArZphU%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: RHERRPT7VXPR861H
cache-control: max-age=31536000
cf-request-id: 0ac2327c0d00004c492c152000000001
accept-ranges: bytes
content-type: image/jpeg
expires: Tue, 31 May 2022 06:28:33 GMT

GET
H2 200 disney-500x360.jpg
files.theblemish.com/images/2021/01/ 26 KB
26 KB 48ms
34ms Image
image/jpeg 104.21.234.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.theblemish.com/images/2021/01/disney-500x360.jpg
Requested by: Host: theblemish.com
URL: https://theblemish.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.234.188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86e305d9b33cfd99d306174f6299b6042a59d02b3b70916231aeb49c2915eb77

Request headers

Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:21 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 19346
cf-ray: 6616ed0cec264c49-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 26120
x-amz-id-2: CcOXE7O93Vg9kOGE7FW9vMLIqbO6vLFv9g//0E+RbIK/QeGRwfzcLSOpTMff3vGTqzc4XeSt+vA=
last-modified: Fri, 29 Jan 2021 06:35:17 GMT
server: cloudflare
etag: "c4953eef2045aec424846e3c68d94425"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ZpXOIdWc13RnvTncPPXZLSdhAkbts%2B9mhzu7Q9C0twXAMCJYcS6XGSvj6hQBQCOM0RXL66l0fEmcRc0wdzIkKsp6zg%2FXTE2anKG5gIgsxpNeOmpPYa69I0uUucv%2FXfDotNo%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: RHET5SNQJCXWSK74
cache-control: max-age=31536000
cf-request-id: 0ac2327c0e00004c49e0249000000001
accept-ranges: bytes
content-type: image/jpeg
expires: Sat, 29 Jan 2022 06:35:15 GMT

GET
H2 200 powerpuff-girls-500x360.jpg
files.theblemish.com/images/2020/08/ 32 KB
33 KB 45ms
31ms Image
image/jpeg 104.21.234.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.theblemish.com/images/2020/08/powerpuff-girls-500x360.jpg
Requested by: Host: theblemish.com
URL: https://theblemish.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.234.188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d64f13b44d29a5e1bad6f7423abd940aaa529c1d768dfdfe2403a67712842bdb

Request headers

Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:21 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 19346
cf-ray: 6616ed0cec254c49-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 33088
x-amz-id-2: a6d9yEzBhGR/MXtzHuwBMR19P6kLgw4ud7c1e/Tp3llfgMJ3jspJ3BWW8of9AJ6krhppgLYaDAQ=
last-modified: Tue, 25 Aug 2020 07:23:49 GMT
server: cloudflare
etag: "0a26782a32cc641ba73fa8a6847d23ee"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=eaut4Ahyi%2B1eNt%2Bq1uTV3IjiAULgJ5zm6XwsgUAyQcrKPzEyBnwgh5eKEyafIZ%2FKiJMZyjSfplpNcXjg7zaYrmYAJT%2FnJVobZVuNNnVoCTtMaBzarl6A7edveWOFnM6UsYg%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: RHEW2SYXKDRF5FG1
cache-control: max-age=31536000
cf-request-id: 0ac2327c0e00004c49df32e000000001
accept-ranges: bytes
content-type: image/jpeg
expires: Wed, 25 Aug 2021 07:23:48 GMT

GET
H2 200 jj-abrams-500x360.jpg
files.theblemish.com/images/2021/05/ 47 KB
47 KB 48ms
34ms Image
image/jpeg 104.21.234.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.theblemish.com/images/2021/05/jj-abrams-500x360.jpg
Requested by: Host: theblemish.com
URL: https://theblemish.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.234.188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12f394a79f62f2adae090da73fbba8245b7c97654ce04cefe4e8ad19e49629cc

Request headers

Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:21 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 19346
cf-ray: 6616ed0cec244c49-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 47806
x-amz-id-2: NYhY1QRWO2VSn2DB8DVmO+jZv/ctqv010D6thCZAkBysl/ygMfhx/Zp/C6JERlSOs3kIfoTEy8A=
last-modified: Fri, 28 May 2021 06:14:41 GMT
server: cloudflare
etag: "f1713ef153017a863c24d21db0dcfe23"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=qOQJFtGD0Dh0pKHD7tVjAbXNNPpizU1btBQ8lZkVZnIZijPKX11IkoWIvVvgfPAQSh1U3T2SIkVz6Mpnch0dHovHwXJOo8DCmNlbL4JbhV5uXP%2Bb1Dr1tiXjfXAiIYfq9f0%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: RHES80Z6PT5T3QM6
cache-control: max-age=31536000
cf-request-id: 0ac2327c0e00004c49262cc000000001
accept-ranges: bytes
content-type: image/jpeg
expires: Sat, 28 May 2022 06:14:40 GMT

GET
H3-29 200 pete-davidson-500x360.jpg
files.theblemish.com/images/2019/12/ 19 KB
19 KB 43ms
40ms Image
image/jpeg 104.21.234.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.theblemish.com/images/2019/12/pete-davidson-500x360.jpg
Requested by: Host: theblemish.com
URL: https://theblemish.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.21.234.188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16966f90bd98d85e1c86f57d6422d5632d4d2541c4eb3add9836227851dd9826

Request headers

Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:21 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 19659
cf-ray: 6616ed0cfb4d4e97-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 19014
x-amz-id-2: lCujkPt3NIgcBfsAqM8gu8/3BBvZu9RsbX6y6ugdjCq4FAPa5aiEvWJ8jtEe6zttq6IXm+3wy58=
last-modified: Mon, 02 Dec 2019 09:15:41 GMT
server: cloudflare
etag: "fa5fda1df816594123ec6e4558d76e7e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=9H7FadXE9Gf9gL1gKi4958JxebarEZdNV6ZylwTFm9elciQk9t%2BXllO7jifGPu71bulbij9Gke3rRZ045Lpv3qEdFSHXimUNti9n6J82eQf%2FoHiSGNC62hT3kskQjAQQsJE%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: FGSRSE81ZB5GRYYG
cache-control: max-age=31536000
cf-request-id: 0ac2327c2100004e97c7bf3000000001
accept-ranges: bytes
content-type: image/jpeg
expires: Tue, 01 Dec 2020 09:15:40 GMT

GET
H3-29 200 jump-500x360.jpg
files.theblemish.com/images/2021/05/ 29 KB
30 KB 43ms
41ms Image
image/jpeg 104.21.234.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.theblemish.com/images/2021/05/jump-500x360.jpg
Requested by: Host: theblemish.com
URL: https://theblemish.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.21.234.188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 105643c59b878c6441eaa17051d4a71711c57bc29b60ce4072579d38b3cb2183

Request headers

Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:21 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 19659
cf-ray: 6616ed0cfb504e97-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 29519
x-amz-id-2: KutK5XxTejJO62tEaqwAWd8e/dF2Xnpq5BP8u9xRQR4+xt+s8iwp+nzdtf/LHnxys4vQJeX0TOU=
last-modified: Thu, 27 May 2021 06:53:12 GMT
server: cloudflare
etag: "a44de81d209ec14b65d82a5c2998993e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=neKybA0nt9GI3Jn2mEgoOcy4yuFcR0vzxVAGEFKwnBB83MCTyRuF8r42sZmm0CXKQbrXHxlV37XNNknwP2XzIwxZLVXFdNJP24QeEdeexlx7PT7zyIhOLZmFyW3vLkaZJrU%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: FGSP9AZWJS89EDXK
cache-control: max-age=31536000
cf-request-id: 0ac2327c2100004e97a687e000000001
accept-ranges: bytes
content-type: image/jpeg
expires: Fri, 27 May 2022 06:53:11 GMT

GET
H3-29 200 kim-kardashian-500x360.jpg
files.theblemish.com/images/2021/01/ 21 KB
21 KB 33ms
31ms Image
image/jpeg 104.21.234.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.theblemish.com/images/2021/01/kim-kardashian-500x360.jpg
Requested by: Host: theblemish.com
URL: https://theblemish.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.21.234.188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6943f4036943958e31aea8de79afcf7fa74a612a45443b734db806ba25e73088

Request headers

Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:21 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 19659
cf-ray: 6616ed0cfb534e97-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 21237
x-amz-id-2: mdwoNmU7e0bFqcZFHvK6pT0Hk5PmIlaCqqYkQ61Wc1fBu8Q91iK5LVsuzogBM6i6TnBfPvxbjcw=
last-modified: Wed, 06 Jan 2021 08:22:41 GMT
server: cloudflare
etag: "9679c4c35b8b45aea8379f9ab3c3dbe8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=oS6izPE3XxcQ8j4pfbBbgSOD7UZcTxOAnHyzY3Mtez6gMNS%2FwDwa8o8qre%2B0%2Fq60mfM5TAndYlOiJG6KyVjrVZ%2B09u8Xx5VbUcC1wDNAaXPwba%2Fcu5NONK%2BtixU94cfIhDQ%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: FGSJNV05XP0NKGP3
cache-control: max-age=31536000
cf-request-id: 0ac2327c2200004e977d2f6000000001
accept-ranges: bytes
content-type: image/jpeg
expires: Thu, 06 Jan 2022 08:22:40 GMT

GET
H3-29 200 rita-ora-miami-bikini-500x360.jpg
files.theblemish.com/images/2015/12/ 54 KB
55 KB 50ms
47ms Image
image/jpeg 104.21.234.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.theblemish.com/images/2015/12/rita-ora-miami-bikini-500x360.jpg
Requested by: Host: theblemish.com
URL: https://theblemish.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.21.234.188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dceea4b82d53579331ee205d34d283845bbaa2f9ebabe31ce091f772468d991e

Request headers

Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:21 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2250
cf-ray: 6616ed0cfb554e97-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 55565
x-amz-id-2: qcEmgZsn0mOBYNFocUY9zH9M5EPRNPJqgl0i4aaG82YYPVPXCNibUdRzAD6UsyHt6W4psmIxveY=
last-modified: Tue, 14 May 2019 02:25:35 GMT
server: cloudflare
etag: "f387d9ad19988d24a9c89a6317ab0f24"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=9SsZR3Ld9Tu4LzVoy609bm%2BSfAr5wtI25bKWjydOA8pGHLdzMj0O%2Bc%2BK8dcRR1csekT1i%2FhnZO4UzjOYOdhXAMqRHYwmBMZUBd4blSWax2XskNd3%2BfRnrL7jKRudj5Zjvjg%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: RSN0NAAQ1XNHSCAX
cache-control: max-age=16070400
cf-request-id: 0ac2327c2200004e97a1330000000001
accept-ranges: bytes
content-type: image/jpeg

GET
H3-29 200 bam-margera-500x360.jpg
files.theblemish.com/images/2021/05/ 29 KB
30 KB 58ms
56ms Image
image/jpeg 104.21.234.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.theblemish.com/images/2021/05/bam-margera-500x360.jpg
Requested by: Host: theblemish.com
URL: https://theblemish.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.21.234.188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02c80e1e45b7235dcdf178b76674c7a5a262ea0d0328a2982de182c462d51d61

Request headers

Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:21 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 12133
cf-ray: 6616ed0cfb5a4e97-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 30061
x-amz-id-2: LR04i3SNpbybvFOEoa0nAvuLNsBlyakxkTAanO7vqMzR83uOBiq4ztQj2Qso7el7pG7lfe86tic=
last-modified: Wed, 26 May 2021 06:37:37 GMT
server: cloudflare
etag: "0ebc0a8e51e3adbdb6653e805218b266"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=3WVUEi6eMfjmwQjVvEpooWcToOB7KYR63pdxekqiJcJfCSfy%2BzmgSqDKZh%2Ff3xMzfO3YMD6v%2Fr406t%2B7ZtYY%2BCSI3wX3aCKZVwWCbp6%2BVxAo2wVxrXNYpj%2FmKt3DBfCOMLc%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: RSN3SE94VQBTYEXK
cache-control: max-age=31536000
cf-request-id: 0ac2327c2200004e97aab8e000000001
accept-ranges: bytes
content-type: image/jpeg
expires: Thu, 26 May 2022 06:37:36 GMT

GET
H3-29 200 hot-ones-500x360.jpg
files.theblemish.com/images/2021/05/ 26 KB
27 KB 60ms
57ms Image
image/jpeg 104.21.234.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.theblemish.com/images/2021/05/hot-ones-500x360.jpg
Requested by: Host: theblemish.com
URL: https://theblemish.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.21.234.188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0ea4e9072b69aa477e1ab3c8e3d913f9754d39defcb38a875f1e6c7411227af

Request headers

Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:21 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 12133
cf-ray: 6616ed0cfb5c4e97-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 26480
x-amz-id-2: oiRe30s6JrIueNn7V5oWmkXZD4huuA2zXRWOazdpeixcofAI8AhB5uB4Lpg65GHFfpfsn8/R0R4=
last-modified: Wed, 26 May 2021 06:36:07 GMT
server: cloudflare
etag: "b17ebc4a882984fabf903db55df10b3a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=IREGbY6NVB6M5XcpEPzo6DnNNWYUy%2BGMcjFJePrPaAX4C6E9nofe2yUSCHGX%2FM12XcnUO4jrb4qJbfIvROc8m%2B5YVdmwDYx0399JoH2QUxPMqdPzigAc25HPGLPiZDEBKtY%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: RSNFA5MAN4TF8ZZ1
cache-control: max-age=31536000
cf-request-id: 0ac2327c2300004e976a273000000001
accept-ranges: bytes
content-type: image/jpeg
expires: Thu, 26 May 2022 06:36:06 GMT

GET
H3-29 200 charlie-finger-500x360.jpg
files.theblemish.com/images/2021/05/ 19 KB
19 KB 60ms
57ms Image
image/jpeg 104.21.234.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.theblemish.com/images/2021/05/charlie-finger-500x360.jpg
Requested by: Host: theblemish.com
URL: https://theblemish.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.21.234.188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6f2af177ef71b6c90ff32854d8e9440dad00ac0279e56dc4227e336caaf9f53

Request headers

Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:21 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 12133
cf-ray: 6616ed0cfb614e97-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 19112
x-amz-id-2: KrXNGUHCSPcMfWH3v9M/8s2pfx/dFa1RstBkwuAXEbKBB1yKV7ym83KbUiqqAnqwO4izWgBQEjE=
last-modified: Tue, 25 May 2021 06:23:03 GMT
server: cloudflare
etag: "c99581cb4b63ef53f03d742613272449"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=PHx8XAxq1JN%2BSbeNZ2FhM8L6XJlgU5gTG5lbnYvCtP%2FTo5H%2FNSV0dbBenHdQeCI028YYEzSpjQLuh6aEQ57lNRQDxCez9qnZLbVA4FGhdVUNm543SLBAw1RrFSWn7tFryFc%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: RSN335H5MXFW2RNJ
cache-control: max-age=31536000
cf-request-id: 0ac2327c2300004e9753b21000000001
accept-ranges: bytes
content-type: image/jpeg
expires: Wed, 25 May 2022 06:23:02 GMT

GET
H3-29 200 michael-jackson-500x360.jpg
files.theblemish.com/images/2020/12/ 23 KB
24 KB 64ms
62ms Image
image/jpeg 104.21.234.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.theblemish.com/images/2020/12/michael-jackson-500x360.jpg
Requested by: Host: theblemish.com
URL: https://theblemish.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.21.234.188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a99f96711360ce1b70d0c1b8ecc80e2d5bcd940c679c9d8d279831ba6d2ba3b

Request headers

Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:21 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 12133
cf-ray: 6616ed0cfb634e97-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 23350
x-amz-id-2: jX1K4jskuEY0a9F2xQVmg4C8nvlou5cumYvqWbObqQpTsL+cLmaxqCHXlXq8nhwr64Z/XRWC1u8=
last-modified: Tue, 15 Dec 2020 07:04:36 GMT
server: cloudflare
etag: "35ab25bb5ab0bc28d6f699251aef366d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=JbH82eWfeqkCjSHDKmKHAKeH3COLAlr7JPIU6RrA3LMVqbCzMf9umNSFUpJfhIj4Pk5oWw9YSNyzowV45CEjOIHSTS77S%2F4vxYK2v9KH34mwEGNBMTMexPdCGi4ldJ97NSk%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: RSN972PND3FT5Q8T
cache-control: max-age=31536000
cf-request-id: 0ac2327c2400004e97680de000000001
accept-ranges: bytes
content-type: image/jpeg
expires: Wed, 15 Dec 2021 07:04:35 GMT

GET
H3-29 200 kevin-spacey-500x360.jpg
files.theblemish.com/images/2021/05/ 25 KB
26 KB 67ms
64ms Image
image/jpeg 104.21.234.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.theblemish.com/images/2021/05/kevin-spacey-500x360.jpg
Requested by: Host: theblemish.com
URL: https://theblemish.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.21.234.188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c2fc710a25b74fa2238098619bc7f1e27c6f0e8da295bffccf7284a48e20677

Request headers

Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:21 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 12133
cf-ray: 6616ed0cfb6f4e97-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 25654
x-amz-id-2: 0UYqKE3NIAe1qM5OJPGDTMctSU9m78ad85Htn1jJJqisiavTuYV7g8I3H4adI6Rp6cgaONS8uEs=
last-modified: Tue, 04 May 2021 05:35:52 GMT
server: cloudflare
etag: "8fe77870dbffed6cd8b6175f3608af62"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=oYnskC6gH40%2FzeAkl7q0v8Li200XGLxGu79enOPXkDMpH5Jz2GTAO%2FuTxm5UOgDzXZLsTbE4Xzf3jF9sOOPsOx5GQDCR8hoQc2h7NX%2B9%2FvMoBYj4FdDeqbubvzQvc7s3lq0%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: RSN1Q9WD99XBBQP5
cache-control: max-age=31536000
cf-request-id: 0ac2327c2600004e976a275000000001
accept-ranges: bytes
content-type: image/jpeg
expires: Wed, 04 May 2022 05:35:51 GMT

GET
H3-29 200 marvel-600x600.jpg
files.theblemish.com/images/2020/06/ 21 KB
21 KB 33ms
30ms Image
image/jpeg 104.21.234.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.theblemish.com/images/2020/06/marvel-600x600.jpg
Requested by: Host: theblemish.com
URL: https://theblemish.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.21.234.188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80adc03a59293870e7159d5c7177f1d69bf7bb3785afa7ea44fd162c0907854f

Request headers

Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:21 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 12133
cf-ray: 6616ed0cfb744e97-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 21052
x-amz-id-2: knUXweAzYWqnDdxIIyLTlNmHCoCmOa/dFSsZ7I5iPA1Ye2pde4sRDJa7zt+HF1pM5S/13y7/Tyk=
last-modified: Thu, 04 Jun 2020 06:11:23 GMT
server: cloudflare
etag: "9547a743f343d321dfe9efb7c660a356"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=bKzq8bmZJHKu1Wbqca9ZgVjGinxEARL7LoRsftrS3LtWuTLDYERFja7cPP63syZwSZDfdKU2T%2FgcuAmGExulLtnNoJ83%2BOcq05IqhwusdE9%2B01QjCn4xiLSaSaaibWTt0Mk%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: RSN4V5JTX0K0E5HW
cache-control: max-age=31536000
cf-request-id: 0ac2327c2800004e97b7209000000001
accept-ranges: bytes
content-type: image/jpeg
expires: Fri, 04 Jun 2021 06:11:21 GMT

GET
H3-29 200 rick-morton-600x600.jpg
files.theblemish.com/images/2020/07/ 44 KB
45 KB 67ms
64ms Image
image/jpeg 104.21.234.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.theblemish.com/images/2020/07/rick-morton-600x600.jpg
Requested by: Host: theblemish.com
URL: https://theblemish.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.21.234.188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 725bbf9aa1333c4322ef109062fc72dbeff9eb741f1bedebd6b76b03767ba7b3

Request headers

Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:21 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 12133
cf-ray: 6616ed0cfb764e97-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 45437
x-amz-id-2: F4KdIJX1Af0FJQGAX6Dre4jIlQ/6Igeurh2/jeqv1HSSi5415PN2eR4P3EzlkMxZkXBF6ef72IQ=
last-modified: Mon, 27 Jul 2020 07:33:13 GMT
server: cloudflare
etag: "1d7ebc009bf6f2a81496fdc607cdaffb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=mwR0wQY9n0wTokXt04ORvrUTxgzvShVqm1B68xIfkRReYOslv1Emp%2B4zwj0mehTalNAovAUldMVOM8JT3maxIjzRCFzZU3aM%2FRN04%2F5wETGIK6zPAjqqBXGF1s65OuMXZEk%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: RSNCWX8JPDN3WT6F
cache-control: max-age=31536000
cf-request-id: 0ac2327c2900004e97680df000000001
accept-ranges: bytes
content-type: image/jpeg
expires: Tue, 27 Jul 2021 07:33:11 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 85 KB
30 KB 29ms
6ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js?ver=3.2.1

Requested by

Host: theblemish.com
URL: https://theblemish.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 10:51:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 549474
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30306
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 10:51:27 GMT

GET
H3-29 200 framework.min.js Show response
theblemish.com/wp-content/themes/theblemish/js/ 87 KB
23 KB 27ms
26ms Script
application/javascript 104.21.234.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theblemish.com/wp-content/themes/theblemish/js/framework.min.js?ver=1579849471
Requested by: Host: theblemish.com
URL: https://theblemish.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.21.234.188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94a0d7e15e8dcb75eae2dc3c63a1310ce1352b99ffcf3d676ed22c4ea73f20b2

Request headers

:path: /wp-content/themes/theblemish/js/framework.min.js?ver=1579849471
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: theblemish.com
referer: https://theblemish.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:21 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 19754
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0ac2327bfc00004e977fab0000000001
last-modified: Fri, 24 Jan 2020 07:04:31 GMT
server: cloudflare
etag: W/"5e2a96ff-15ad2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=3k%2BdhzrFH3qwxjplEF0WLNZNEsd%2F6%2BBVm6Qks%2B6pTOxMlhkuJIPwbk2yt3hsWd0GUX0oNHZlAP3Oq6l16M0NJJ8jJCm7P%2FB9eLtruJHHf2XXejE0a13j2E00GLE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=16070400
cf-ray: 6616ed0cca954e97-FRA
expires: Sun, 18 Jul 2021 13:59:34 GMT

GET
H3-29 200 rve.min.js Show response
theblemish.com/wp-content/themes/theblemish/js/ 491 B
892 B 19ms
17ms Script
application/javascript 104.21.234.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theblemish.com/wp-content/themes/theblemish/js/rve.min.js?ver=1558767591
Requested by: Host: theblemish.com
URL: https://theblemish.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.21.234.188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 522e029d31644f5358f3099003b4d545762fc4072b2bbe9a1f79386436645ecd

Request headers

:path: /wp-content/themes/theblemish/js/rve.min.js?ver=1558767591
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: theblemish.com
referer: https://theblemish.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:21 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 19754
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0ac2327bfd00004e975f39c000000001
last-modified: Sat, 25 May 2019 06:59:51 GMT
server: cloudflare
etag: W/"5ce8e7e7-1eb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=7ZIPMUBCxLszWyeZLUcnBvfN8ZHaP0Myco9S5n38jg4JgQDULPP%2FvjgWq7L%2Bq6IRyiB3YFxd0DPcABceyVc6iu4G3aUs7aNIUnb9EOOsh1mHCuWYIetvQeBtMZ8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=16070400
cf-ray: 6616ed0cca974e97-FRA
expires: Sun, 18 Jul 2021 13:59:34 GMT

GET
H3-29

200

58b07fec4121.js Show response
www.instagram.com/static/bundles/es6/EmbedSDK.js/
Redirect Chain

https://platform.instagram.com/en_US/embeds.js
https://www.instagram.com/embed.js
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/58b07fec4121.js

15 KB
5 KB

21ms
6ms

Script
text/javascript

2a03:2880:f21c:81e5:face:b00c:0:4420
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://www.instagram.com/static/bundles/es6/EmbedSDK.js/58b07fec4121.js
Requested by: Host: theblemish.com
URL: https://theblemish.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f21c:81e5:face:b00c:0:4420 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 55e4952be9599ffd0c411a904a954ac984ed919d612ac2c044545a373aebd1f8

Request headers

Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 02:14:35 GMT
content-encoding: br
etag: "58b07fec4121"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
edge-control: max-age=1209600, no-transform
cache-control: public,max-age=31536000,immutable
content-length: 4824
priority: u=3,i

Redirect headers

date: Fri, 18 Jun 2021 19:29:21 GMT
x-fb-trip-id: 1679558926
x-ig-origin-region: ftw
content-type: text/html; charset=utf-8
location: https://www.instagram.com/static/bundles/es6/EmbedSDK.js/58b07fec4121.js
cache-control: max-age=21600
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

GET
H3-29 200 wp-embed.min.js Show response
theblemish.com/wp-includes/js/ 1 KB
1 KB 16ms
14ms Script
application/javascript 104.21.234.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theblemish.com/wp-includes/js/wp-embed.min.js?ver=5.7.2
Requested by: Host: theblemish.com
URL: https://theblemish.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.21.234.188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

:path: /wp-includes/js/wp-embed.min.js?ver=5.7.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: theblemish.com
referer: https://theblemish.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:21 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 19754
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0ac2327bfd00004e97bd048000000001
last-modified: Thu, 04 Feb 2021 03:00:06 GMT
server: cloudflare
etag: W/"601b6336-592"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=4nCVRwn2lcEFoql%2BwczMZEY5czUJanI%2Bx2VQdj9NNiMG6ogcsc96Ud6DlC6fxOYxcgRtDC8jiCufqFC%2BRe6VC4XOG8MjUvSveyQX%2BwIyjiSeofd05tJoW7xfhk0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=16070400
cf-ray: 6616ed0cca984e97-FRA
expires: Sun, 18 Jul 2021 13:59:34 GMT

GET
H2 200 e-202124.js Show response
stats.wp.com/ 9 KB
3 KB 20ms
6ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202124.js
Requested by: Host: theblemish.com
URL: https://theblemish.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2

Request headers

Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT hhn
date: Fri, 18 Jun 2021 19:29:21 GMT
content-encoding: gzip
server: nginx
etag: W/"5c6340e3-350a"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Sun, 05 Jun 2022 22:00:16 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 81 KB
32 KB 20ms
20ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N7PLZB

Requested by

Host: theblemish.com
URL: https://theblemish.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

22961ee557de0d1d28e13069065197ddea6e93cda1e6a23c510577e16d4fdc10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:21 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32332
x-xss-protection: 0
last-modified: Fri, 18 Jun 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 18 Jun 2021 19:29:21 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 94 KB
25 KB 26ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: theblemish.com
URL: https://theblemish.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

388906152967f639b6aa0e48c8cd9b7c536aa9a9484393754cfb6f14b178c8a5

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 24515
x-xss-protection: 0
pragma: public
x-fb-debug: O8sPPXczxwKtUMtmnh2uEnntXacz/p71orn+2XADgrrb3h1wDB5tw1iBWrzKjwJngLtf+fok51gsFVFUTJUn8g==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 18 Jun 2021 19:29:21 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/freakishlyhugemedia-network/ 250 KB
27 KB 47ms
14ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/freakishlyhugemedia-network/loader.js
Requested by: Host: theblemish.com
URL: https://theblemish.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 49d7a304026657a57da93af99940763c1ff9367815338af259b664bffa7325cd

Request headers

Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: wVghJ3zAm2MM0.qBCVMKLIxYLFxaW5AO
content-encoding: gzip
etag: "1db06a2de50dee6f59042da984249943"
age: 31
x-cache: HIT
content-length: 26704
x-amz-id-2: RvJ+Lx6QFLeqFIEKSadal1xLwuhSaUWYgMQL3Xbmu00SzMj8J640I7VObNkbUgV1w0QVQLNTzCY=
x-served-by: cache-fra19151-FRA
last-modified: Thu, 17 Jun 2021 08:49:31 GMT
server: AmazonS3
x-timer: S1624044561.472563,VS0,VE1
date: Fri, 18 Jun 2021 19:29:21 GMT
vary: Accept-Encoding
x-amz-request-id: 8V7TXSW1EKRKZQ95
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 66
x-cache-hits: 1

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 18ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: theblemish.com
URL: https://theblemish.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5f18a3d12978e87ddf0b812311e0262eb2c14b4242104f9cf1240822cb3be0d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: IcihbSeIqiwOZRylCMrGbg==
cross-origin-resource-policy: cross-origin
expires: Fri, 18 Jun 2021 19:37:37 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1780
x-fb-rlafr: 0
x-fb-debug: VXhEAP96bfGWkvnlfeAj9AxeOifcaGO/Qb6J/7M1DcgxNUOXVaMmHXRnUQgFYxYRzQy1glojYnqtNQI2w7jZ1A==
x-fb-trip-id: 686109401
x-fb-content-md5: 424e2c6be23894580d0703c8d822292d
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 18 Jun 2021 19:29:21 GMT
x-frame-options: DENY
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "1182d709c3ea30f4e8e17097d1498395"
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 9ms
7ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans%7COpen+Sans%7CRoboto&ver=5.7.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://theblemish.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 07:18:32 GMT
x-content-type-options: nosniff
age: 562249
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 07:18:32 GMT

GET
H3-29 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.4.0/fonts/ 63 KB
64 KB 34ms
24ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/fonts/fontawesome-webfont.woff2?v=4.4.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css?ver=5.7.2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://theblemish.com
Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css?ver=5.7.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:21 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 632, 617, 617
age: 367745
cdn-cachedat: 2021-06-08 21:28:00
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 64464
cf-request-id: 0ac2327c0d00004ac20593a000000001
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 8c329ee23610da665d214d5d8fbf4e47
accept-ranges: bytes
cf-ray: 6616ed0cec104ac2-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H3-29 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
882 B 6ms
6ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 18:57:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 1912
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
expires: Fri, 18 Jun 2021 19:57:29 GMT

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 74 B
552 B 37ms
15ms XHR
application/json 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 18 Jun 2021 19:29:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://theblemish.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 94
x-xss-protection: 0

GET
H3-29 200 jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v12/ 44 KB
44 KB 21ms
7ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v12/jizaRExUiTo99u79D0KExQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans%7COpen+Sans%7CRoboto&ver=5.7.2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

95dc30d8b40e0bae97c0a41fa52d8d43ef7b66a7de4645c913aa994def62e5dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://theblemish.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 05:40:22 GMT
x-content-type-options: nosniff
age: 568139
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45416
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:09:20 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 05:40:22 GMT

GET
H2 204 /
antenna-us.ayads.co/ 0
40 B 340ms
101ms Image
text/plain 3.229.52.31
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://antenna-us.ayads.co/?src=wf&t=1624044560729.1&ver=20210618102440&device=d&puid=p10666262630631418064&suid=s11246843984374622118&z=3914&gc=0&gm=0&ga=0&gs=0&dlt=0&e=l&tse=1624044561488&et=759&tfz=11&sqid=1&bw=1600&bh=1200
Requested by: Host: theblemish.com
URL: https://theblemish.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 3.229.52.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:21 GMT
server: nginx

GET
H3-29 200 rick-morton.jpg
theblemish.com/images/2020/07/ 89 KB
89 KB 20ms
20ms Image
image/jpeg 104.21.234.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theblemish.com/images/2020/07/rick-morton.jpg
Requested by: Host: theblemish.com
URL: https://theblemish.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.21.234.188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ceb9d170d89a7505ab5a4140701c48c772902393f779f16fe5471ffeb9a9fe97

Request headers

:path: /images/2020/07/rick-morton.jpg
pragma: no-cache
cookie: AMP_TOKEN=%24RETRIEVING
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: theblemish.com
referer: https://theblemish.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:21 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2250
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 90803
cf-request-id: 0ac2327c7700004e97c2ab8000000001
last-modified: Mon, 27 Jul 2020 07:33:07 GMT
server: cloudflare
etag: "5f1e8333-162b3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=2L0Atw1P6e4k4OkzvBRSCH%2FmJoJBz3Ho4BwMPBHuKvNyzhYiYUYACoHlNZ%2BtcQzggKOil%2FypyzYrVq%2FeA4np5NqlNfiLt4kiw%2BvHK0n0qyFIS8L9HB%2BKm3HO5B0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 6616ed0d8cbe4e97-FRA
expires: Sun, 18 Jul 2021 14:04:06 GMT

GET
H3-29 200 quentin-tarantino-1920x1051.jpg
theblemish.com/images/2021/05/ 282 KB
282 KB 273ms
272ms Image
image/jpeg 104.21.234.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theblemish.com/images/2021/05/quentin-tarantino-1920x1051.jpg
Requested by: Host: theblemish.com
URL: https://theblemish.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.21.234.188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c9cadb2fd6b946904811a4b7bca409a091accc12de8ef57133c7a946866a93a

Request headers

:path: /images/2021/05/quentin-tarantino-1920x1051.jpg
pragma: no-cache
cookie: AMP_TOKEN=%24RETRIEVING
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: theblemish.com
referer: https://theblemish.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:21 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 288292
cf-request-id: 0ac2327c7500004e97702d8000000001
last-modified: Mon, 31 May 2021 06:29:49 GMT
server: cloudflare
etag: "60b4825d-46624"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=raIwAkmdpJjJN7rLIZbOI132BaNBBpSCMK0NCmEjwBZR2AuOhbemtddNKNUUzXs0NyiSsNmM16IYtwRpVl4Or%2BANNRl%2BEcoQQBfmYXHZlNP1n5VXPqwmRBJ3taM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 6616ed0d8cc54e97-FRA
expires: Sun, 18 Jul 2021 14:04:06 GMT

GET
H3-29 200 netflix.jpg
theblemish.com/images/2020/10/ 22 KB
23 KB 28ms
27ms Image
image/jpeg 104.21.234.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theblemish.com/images/2020/10/netflix.jpg
Requested by: Host: theblemish.com
URL: https://theblemish.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.21.234.188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5029108fdfe403fa22aa858b05da579017edd567ffdc28b2ed082015dc9bd963

Request headers

:path: /images/2020/10/netflix.jpg
pragma: no-cache
cookie: AMP_TOKEN=%24RETRIEVING
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: theblemish.com
referer: https://theblemish.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:21 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2239
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 22539
cf-request-id: 0ac2327c7500004e97a688a000000001
last-modified: Tue, 20 Oct 2020 06:15:35 GMT
server: cloudflare
etag: "5f8e8087-580b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=iujR7GEJRqNOnd048lBSM96m%2BKswN82weq0Pe0OlDGuM0EL4MPSPzHsbq%2FQ%2Ffp78AI1mtLykiIqiGT8jDx%2B8ZNfyGlCpNtic8mdh7mTXjQaY4gRSyh5ZR%2BAkzX4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 6616ed0d8cc64e97-FRA
expires: Sun, 18 Jul 2021 14:04:12 GMT

GET
H3-29 200 adrian-kickback.jpg
theblemish.com/images/2021/05/ 55 KB
55 KB 174ms
173ms Image
image/jpeg 104.21.234.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theblemish.com/images/2021/05/adrian-kickback.jpg
Requested by: Host: theblemish.com
URL: https://theblemish.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.21.234.188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6811f19b49c31f0c74ed1dc11f9547b96c9b9c9f56ad0d08d6f34eb592e2cec8

Request headers

:path: /images/2021/05/adrian-kickback.jpg
pragma: no-cache
cookie: AMP_TOKEN=%24RETRIEVING
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: theblemish.com
referer: https://theblemish.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:21 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 56146
cf-request-id: 0ac2327c7600004e97af991000000001
last-modified: Mon, 24 May 2021 05:38:14 GMT
server: cloudflare
etag: "60ab3bc6-db52"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Ga7qkUOjmCt8Qtxl%2F6FmGB2kwPiA%2BHYBwAqZQA2PpabKj6a8NqNG2jwF%2BJcER%2BrsKjsoswMcU1LCfUnh0h%2FD70WM4qMp8ypoWhLvIMQ1bXRqpYJB1CukOURLFyk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 6616ed0d8cc84e97-FRA
expires: Sun, 18 Jul 2021 14:20:07 GMT

GET
H3-29 200 sdk.js Show response
connect.facebook.net/en_US/ 246 KB
73 KB 18ms
11ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=b177a41b98f8b10b67ddad026d661601&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

488618d82452e62d29058429fce0232b8b8eabc44b91810899d61ce8afbd0c7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://theblemish.com
Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: fVYJER84Mt50lkmhh5TbqQ==
cross-origin-resource-policy: cross-origin
expires: Sat, 18 Jun 2022 16:52:34 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 74489
x-fb-rlafr: 0
x-fb-debug: Qkyfyes583IromuGY2J1nreNujeq8MZy/IRpzGjIfC0296JJyrmqaUeM6lXp7KIWemhiL8ansLAObtgBaXz5QQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 83b0919a6f656bf6a85c2e02e4509b56
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 18 Jun 2021 19:29:21 GMT
x-frame-options: DENY
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "09f96cd31238c8be5603fb1db4a03281"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H3-29 200 1421934418054765 Show response
connect.facebook.net/signals/config/ 260 KB
74 KB 68ms
56ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1421934418054765?v=2.9.41&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0e62d43b403075d13dec18261becbf55942b6436467904454aeb7b6924f45807

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: LOqYKqJdSPMNOk6+GAEWD6uJlPFvnJ6ajxE6f7uoXrunaaWSjlffWte6b6TMWj7383BJ2LtPgr8OA+wcRKvmBg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 18 Jun 2021 19:29:21 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 publisher:getClientId Show response
ampcid.google.de/v1/ 3 B
481 B 34ms
14ms XHR
application/json 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 18 Jun 2021 19:29:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://theblemish.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 23
x-xss-protection: 0

GET
H2 200 impl.20210616-34-RELEASE.js Show response
cdn.taboola.com/libtrc/ 525 KB
118 KB 14ms
14ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20210616-34-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/freakishlyhugemedia-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 174fa874eee88ffd59d5c9cc7fd064f06e721fad3a156ddb5f4098fd987eb5f9

Request headers

Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: oEJW3jRBb5.jXgPmawDt65uOguNTfUcf
content-encoding: br
etag: "3e4b3c9fa3c276ef324d58abc8c116f8"
age: 10614
x-cache: HIT
content-length: 120041
x-amz-id-2: LRYsbihvW20C96AAi0b7RI3tGIQ1ZEf7MbSY/xNkJcyqIWgyP0lH5eqqpDejSx0cWhioNDIG8dc=
x-served-by: cache-fra19151-FRA
last-modified: Thu, 17 Jun 2021 08:28:41 GMT
server: AmazonS3-br
x-timer: S1624044562.588017,VS0,VE0
date: Fri, 18 Jun 2021 19:29:21 GMT
vary: Accept-Encoding
x-amz-request-id: ZZ3SKDJXCA0HRPC5
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript
abp: 54
x-cache-hits: 23281

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
2 KB 56ms
21ms Script
application/javascript 65.9.77.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/freakishlyhugemedia-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:27:58 GMT
via: 1.1 7f71f5258c6bbee046a26011fbbfa997.cloudfront.net (CloudFront)
etag: "1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 83
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 1469
x-amz-cf-id: dwBoZvyS8xaQ1c5IMnwofSjCfI46DZt2Z7usL4-07rTPsdTqbS0SXg==

GET
H3-29 200 js Show response
www.google-analytics.com/gtm/ 91 KB
36 KB 31ms
31ms Script
application/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-KXGZ2Q5&cid=2056504066.1624044562

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f841f3f16e0f0d066aab6b971b56b3b974310befd13c7edd65bd42d65fb426fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:21 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36817
x-xss-protection: 0
last-modified: Fri, 18 Jun 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 18 Jun 2021 19:29:21 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 20ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=152381051452935&ev=fb_page_view&dl=https%3A%2F%2Ftheblemish.com%2F&rl=&if=false&ts=1624044561601&sw=1600&sh=1200&at=

Requested by

Host: theblemish.com
URL: https://theblemish.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:21 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 18 Jun 2021 19:29:21 GMT

GET
H3-29 200 / Show response
services.bilsyndication.com/uv/ 12 B
448 B 211ms
197ms XHR
application/json 2606:4700:10::6816:1758
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://services.bilsyndication.com/uv/?page_url=https%3A%2F%2Ftheblemish.com%2F&mtk=1002

Requested by

Host: services.bilsyndication.com
URL: https://services.bilsyndication.com/adv1/?d=1002

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1758 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37bd89d0776acdb8565abd79559d140909e68570f7d74a6f0141d21aed4122f4

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 19:29:21 GMT
cf-cache-status: DYNAMIC
last-modified: Fri, 18 Jun 2021 19:29:21 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/json
access-control-allow-origin: https://theblemish.com
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
cf-ray: 6616ed0e1c532484-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 12
cf-request-id: 0ac2327cd0000024848a8f2000000001
expires: on, 01 Jan 1970 00:00:00 GMT

GET
H2 200 dc9f82046a46dabeef900463e6f90ade.js Show response
biltag.bilsyndication.com/v1/1624034661/ 486 KB
113 KB 53ms
42ms Script
application/javascript 2606:4700:10::6816:1758
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://biltag.bilsyndication.com/v1/1624034661/dc9f82046a46dabeef900463e6f90ade.js

Requested by

Host: services.bilsyndication.com
URL: https://services.bilsyndication.com/adv1/?d=1002

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1758 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ffe76b9c3aa881936b6145865d3059e2b35da85af5abbcccd499a98101b41d7

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:21 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
age: 8289
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-xss-protection: 1; mode=block
cache-control: public, max-age=31536000, immutable
cf-ray: 6616ed0e1df04a98-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0ac2327ccf00004a980a294000000001

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 13ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1421934418054765&ev=PageView&dl=https%3A%2F%2Ftheblemish.com%2F&rl=&if=false&ts=1624044561627&sw=1600&sh=1200&v=2.9.41&r=stable&ec=0&o=30&fbp=fb.1.1624044561626.1654757713&it=1624044561529&coo=false&rqm=GET

Requested by

Host: theblemish.com
URL: https://theblemish.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:21 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Fri, 18 Jun 2021 19:29:21 GMT

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1624044561673&ns_c=UTF-8&cv=3.5&c8=The%20Blemish%20%7C%20Entertainment%20News%20%26%20Pictures&c7=https%3A%2F%2Ftheblemish.com%2F&c9=
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1624044561673&ns_c=UTF-8&cv=3.5&c8=The%20Blemish%20%7C%20Entertainment%20News%20%26%20Pictures&c7=https%3A%2F%2Ftheblemish.com%2F&c9=

64 B
330 B

25ms
23ms

Image
image/gif

65.9.77.30
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1624044561673&ns_c=UTF-8&cv=3.5&c8=The%20Blemish%20%7C%20Entertainment%20News%20%26%20Pictures&c7=https%3A%2F%2Ftheblemish.com%2F&c9=
Requested by: Host: theblemish.com
URL: https://theblemish.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:21 GMT
via: 1.1 7f71f5258c6bbee046a26011fbbfa997.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: XwZLeOqlg22aijXl6WcPzXbup0rOXxWDzOgfo83TwUK3ROcwZsoUOQ==

Redirect headers

date: Fri, 18 Jun 2021 19:29:21 GMT
via: 1.1 7f71f5258c6bbee046a26011fbbfa997.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1624044561673&ns_c=UTF-8&cv=3.5&c8=The%20Blemish%20%7C%20Entertainment%20News%20%26%20Pictures&c7=https%3A%2F%2Ftheblemish.com%2F&c9=
content-length: 219
x-amz-cf-id: tX_lW9nLDDR9F1_B4h2e3d_xPcpHowVOY3mA4INIHRZ4pGxcvcmo4g==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
89 B 16ms
15ms XHR
text/plain 2a00:1450:400c:c01::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-305412-1&cid=2056504066.1624044562&jid=1796929436&gjid=1110997252&_gid=35527766.1624044562&_u=aGBAgUIjQAQCAE~&z=1094266576

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c01::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 18 Jun 2021 19:29:21 GMT
content-type: text/plain
access-control-allow-origin: https://theblemish.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=54418423&t=pageview&_s=1&dl=https%3A%2F%2Ftheblemish.com%2F&ul=en-us&de=UTF-8&dt=The%20Blemish%20%7C%20Entertainment%20News%20%26%20Pictures&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgUIjQAQC~&jid=1796929436&gjid=1110997252&cid=2056504066.1624044562&tid=UA-305412-1&_gid=35527766.1624044562&z=607190525

Requested by

Host: theblemish.com
URL: https://theblemish.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 04:05:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 55460
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cmp-v2.0.1.js Show response
assets.bilsyndication.com/plugins/cmptcf2/ 267 KB
67 KB 46ms
43ms Script
application/javascript 2606:4700:10::6816:1758
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bilsyndication.com/plugins/cmptcf2/cmp-v2.0.1.js

Requested by

Host: biltag.bilsyndication.com
URL: https://biltag.bilsyndication.com/v1/1624034661/dc9f82046a46dabeef900463e6f90ade.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1758 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

645c745c972fa286538b481ff3da9a58bf2a8b2fba6b8a195853f6d221a4775e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 457421
cf-polished: origSize=489839
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0ac2327d3600004a98f69b3000000001
x-robots-tag: noindex, nofollow
last-modified: Tue, 29 Dec 2020 02:18:12 GMT
server: cloudflare
etag: W/"5fea91e4-7796f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=16070400
cf-ray: 6616ed0ebfdf4a98-FRA
expires: Sun, 13 Jun 2021 12:55:40 GMT

GET
H2 200 prebid-v5.0.2.js Show response
assets.bilsyndication.com/prebid/default/ 426 KB
119 KB 39ms
37ms Script
application/javascript 2606:4700:10::6816:1758
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bilsyndication.com/prebid/default/prebid-v5.0.2.js

Requested by

Host: biltag.bilsyndication.com
URL: https://biltag.bilsyndication.com/v1/1624034661/dc9f82046a46dabeef900463e6f90ade.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1758 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6bc4e6f0c55cbc68ba0fd9aab0744e80775af694aadb953b184f4098eeafb18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 50340
cf-polished: origSize=436641
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0ac2327d3900004a98eaac2000000001
x-robots-tag: noindex, nofollow
last-modified: Fri, 18 Jun 2021 05:30:15 GMT
server: cloudflare
etag: W/"60cc2f67-6a9a1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=16070400
cf-ray: 6616ed0ebfdd4a98-FRA
expires: Fri, 18 Jun 2021 06:00:21 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 62 KB
21 KB 36ms
14ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: biltag.bilsyndication.com
URL: https://biltag.bilsyndication.com/v1/1624034661/dc9f82046a46dabeef900463e6f90ade.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d823e8134c8e4a9a36dae50e4917c8df3bab3776cfd927a922753eda4a0ff2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "906 / 772 of 1000 / last-modified: 1624040621"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21459
x-xss-protection: 0
expires: Fri, 18 Jun 2021 19:29:21 GMT

GET
H2 200 viPlayer_v45.min.js Show response
assets.bilsyndication.com/plugins/vlPlayer/ 13 KB
5 KB 19ms
17ms Script
application/javascript 2606:4700:10::6816:1758
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bilsyndication.com/plugins/vlPlayer/viPlayer_v45.min.js

Requested by

Host: biltag.bilsyndication.com
URL: https://biltag.bilsyndication.com/v1/1624034661/dc9f82046a46dabeef900463e6f90ade.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1758 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5cce2306a2b7a641280a0e61d53b3cd645edb91d9389edaa2ba961a29337cfc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 351507
cf-ray: 6616ed0ebfd74a98-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0ac2327d3500004a98d2bf1000000001
last-modified: Mon, 14 Jun 2021 17:20:56 GMT
server: cloudflare
etag: W/"60c78ff8-34ff"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=16070400
x-robots-tag: noindex, nofollow
expires: Mon, 14 Jun 2021 18:20:54 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 338 KB
116 KB 37ms
14ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: biltag.bilsyndication.com
URL: https://biltag.bilsyndication.com/v1/1624034661/dc9f82046a46dabeef900463e6f90ade.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

522fcf7edad25c53f9931e20f4900a7e33e7f5063e1296460d9ea8193f22ca7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118727
x-xss-protection: 0
expires: Fri, 18 Jun 2021 19:29:21 GMT

GET
H2 200 sf_host.min.js Show response
assets.bilsyndication.com/plugins/safeframe/src/js/ 38 KB
16 KB 25ms
25ms Script
application/javascript 2606:4700:10::6816:1758
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bilsyndication.com/plugins/safeframe/src/js/sf_host.min.js

Requested by

Host: biltag.bilsyndication.com
URL: https://biltag.bilsyndication.com/v1/1624034661/dc9f82046a46dabeef900463e6f90ade.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1758 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 836517
cf-ray: 6616ed0ebfe14a98-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0ac2327d3700004a980e91d000000001
last-modified: Fri, 01 Nov 2019 05:04:50 GMT
server: cloudflare
etag: W/"5dbbbcf2-9806"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=16070400
x-robots-tag: noindex, nofollow
expires: Wed, 09 Jun 2021 03:37:24 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
522 B 50ms
30ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-305412-1&cid=2056504066.1624044562&jid=1796929436&_u=aGBAgUIjQAQCAE~&z=469432370

Requested by

Host: theblemish.com
URL: https://theblemish.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 19:29:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
522 B 49ms
29ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-305412-1&cid=2056504066.1624044562&jid=1796929436&_u=aGBAgUIjQAQCAE~&z=469432370

Requested by

Host: theblemish.com
URL: https://theblemish.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 19:29:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 g.gif
pixel.wp.com/ 50 B
92 B 7ms
7ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&j=1%3A9.8.1&blog=1067708&post=0&tz=-7&srv=theblemish.com&host=theblemish.com&ref=&fcp=794&rand=0.5449648525015576
Requested by: Host: theblemish.com
URL: https://theblemish.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:21 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2 200 pubads_impl_2021061503.js Show response
securepubads.g.doubleclick.net/gpt/ 325 KB
115 KB 45ms
15ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

sffe /

Resource Hash

408abc3a5bedff37056ecb1ba4872225de8a269ffe9aa04fd8fd38a7e7ec5116

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 15 Jun 2021 21:10:23 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116743
x-xss-protection: 0
expires: Fri, 18 Jun 2021 19:29:21 GMT

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 33ms
13ms XHR
application/json 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20210618

Requested by

Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.0.2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3486818d238010d16d9c1d6903bb298d8720292c158d7a64f8c7aebff3688150

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 18 Jun 2021 19:29:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 16062
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0ac2327ddc0000c28bf9bc3000000001
x-served-by: cache-fra19128-FRA
timing-allow-origin: *
server: cloudflare
etag: W/"698-22moZBR1pQPUcKvIm4V4glal+Pw"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6616ed0fced3c28b-FRA

POST
H2 204 quantumdex Show response
useast.quantumdex.io/auction/ 0
388 B 318ms
296ms XHR
text/plain 2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://useast.quantumdex.io/auction/quantumdex
Requested by: Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.0.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 18 Jun 2021 19:29:22 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST, GET
access-control-allow-origin: https://theblemish.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=R0gb%2BHAwISO%2FMdNCZvU8or4h9Iv4KGi4AMVikLo15h2oYKt%2F4xsw14rWPxcnG0ko1Mybv%2FnSy%2FXgvU4KAvR09vKshR11pPJ9B6G5mcLBBf18Q0Nn8QQgjiuINnTfVCwCDA9GSEF30IV4BsfNAg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 6616ed0feb044a98-FRA
cf-request-id: 0ac2327dee00004a98bf350000000001

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
364 B 331ms
139ms XHR
text/plain 136.144.59.88
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.0.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://theblemish.com
date: Fri, 18 Jun 2021 19:29:21 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 47
vary: origin

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ 114 B
748 B 75ms
32ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2288605cb12a579d%22%3A%22665f3c465456a5c35f02%7C300x250%2C250x250%2C200x200%2C180x150%22%2C%2290a6d794f63659%22%3A%22fef528272cb6e8fca515%7C%22%7D&ref=https%3A%2F%2Ftheblemish.com%2F&s=2f68e1fe-2b79-49b6-b5a3-d419d2e733b8&pv=0466ce1b-ee54-4225-a6fd-04169be222af&vp=desktop&lib_name=prebid&lib_v=5.0.0&us=0&ius=1&gdpr=true&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22interdogmedia.com%22%2C%22sid%22%3A%22138%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0

Requested by

Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.0.2.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

2890ce1f69865912fd6e2e919bb8871e0d055296ef9383c02397053c0223534d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 18 Jun 2021 19:29:21 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-8
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://theblemish.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 139
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs-simple.com/ut/v3/ 19 B
721 B 57ms
20ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs-simple.com/ut/v3/prebid

Requested by

Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.0.2.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 18 Jun 2021 19:29:21 GMT
X-Proxy-Origin: 89.249.64.203; 89.249.64.203; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs-simple.com; 37.252.173.90:80
AN-X-Request-Uuid: 729638e1-3424-47c4-a076-0efcd3aca3dd
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://theblemish.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
176 B 49ms
15ms XHR
text/plain 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.0.2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://theblemish.com
date: Fri, 18 Jun 2021 19:29:21 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

GET
H2

200

ROS Show response
ads.us.e-planning.net/hb/1/2c995/1/theblemish.com/
Redirect Chain

https://ads.us.e-planning.net/pbjs/1/2c995/1/theblemish.com/ROS?rnd=0.20170573135514713&e=300x250_0%3A300x250%2C250x250%2C200x200%2C180x150&ur=https%3A%2F%2Ftheblemish.com%2F&pbv=5.0.0&ncb=1&vs=F&c...
https://ads.us.e-planning.net/hb/1/2c995/1/theblemish.com/ROS?ct=1&r=pbjs&rnd=0.20170573135514713&e=300x250_0%3A300x250%2C250x250%2C200x200%2C180x150&ur=https%3A%2F%2Ftheblemish.com%2F&pbv=5.0.0&nc...

678 B
1 KB

21ms
20ms

XHR
application/json

46.249.52.249
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.us.e-planning.net/hb/1/2c995/1/theblemish.com/ROS?ct=1&r=pbjs&rnd=0.20170573135514713&e=300x250_0%3A300x250%2C250x250%2C200x200%2C180x150&ur=https%3A%2F%2Ftheblemish.com%2F&pbv=5.0.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Ftheblemish.com%2F&gdpr=1&gdprcs=
Requested by: Host: theblemish.com
URL: https://theblemish.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.249.52.249 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software: openresty /
Resource Hash: e75ed7aa9bf46ba055e3654ad03592a5d90fccfb51ba9751cd5f5c8442195eed

Request headers

Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:21 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://theblemish.com
expires: Fri, 18 Jun 2021 19:29:21 GMT
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 678
x-sid: AMS-738

Redirect headers

date: Fri, 18 Jun 2021 19:29:21 GMT
server: openresty
access-control-allow-origin: https://theblemish.com
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location: /hb/1/2c995/1/theblemish.com/ROS?ct=1&r=pbjs&rnd=0.20170573135514713&e=300x250_0%3A300x250%2C250x250%2C200x200%2C180x150&ur=https%3A%2F%2Ftheblemish.com%2F&pbv=5.0.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Ftheblemish.com%2F&gdpr=1&gdprcs=
access-control-allow-credentials: true
content-type: text/html; charset=iso-8859-1
x-sid: AMS-738

POST
H/1.1 200
OK prebid Show response
ib.adnxs-simple.com/ut/v3/ 19 B
722 B 47ms
17ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs-simple.com/ut/v3/prebid

Requested by

Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.0.2.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 18 Jun 2021 19:29:21 GMT
X-Proxy-Origin: 89.249.64.203; 89.249.64.203; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs-simple.com; 37.252.173.211:80
AN-X-Request-Uuid: 3c650c87-aa46-4445-9f52-789eaea3b927
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://theblemish.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
187 B 70ms
22ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.0.0&cb=50926817519
Requested by: Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.0.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://theblemish.com
date: Fri, 18 Jun 2021 19:29:21 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
176 B 36ms
15ms XHR
text/plain 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.0.2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://theblemish.com
date: Fri, 18 Jun 2021 19:29:21 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H/1.1 200
OK prebid Show response
ib.adnxs-simple.com/ut/v3/ 19 B
722 B 55ms
27ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs-simple.com/ut/v3/prebid

Requested by

Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.0.2.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 18 Jun 2021 19:29:21 GMT
X-Proxy-Origin: 89.249.64.203; 89.249.64.203; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs-simple.com; 37.252.172.143:80
AN-X-Request-Uuid: fa46c14d-d665-4fde-83e9-b057e2b925ce
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://theblemish.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs-simple.com/ut/v3/ 19 B
722 B 45ms
16ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs-simple.com/ut/v3/prebid

Requested by

Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.0.2.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 18 Jun 2021 19:29:21 GMT
X-Proxy-Origin: 89.249.64.203; 89.249.64.203; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs-simple.com; 37.252.172.153:80
AN-X-Request-Uuid: 9a61f765-8025-4cff-ae7b-3baa389dd272
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://theblemish.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 quantumdex Show response
useast.quantumdex.io/auction/ 0
646 B 256ms
256ms XHR
text/plain 2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://useast.quantumdex.io/auction/quantumdex
Requested by: Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.0.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 18 Jun 2021 19:29:22 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST, GET
access-control-allow-origin: https://theblemish.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=IopBfjEaqbnGDk1yPsh5RSDxNIEAXVNdob7YR1a1xTB310MXR8Pwg%2BRrnDCRhDqd%2Bpx5z9KFMvNfXmkS5QzXinGUruOnbk1ZXaUnMJyfXaR16%2FrKNeZ31OZKfkLd1pJ1KhtaA8E70ZzaPFzcmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 6616ed0feb094a98-FRA
cf-request-id: 0ac2327def00004a980e933000000001

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
235 B 322ms
153ms XHR
text/plain 136.144.59.88
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.0.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://theblemish.com
date: Fri, 18 Jun 2021 19:29:21 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 60
vary: origin

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
187 B 58ms
22ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.0.0&cb=14955443773
Requested by: Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.0.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://theblemish.com
date: Fri, 18 Jun 2021 19:29:21 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ 116 B
754 B 104ms
63ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2244d850d62ad1ecb%22%3A%22665f3c465456a5c35f02%7C300x250%2C160x600%2C300x600%2C250x250%2C120x600%2C200x200%2C180x150%22%2C%224588657486cc6e4%22%3A%22fef528272cb6e8fca515%7C%22%7D&ref=https%3A%2F%2Ftheblemish.com%2F&s=d77ba5fe-07c8-4120-963a-50d2052faeeb&pv=0466ce1b-ee54-4225-a6fd-04169be222af&vp=desktop&lib_name=prebid&lib_v=5.0.0&us=0&ius=1&gdpr=true&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22interdogmedia.com%22%2C%22sid%22%3A%22138%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0

Requested by

Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.0.2.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

58cb153700a65f215ed40bbba9968a61b9d21b982b2f48ec56c4208ab779f498

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 18 Jun 2021 19:29:22 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://theblemish.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 141
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

ROS Show response
ads.us.e-planning.net/hb/1/2c995/1/theblemish.com/
Redirect Chain

https://ads.us.e-planning.net/pbjs/1/2c995/1/theblemish.com/ROS?rnd=0.20170573135514713&e=300x250_0%3A300x250%2C300x600%2C160x600%2C250x250%2C120x600%2C200x200%2C180x150&ur=https%3A%2F%2Ftheblemish...
https://ads.us.e-planning.net/hb/1/2c995/1/theblemish.com/ROS?ct=1&r=pbjs&rnd=0.20170573135514713&e=300x250_0%3A300x250%2C300x600%2C160x600%2C250x250%2C120x600%2C200x200%2C180x150&ur=https%3A%2F%2F...

678 B
1 KB

20ms
19ms

XHR
application/json

46.249.52.249
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.us.e-planning.net/hb/1/2c995/1/theblemish.com/ROS?ct=1&r=pbjs&rnd=0.20170573135514713&e=300x250_0%3A300x250%2C300x600%2C160x600%2C250x250%2C120x600%2C200x200%2C180x150&ur=https%3A%2F%2Ftheblemish.com%2F&pbv=5.0.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Ftheblemish.com%2F&gdpr=1&gdprcs=
Requested by: Host: theblemish.com
URL: https://theblemish.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.249.52.249 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software: openresty /
Resource Hash: e75ed7aa9bf46ba055e3654ad03592a5d90fccfb51ba9751cd5f5c8442195eed

Request headers

Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:21 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://theblemish.com
expires: Fri, 18 Jun 2021 19:29:21 GMT
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 678
x-sid: AMS-738

Redirect headers

date: Fri, 18 Jun 2021 19:29:21 GMT
server: openresty
access-control-allow-origin: https://theblemish.com
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location: /hb/1/2c995/1/theblemish.com/ROS?ct=1&r=pbjs&rnd=0.20170573135514713&e=300x250_0%3A300x250%2C300x600%2C160x600%2C250x250%2C120x600%2C200x200%2C180x150&ur=https%3A%2F%2Ftheblemish.com%2F&pbv=5.0.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Ftheblemish.com%2F&gdpr=1&gdprcs=
access-control-allow-credentials: true
content-type: text/html; charset=iso-8859-1
x-sid: AMS-738

GET
H2 200 nr-1209.min.js Show response
js-agent.newrelic.com/ 31 KB
12 KB 46ms
14ms Script
application/javascript 151.101.14.110
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1209.min.js
Requested by: Host: theblemish.com
URL: https://theblemish.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1676a8158867ca736ff0a960b9300b8e0e8c016faa2b3211d54d1317213be669

Request headers

Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Ilyf2heqjbcb6UZHMuleD6bz44kdIrhk
content-encoding: gzip
etag: "ceffb14d16467e17c5360bf7880099fa"
x-amz-request-id: 5748RK4XNY0JFAXS
x-cache: HIT
content-length: 11738
x-amz-id-2: Bgz/pgtJbcxVQT1M95LrS9P8w6ydNOlS7rqz4RAI+tM5Ek3RKKQrMB0BxrzJZwT8Jt6pEpDvSuo=
x-served-by: cache-fra19141-FRA
last-modified: Thu, 20 May 2021 23:21:18 GMT
server: AmazonS3
x-timer: S1624044562.060788,VS0,VE0
date: Fri, 18 Jun 2021 19:29:22 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 8669

GET
H/1.1 200
OK deb5462324 Show response
bam.nr-data.net/1/ 57 B
275 B 422ms
106ms Script
text/javascript 162.247.242.21
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/deb5462324?a=260834462&v=1209.f04e2b9&to=NFNUNkIDXUNZVEMMCg0ZYxBZTVpeXFJPSxULRg%3D%3D&rst=1348&ck=1&ref=https://theblemish.com/&ap=43&be=489&fe=1297&dc=1015&perf=%7B%22timing%22:%7B%22of%22:1624044560729,%22n%22:0,%22f%22:236,%22dn%22:237,%22dne%22:237,%22c%22:237,%22s%22:242,%22ce%22:269,%22rq%22:269,%22rp%22:480,%22rpe%22:489,%22dl%22:483,%22di%22:806,%22ds%22:1015,%22de%22:1020,%22dc%22:1296,%22l%22:1296,%22le%22:1297%7D,%22navigation%22:%7B%7D%7D&fp=726&fcp=794&at=GBRXQAoZTk0%3D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1209.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.21 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-9.nr-data.net
Software: /
Resource Hash: d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1

Request headers

Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 57
Content-Type: text/javascript;charset=ISO-8859-1

POST
H3-29 200 /
www.facebook.com/tr/ 0
15 B 6ms
6ms Ping
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryZHBAH0ONmZKawaF8

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Fri, 18 Jun 2021 19:29:22 GMT
content-type: text/plain
access-control-allow-origin: https://theblemish.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

GET
H3-29 200 / Show response
biltag.bilsyndication.com/passbacktarget/1624034661/ Frame B7A2 311 B
541 B 321ms
296ms Script
application/javascript 2606:4700:10::ac43:1faa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://biltag.bilsyndication.com/passbacktarget/1624034661/?t=iframe&pbID=7&d=1002&z=2393&divID=vi_10022393_830&w=300&h=250

Requested by

Host: biltag.bilsyndication.com
URL: https://biltag.bilsyndication.com/v1/1624034661/dc9f82046a46dabeef900463e6f90ade.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:1faa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a58c592039d8db3f52d43540b193f623acb77718ab452f6c0c0341a38b26baa

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:22 GMT
content-encoding: br
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
cf-request-id: 0ac2327f41000005c4489ea000000001
cf-ray: 6616ed120ef005c4-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block

GET
H2 200 /
stats.bilsyndication.com/pi/ Frame B7A2 0
61 B 226ms
224ms Image
image/jpeg 2606:4700:10::6816:1758
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stats.bilsyndication.com/pi/?e=zdNAyPBYrwA-rUAK-PBTq-aZtM-qZywyYKtZUrZRzNhqllwqe0RrNTAAYRmNYBaBRrtNRcsokty_orN
Requested by: Host: biltag.bilsyndication.com
URL: https://biltag.bilsyndication.com/v1/1624034661/dc9f82046a46dabeef900463e6f90ade.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1758 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:22 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/jpeg
cache-control: no-cache, no-store, must-revalidate
cf-ray: 6616ed11d8804a98-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 0
cf-request-id: 0ac2327f2900004a98d5873000000001

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ Frame C742 89 KB
35 KB 28ms
15ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-128776493-30

Requested by

Host: biltag.bilsyndication.com
URL: https://biltag.bilsyndication.com/v1/1624034661/dc9f82046a46dabeef900463e6f90ade.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

80911ae1df2bdbca7c64bc552294247de84c08293020565b269468ec5c3da9f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:22 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36293
x-xss-protection: 0
last-modified: Fri, 18 Jun 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 18 Jun 2021 19:29:22 GMT

GET
H3-29 200 / Show response
biltag.bilsyndication.com/passback/ Frame ECBA 0
331 B 336ms
322ms Script
application/javascript 2606:4700:10::ac43:1faa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://biltag.bilsyndication.com/passback/?t=1624034661&d=1002&z=2417&divID=vi_10022417_430&w=300&h=600

Requested by

Host: biltag.bilsyndication.com
URL: https://biltag.bilsyndication.com/v1/1624034661/dc9f82046a46dabeef900463e6f90ade.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:1faa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:22 GMT
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
cf-request-id: 0ac2327f41000005c496895000000001
accept-ranges: bytes
cf-ray: 6616ed120ef305c4-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 200 /
stats.bilsyndication.com/pi/ Frame ECBA 0
121 B 131ms
131ms Image
image/jpeg 2606:4700:10::6816:1758
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stats.bilsyndication.com/pi/?e=zdNtYyYUtrK-KUtq-PBUy-aeZB-ZTAaaBTZKUYZRzNhqllwqe0RrNTAAYRmNYPTKRrtNRcsokty_orN
Requested by: Host: biltag.bilsyndication.com
URL: https://biltag.bilsyndication.com/v1/1624034661/dc9f82046a46dabeef900463e6f90ade.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1758 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:22 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/jpeg
cache-control: no-cache, no-store, must-revalidate
cf-ray: 6616ed11e8c04a98-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 0
cf-request-id: 0ac2327f3500004a98ae807000000001

GET
H3-29 200 analytics.js Show response
www.google-analytics.com/ Frame C742 48 KB
19 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-128776493-30

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 1845
date: Fri, 18 Jun 2021 18:58:37 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Fri, 18 Jun 2021 20:58:37 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ Frame C742 1 B
21 B 13ms
13ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=2059258970&t=pageview&_s=1&dl=https%3A%2F%2Ftheblemish.com%2F&ul=en-us&de=UTF-8&dt=noBid_theblemish.com_0.00_Default&sd=24-bit&sr=1600x1200&vp=&je=0&cn=0.00&cs=theblemish.com&cm=noBid&cc=Default&_u=QACAAUABAAAAAC~&jid=1155179819&gjid=1976243606&cid=2056504066.1624044562&tid=UA-128776493-30&_gid=35527766.1624044562&_r=1&gtm=2ou6g0&z=1386419844

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 19:29:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://theblemish.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ Frame C742 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=2059258970&t=pageview&_s=2&dl=https%3A%2F%2Ftheblemish.com%2F&ul=en-us&de=UTF-8&dt=noBid_theblemish.com_0.00_Default&sd=24-bit&sr=1600x1200&vp=&je=0&cn=0.00&cs=theblemish.com&cm=noBid&cc=Default&_u=QACAAUABAAAAAC~&jid=&gjid=&cid=2056504066.1624044562&tid=UA-128776493-30&_gid=35527766.1624044562&gtm=2ou6g0&z=1025528055

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 04:05:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 55461
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bn.php Show response
worldstatistics.live/ Frame 8976 498 B
825 B 277ms
253ms Document
text/html 2606:4700:e2::ac40:8127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://worldstatistics.live/bn.php?size=300x250
Requested by: Host: biltag.bilsyndication.com
URL: https://biltag.bilsyndication.com/passbacktarget/1624034661/?t=iframe&pbID=7&d=1002&z=2393&divID=vi_10022393_830&w=300&h=250
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.24
Resource Hash: 30b410b83af8676ba33a86cce11abe9db8e5c660b3ec379502ceb32cc014ccb7

Request headers

:method: GET
:authority: worldstatistics.live
:scheme: https
:path: /bn.php?size=300x250
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://theblemish.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://theblemish.com/

Response headers

date: Fri, 18 Jun 2021 19:29:22 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.3.24
cf-cache-status: DYNAMIC
cf-request-id: 0ac2328085000005e4f3b1c000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=WCJkVdpVRkvgeq3X16WBtC84RnsB8PwD1ITaFuo8PskI3DUF6ctUfgExNdU01k8teWynYd%2Bjjq9NsQIFZ9OLC%2Fn30Mjv8jeBqhdOaVxhwMxZiBHLf3trSQkITt3IVO2LvF5QvWzEitIJAlw%2FvB4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6616ed140bed05e4-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 / Show response
geoworker.ayads.co/ 1 B
278 B 46ms
18ms XHR
text/plain 2606:4700:10::6814:b25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geoworker.ayads.co/
Requested by: Host: ads.ayads.co
URL: https://ads.ayads.co/ajs.php?zid=3914
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:b25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Request headers

Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:22 GMT
server: cloudflare
sublime-worker: true
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cf-ray: 6616ed152ef5dfeb-FRA
content-length: 1
cf-request-id: 0ac232813e0000dfeb680f1000000001

GET
H/1.1 200
OK / Show response
optchk.ayads.co/ 16 B
279 B 147ms
30ms Script
application/javascript 52.48.181.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://optchk.ayads.co/?callback=sublimeOptchk
Requested by: Host: ads.ayads.co
URL: https://ads.ayads.co/ajs.php?zid=3914
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.181.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 49120de5d47bd735b7fe51736fde6bfd75dcdadbe3862c7eff507f27214ad6c2

Request headers

Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Jun 2021 19:29:22 GMT
Server: nginx
Content-Type: application/javascript
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 16
Expires: Sun, 01 Jan 2014 00:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
714 B 45ms
15ms XHR
application/json 185.33.221.13
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.ayads.co
URL: https://ads.ayads.co/ajs.php?zid=3914

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 18 Jun 2021 19:29:22 GMT
X-Proxy-Origin: 89.249.64.203; 89.249.64.203; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.71:80
AN-X-Request-Uuid: f75977ea-52c4-4e35-b48d-4c03fbe58a1a
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://theblemish.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 /
antenna-us.ayads.co/ 0
40 B 102ms
101ms Image
text/plain 3.229.52.31
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://antenna-us.ayads.co/?src=wf&t=1624044560729.1&ver=20210618102440&device=d&puid=p10666262630631418064&suid=s11246843984374622118&z=3914&gc=0&gm=1&ga=1&gs=2&dlt=0&gv=2&e=p&gd&gdv&tse=1624044562774&et=2045&tfz=1297&sqid=2&bw=1600&bh=1200&ph=4746
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 3.229.52.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:22 GMT
server: nginx

GET
H2 204 /
antenna-us.ayads.co/ 0
40 B 102ms
101ms Image
text/plain 3.229.52.31
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://antenna-us.ayads.co/?src=wf&t=1624044560729.1&ver=20210618102440&device=d&puid=p10666262630631418064&suid=s11246843984374622118&z=3914&gc=0&gm=1&ga=1&gs=2&dlt=0&gv=2&a=97979&at=skinz&sspname=sspv3-appnexus3&gcp=0&sspplid=12907471&isssp=1&e=sspc&tse=1624044562774&et=2046&tfz=1297&sqid=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 3.229.52.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:22 GMT
server: nginx

GET
H/1.1 200
OK ac Show response
www8.smartadserver.com/ 0
330 B 67ms
32ms XHR
application/json 185.86.137.114
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://www8.smartadserver.com/ac?siteid=343868&pgid=1201854&fmtid=42281&visit=M&tmstp=1624044562823&out=json&sh=1200&sw=1600&tgt=json%3Bvskinz%3Dtrue%3Bgm%3D0%3Bscreen%3Dlarge%3Blarge_screen%3DTRUE%3Btag%3Dwf%3Bpage_home%3Dtrue%3Bskinz%3Dtrue%3B%7Cskinz-d%3D327%3Bpage_height_num%3D5000%3Bpage_weight%3D110000%3Buser_bandwidth%3D10%3Bpage_loading_speed%3D90&gdpr=1&pgDomain=https%3A%2F%2Ftheblemish.com%2F
Requested by: Host: ads.ayads.co
URL: https://ads.ayads.co/ajs.php?zid=3914
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 19:29:22 GMT
x-smrt-d: 3%3b9%3b128
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://theblemish.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json
content-length: 0

GET
H2 204 /
antenna-us.ayads.co/ 0
40 B 102ms
101ms Image
text/plain 3.229.52.31
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://antenna-us.ayads.co/?src=wf&t=1624044560729.1&ver=20210618102440&device=d&puid=p10666262630631418064&suid=s11246843984374622118&z=3914&gc=0&gm=1&ga=1&gs=2&dlt=0&gv=2&a=97979&at=skinz&sspname=sspv3-appnexus3&gcp=0&sspplid=12907471&isssp=1&e=sspko&sspr=1&rt=53&tse=1624044562825&et=2097&tfz=1348&sqid=4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 3.229.52.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:22 GMT
server: nginx

GET
H2 204 /
antenna-us.ayads.co/ 0
40 B 102ms
101ms Image
text/plain 3.229.52.31
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://antenna-us.ayads.co/?src=wf&t=1624044560729.1&ver=20210618102440&device=d&puid=p10666262630631418064&suid=s11246843984374622118&z=3914&gc=0&gm=1&ga=1&gs=2&dlt=0&gv=2&a=168257&at=skinz&sspname=sspv3-smartadserver&gcp=0&sspplid=343868%7C1201854%7C42281&isssp=1&e=sspc&tse=1624044562826&et=2097&tfz=1349&sqid=5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 3.229.52.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:22 GMT
server: nginx

GET
H2 200 banner300x250.png
worldstatistics.live/img/baner/ Frame 8976 52 KB
53 KB 314ms
12ms Image
image/png 2606:4700:e2::ac40:8127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://worldstatistics.live/img/baner/banner300x250.png
Requested by: Host: worldstatistics.live
URL: https://worldstatistics.live/bn.php?size=300x250
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: edd010405afcf7f11562b847e3295cd2d9d12bcc1c90a30ef6321a38ea4758fe

Request headers

Referer: https://worldstatistics.live/bn.php?size=300x250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:23 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2105961
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 53730
cf-request-id: 0ac23282b9000005e4b300f000000001
pragma: public
last-modified: Tue, 25 May 2021 10:24:41 GMT
server: cloudflare
etag: "60acd069-d1e2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=NBH%2F6B9E6LPJv3F1aHL1olPwghH9KwGDZWVaFVqwNZCXROcN6EPYwCPElY2epAvsi%2F9pQjS3g4GuJe84MnGyHtmhtGKprla5PSaUNJ7Jn4Bu1%2Bbk8cfE2L4CLwCMqNRkPBL%2FoHweqH5s1qHlCZc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 6616ed178cd105e4-FRA
expires: Thu, 24 Jun 2021 10:30:02 GMT

GET
H2 204 /
antenna-us.ayads.co/ 0
40 B 103ms
103ms Image
text/plain 3.229.52.31
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://antenna-us.ayads.co/?src=wf&t=1624044560729.1&ver=20210618102440&device=d&puid=p10666262630631418064&suid=s11246843984374622118&z=3914&gc=0&gm=1&ga=1&gs=2&dlt=0&gv=2&a=168257&at=skinz&sspname=sspv3-smartadserver&gcp=0&sspplid=343868%7C1201854%7C42281&isssp=1&e=sspko&sspr=1&rt=70&tse=1624044562894&et=2166&tfz=1417&sqid=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 3.229.52.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:22 GMT
server: nginx

GET
H2 204 /
antenna-us.ayads.co/ 0
40 B 103ms
102ms Image
text/plain 3.229.52.31
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://antenna-us.ayads.co/?src=wf&t=1624044560729.1&ver=20210618102440&device=d&puid=p10666262630631418064&suid=s11246843984374622118&z=3914&gc=0&gm=1&ga=1&gs=2&dlt=0&gv=2&a=168257&at=skinz&sspname=sspv3-smartadserver&gcp=0&e=ipb&tse=1624044562895&et=2166&tfz=1418&sqid=7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 3.229.52.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:22 GMT
server: nginx

GET
H2 200 publishertag.prebid.105.js Show response
static.criteo.net/js/ld/ 80 KB
26 KB 44ms
15ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.105.js
Requested by: Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.0.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 83bcdfa5df8e5f84aa8715b0aefb06e9909b30290843475a0ecc6887650f811f

Request headers

Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:23 GMT
content-encoding: gzip
last-modified: Tue, 23 Feb 2021 11:00:30 GMT
server: nginx
etag: W/"6034e04e-14008"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 19 Jun 2021 19:29:23 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame CACC 2 KB
2 KB 44ms
15ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=theblemish.com&gdpr=1&gdpr_consent=

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.105.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

7512ae62108af074eaa90622e9df04625f120ecf4a909443fa6dc1a2b071c7a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?topUrl=theblemish.com&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://theblemish.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://theblemish.com/

Response headers

cache-control: private, max-age=0
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 1624
set-cookie: uid=f92da297-278f-4c81-ab05-c21fe8fae6fb; expires=Sat, 18 Jun 2022 19:29:23 GMT; domain=.criteo.com; path=/; secure; samesite=none
date: Fri, 18 Jun 2021 19:29:23 GMT
content-length: 1129

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 83 KB
27 KB 66ms
40ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.105.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: a98e1f08dd27c121a337ddc31691d4044f56ae83301b574728548b78d3068d3b

Request headers

Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:24 GMT
content-encoding: gzip
last-modified: Wed, 02 Jun 2021 14:09:58 GMT
server: nginx
etag: W/"60b79136-14aab"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 19 Jun 2021 19:29:24 GMT

GET
H2 200 / Show response
spl.zeotap.com/ Frame 2560 8 KB
2 KB 56ms
39ms Document
text/html 2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by: Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.0.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb6e6938b0a72e9d1d13c194783866c674f8d7c8af0703f5c8459512993d4017

Request headers

:method: GET
:authority: spl.zeotap.com
:scheme: https
:path: /?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://theblemish.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://theblemish.com/

Response headers

date: Fri, 18 Jun 2021 19:29:25 GMT
content-type: text/html
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://theblemish.com
set-cookie: zc=c292db97-5755-4c20-4c50-899d0570d592; Path=/; Domain=.zeotap.com; Max-Age=31536000; SameSite=None; Secure zsc=%AEd%86%C7%D1u%DA0%D3%2C%7BL%0A-%E2n%28U%99%26F%05n%D7g%EB%B1%19%10%8FW%8B%DB1%A3%C4%EC2%A3%8E%85+84%2B%CAN%7C%22%0D%C5%7B%A9fAHB%E6%8BP%3D%FEf%87%FBH%85_c%C3f%BD%A7%F3KS%C8%1E%BA%8B3gh%F9%92%D9%99Z%9F%BEI%9A%DCC%85%D5%84%9F%2B%0C%E5%08W%CD%93Q%D0%23%25x%C2%E55%3Fl%DD%A0%90%0C%CC%BCA%1BA%7D%9D%AFww%81%B3X%F6H%22%E0u%A0%ED%B0%3A%5Cu-%0BEh%80%FF%5C%FA%DE%EA%04%1A%FF%15S%FE%D6%93%24%9Ae%F1%80%7B%810; Path=/; Domain=.zeotap.com; Max-Age=86400; SameSite=None; Secure
vary: Origin
via: 1.1 google
cf-cache-status: DYNAMIC
cf-request-id: 0ac2328af500002bd6651f1000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6616ed24bf802bd6-FRA
content-encoding: br

GET
H2 200 / Show response
spl.zeotap.com/ Frame F8C0 8 KB
2 KB 54ms
38ms Document
text/html 2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by: Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.0.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8cc7e8c8280c4d552097ec009bef41e01f2b7ca14ec49525aec1297b3dc83b6

Request headers

:method: GET
:authority: spl.zeotap.com
:scheme: https
:path: /?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://theblemish.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://theblemish.com/

Response headers

date: Fri, 18 Jun 2021 19:29:25 GMT
content-type: text/html
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://theblemish.com
set-cookie: zc=50480bb1-d6ad-4b96-6149-d9320f3f5448; Path=/; Domain=.zeotap.com; Max-Age=31536000; SameSite=None; Secure zsc=%CF%94%8D%29%AD%07U%C6%24%CB%F0%12%14%87-q%87j%DD%23%01z%F2%1E%89%0D%EA%04%82%1D%19%EF%D4%8BN%995%1D%F1%21%1F%08%93%D79a%C4%1A%97%25%F5r%CB%E0%7D%18%F2%FF%E1DJXb0%01m0%EE%D2%91%8DU%97%03%E5%C6%AE%F7%DB%9F%9F3%5D%04%8Dm%5C%9E%8C%DA%1D+%5DM%F3%3D%FEiz%02%C7%E6%03%DA%D9%E1X%AD%3A%3F%CC%C0%A8%C7%5C%CD%AA%AE%94U+%EBR%12%C1%93%A0%DA%E7%9D-%E9T%A4%11U%24%5B%E6M%87%EF.%D2%DE%BB%96%CB%FF%01J%A5%F11%7B%B1%11y6%99%954Y%0A.%B1%A1%93T; Path=/; Domain=.zeotap.com; Max-Age=86400; SameSite=None; Secure
vary: Origin
via: 1.1 google
cf-cache-status: DYNAMIC
cf-request-id: 0ac2328af500002bd634a6a000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6616ed24bf862bd6-FRA
content-encoding: br

GET
H2 200 quantumdex Show response
sync.quantumdex.io/usersync/ Frame A08B 4 KB
1 KB 141ms
132ms Document
text/html 2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.quantumdex.io/usersync/quantumdex
Requested by: Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.0.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6cf1b04061e9335ff0e576fce7e8da44b2933cc67ff073dfbab250f4ba0d81b9

Request headers

:method: GET
:authority: sync.quantumdex.io
:scheme: https
:path: /usersync/quantumdex
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://theblemish.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://theblemish.com/

Response headers

date: Fri, 18 Jun 2021 19:29:25 GMT
content-type: text/html
set-cookie: uid=c78a03f1-fdb7-422e-861a-b4953a7b78db; expires=Thu, 08 Jul 2021 19:29:25 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status: DYNAMIC
cf-request-id: 0ac2328aee00004a98a7896000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=RKcz44oDEgr7QiAOydCRJJ%2BlhPEKCAIJ3tEjBFrjj7FssCX1a%2BbHrxkNO%2F%2B1vE%2B4GM6ixfAjWbT43O%2B4rzLUYDCHUkBSgJqxBOeyxmYxh1vlX64LBst%2FXpr6spCyXP535vCt%2BXX5s974tlw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6616ed24aa914a98-FRA
content-encoding: br

GET
H2 200 quantumdex Show response
sync.quantumdex.io/usersync/ Frame 5634 4 KB
1 KB 138ms
130ms Document
text/html 2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.quantumdex.io/usersync/quantumdex
Requested by: Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v5.0.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1df44e19df29dcd5ada4400f421249d94f929320d9cd276d5560d74bb79d9993

Request headers

:method: GET
:authority: sync.quantumdex.io
:scheme: https
:path: /usersync/quantumdex
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://theblemish.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://theblemish.com/

Response headers

date: Fri, 18 Jun 2021 19:29:25 GMT
content-type: text/html
set-cookie: uid=c7b1daed-9745-4407-befd-9f0398452be9; expires=Thu, 08 Jul 2021 19:29:25 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status: DYNAMIC
cf-request-id: 0ac2328aee00004a98e58b6000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=XyrfuEdDZXNPndhK7fatC8ie119VX7GNMzHlmTLjgprxHxIVxBLuDYHIVuG7%2B18gFdpxicbvO6DEc1HOZzhI12tRyL7b5PafkENPSugbg4xmhwkYytJJzxHKL9RkbVaFwaNV%2BVbkuSZeDiI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6616ed24ba944a98-FRA
content-encoding: br

GET
H2

200

um
u-ams02.e-planning.net/
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3c01f1a5a54da346%26fi%3D0e86ce90c24d1a37%26uid%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3c01f1a5a54da346%26fi%3D0e86ce90c24d1a37%26uid%3D%24UID&sovrn_retry=true
https://u-ams02.e-planning.net/um?dc=3c01f1a5a54da346&fi=0e86ce90c24d1a37&uid=e178fe267763ef61eaca8b90

42 B
103 B

47ms
16ms

Image
image/gif

46.249.52.249
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-ams02.e-planning.net/um?dc=3c01f1a5a54da346&fi=0e86ce90c24d1a37&uid=e178fe267763ef61eaca8b90
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.249.52.249 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:25 GMT
server: openresty
content-type: image/gif

Redirect headers

Date: Fri, 18 Jun 2021 19:29:25 GMT
Server: nginx
Location: https://u-ams02.e-planning.net/um?dc=3c01f1a5a54da346&fi=0e86ce90c24d1a37&uid=e178fe267763ef61eaca8b90
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2

200

um
u-ams02.e-planning.net/
Redirect Chain

https://ufo.approximity.com/mu?td=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Daa770806b4a66cf5%26fi%3D0e86ce90c24d1a37
https://u-ams02.e-planning.net/um?dc=aa770806b4a66cf5&fi=0e86ce90c24d1a37&uid=020000000EF4CC60A424EF4802ADF360

42 B
104 B

51ms
15ms

Image
image/gif

46.249.52.249
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-ams02.e-planning.net/um?dc=aa770806b4a66cf5&fi=0e86ce90c24d1a37&uid=020000000EF4CC60A424EF4802ADF360
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.249.52.249 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:25 GMT
server: openresty
content-type: image/gif

Redirect headers

location: https://u-ams02.e-planning.net/um?dc=aa770806b4a66cf5&fi=0e86ce90c24d1a37&uid=020000000EF4CC60A424EF4802ADF360
date: Fri, 18 Jun 2021 19:29:18 GMT
server: nginx/1.20.1
content-type: text/html
content-length: 145
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"

GET
H2

200

um
sync.e-planning.net/
Redirect Chain

https://sync.1rx.io/usersync2/eplanning
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7122903252
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7122903252
https://sync.1rx.io/usersync/tradedesk/82568308-ad07-4688-b08a-9a5be29b3e97
https://sync.targeting.unrulymedia.com/csync/RX-6e996ce1-c177-4402-a4b1-fb3c5abb1dd4-003?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3DRX-6e996ce1-c177-4402-a4b1-fb3c5abb1dd4-003%26dc%3D1079...
https://sync.e-planning.net/um?uid=RX-6e996ce1-c177-4402-a4b1-fb3c5abb1dd4-003&dc=1079cc634ca638f8&iss=1

42 B
103 B

20ms
18ms

Image
image/gif

46.249.52.249
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.e-planning.net/um?uid=RX-6e996ce1-c177-4402-a4b1-fb3c5abb1dd4-003&dc=1079cc634ca638f8&iss=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.249.52.249 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:25 GMT
server: openresty
content-type: image/gif

Redirect headers

location: https://sync.e-planning.net/um?uid=RX-6e996ce1-c177-4402-a4b1-fb3c5abb1dd4-003&dc=1079cc634ca638f8&iss=1
date: Fri, 18 Jun 2021 19:29:25 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX6e996ce1c1774402a4b1fb3c5abb1dd4003
content-type: text/html

GET
H/1.1 400
Request failed due to privacy signals getuid
ib.adnxs.com/ Frame F8C0 0
0 14ms
13ms Image
text/html 185.33.221.13
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=50480bb1-d6ad-4b96-6149-d9320f3f5448&reqId=df43fcd6-95c8-49a7-7ff7-41aed9c0fc3a&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2

200

mw
mwzeom.zeotap.com/ Frame F8C0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=50480bb1-d6ad-4b96-6149-d9320f3f5448&reqId=df43fcd6-95c8-49a7-7f...
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=50480bb1-d6ad-4b96-6149-d9320f3f5448&reqId=df43fcd6-95c8-49a7-7...
https://mwzeom.zeotap.com/mw?google_gid=CAESENzZhXJNKcgKWt7ZCzwGG-U&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=50480bb1-d6ad-4b96-6149-d9320f3f5448&reqId=df43fc...

95 B
178 B

32ms
31ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?google_gid=CAESENzZhXJNKcgKWt7ZCzwGG-U&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=50480bb1-d6ad-4b96-6149-d9320f3f5448&reqId=df43fcd6-95c8-49a7-7ff7-41aed9c0fc3a&zdid=1361
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:25 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6616ed2579412bd6-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 0ac2328b6900002bd60fa39000000001

Redirect headers

pragma: no-cache
date: Fri, 18 Jun 2021 19:29:25 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://mwzeom.zeotap.com/mw?google_gid=CAESENzZhXJNKcgKWt7ZCzwGG-U&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=50480bb1-d6ad-4b96-6149-d9320f3f5448&reqId=df43fcd6-95c8-49a7-7ff7-41aed9c0fc3a&zdid=1361
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 470
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame F8C0
Redirect Chain

https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
https://mwzeom.zeotap.com/mw?cid=826cf9dc-990e-4153-afc8-aa345432b3db&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=50480bb1-d6ad-4b96-6149-d9320f3f5448&reqId=df43fcd6-95c8-49a7...

95 B
178 B

45ms
43ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=826cf9dc-990e-4153-afc8-aa345432b3db&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=50480bb1-d6ad-4b96-6149-d9320f3f5448&reqId=df43fcd6-95c8-49a7-7ff7-41aed9c0fc3a&zdid=1361
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:25 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6616ed2559022bd6-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 0ac2328b5c00002bd6182b0000000001

Redirect headers

date: Fri, 18 Jun 2021 19:29:25 GMT
via: 1.1 google
server: Jetty(9.4.36.v20210114)
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://mwzeom.zeotap.com/mw?cid=826cf9dc-990e-4153-afc8-aa345432b3db&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=50480bb1-d6ad-4b96-6149-d9320f3f5448&reqId=df43fcd6-95c8-49a7-7ff7-41aed9c0fc3a&zdid=1361
alt-svc: clear
content-length: 0

GET
H2 403 /
dmp.adform.net/serving/cookie/match/ Frame F8C0 0
331 B 89ms
27ms Image
text/plain 37.157.2.238
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=50480bb1-d6ad-4b96-6149-d9320f3f5448&reqId=df43fcd6-95c8-49a7-7ff7-41aed9c0fc3a&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 19:29:25 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

mw
mwzeom.zeotap.com/ Frame F8C0
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D50480bb1-d6ad-4b96-6149-d9320f3f5448%26reqId%3Dd...
https://match.adsrvr.org/track/cmb/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D50480bb1-d6ad-4b96-6149-d9320f3f5448%26reqId%3Dd...
https://mwzeom.zeotap.com/mw?cid=82568308-ad07-4688-b08a-9a5be29b3e97&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=50480bb1-d6ad-4b96-6149-d9320f3f5448&reqId=df43fcd6-95c8-49a7...

95 B
178 B

40ms
39ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=82568308-ad07-4688-b08a-9a5be29b3e97&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=50480bb1-d6ad-4b96-6149-d9320f3f5448&reqId=df43fcd6-95c8-49a7-7ff7-41aed9c0fc3a&zdid=1361
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:25 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6616ed25d9e82bd6-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 0ac2328ba600002bd6061bd000000001

Redirect headers

pragma: no-cache
date: Fri, 18 Jun 2021 19:29:25 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://mwzeom.zeotap.com/mw?cid=82568308-ad07-4688-b08a-9a5be29b3e97&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=50480bb1-d6ad-4b96-6149-d9320f3f5448&reqId=df43fcd6-95c8-49a7-7ff7-41aed9c0fc3a&zdid=1361
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 481

GET
H2 200 cm
trc.taboola.com/sg/zeotap/1/ Frame F8C0 0
161 B 35ms
15ms Image
text/plain 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=50480bb1-d6ad-4b96-6149-d9320f3f5448&reqId=df43fcd6-95c8-49a7-7ff7-41aed9c0fc3a&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 8
date: Fri, 18 Jun 2021 19:29:25 GMT
via: 1.1 varnish
server: nginx
x-timer: S1624044565.306887,VS0,VE8
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-hhn11572-HHN

GET
H/1.1 200
OK u
dmp.v.fwmrm.net/ad/ Frame F8C0 0
411 B 402ms
95ms Image
text/html 2600:1f18:6593:f602:82a0:df8e:67ea:6e72
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:6593:f602:82a0:df8e:67ea:6e72 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Jun 2021 19:29:25 GMT
P3P: policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control: no-store
Connection: keep-alive
Content-Type: text/html
Keep-Alive: timeout=300
Content-Length: 0
Expires: 0

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame F8C0 0
41 B 77ms
21ms Image
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D50480bb1-d6ad-4b96-6149-d9320f3f5448%26reqId%3Ddf43fcd6-95c8-49a7-7ff7-41aed9c0fc3a%26zdid%3D1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:25 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

200

mw
mwzeom.zeotap.com/ Frame F8C0
Redirect Chain

https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=50480bb1-d6ad-4b96-6149-d9320f3f5448&reqId=df43fcd6-95c8-49a7-7ff7-41aed9c0fc3a&zdid=1361
https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=50480bb1-d6ad-4b96-6149-d9320f3f5448&reqId=df43fcd6-95c8-49a7-7ff7-41aed9c0fc3a&zdid=136...
https://mwzeom.zeotap.com/mw?cid=f8e3050f-278e-4a12-a87d-79caa8c9b309&zpartnerid=317&gdpr=1&gdpr_consent=

95 B
178 B

34ms
33ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=f8e3050f-278e-4a12-a87d-79caa8c9b309&zpartnerid=317&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:25 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6616ed260a542bd6-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 0ac2328bc900002bd6012d4000000001

Redirect headers

pragma: no-cache
date: Fri, 18 Jun 2021 19:29:25 GMT
server: Apache-Coyote/1.1
location: https://mwzeom.zeotap.com/mw?cid=f8e3050f-278e-4a12-a87d-79caa8c9b309&zpartnerid=317&gdpr=1&gdpr_consent=
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
x-xss-protection: 1; mode=block
expires: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame F8C0
Redirect Chain

https://dpm.demdex.net/ibs:dpid=199624&dpuuid=50480bb1-d6ad-4b96-6149-d9320f3f5448&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=50480bb1-d6ad-4b96-6149-d9320f3f5448&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
https://mwzeom.zeotap.com/mw?cid=28254230488440678173683730893007832478&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=50480bb1-d6ad-4b96-6149-d9320f3f5448&reqId=df43fcd6-95c8-...

95 B
178 B

50ms
49ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=28254230488440678173683730893007832478&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=50480bb1-d6ad-4b96-6149-d9320f3f5448&reqId=df43fcd6-95c8-49a7-7ff7-41aed9c0fc3a&zdid=1361
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:25 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6616ed260a582bd6-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 0ac2328bc800002bd6288e5000000001

Redirect headers

DCS: dcs-prod-irl1-1-v009-0eadd1b2c.edge-irl1.demdex.com 6.3.0.20210616085605
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 6qEezWeUQXI=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://mwzeom.zeotap.com/mw?cid=28254230488440678173683730893007832478&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=50480bb1-d6ad-4b96-6149-d9320f3f5448&reqId=df43fcd6-95c8-49a7-7ff7-41aed9c0fc3a&zdid=1361
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 204 /
loadeu.exelator.com/load/ Frame F8C0 0
324 B 108ms
34ms Image
text/plain 54.78.254.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=50480bb1-d6ad-4b96-6149-d9320f3f5448&reqId=df43fcd6-95c8-49a7-7ff7-41aed9c0fc3a&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:25 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET
H2

200

mw
mwzeom.zeotap.com/ Frame F8C0
Redirect Chain

https://bn01.er.bemail.it/zeotap.php?_bid=50480bb1-d6ad-4b96-6149-d9320f3f5448&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=50480bb1-d6ad-4b96-6149-d9320f3f5448&reqId=df43fcd6-...
https://mwzeom.zeotap.com/mw?cid=BE1-2021061821-15717-0.593412001624044563-f605ad9fc8df66fad0100b3c9cbc3ded&zdid=533&env=mWeb

95 B
178 B

42ms
42ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=BE1-2021061821-15717-0.593412001624044563-f605ad9fc8df66fad0100b3c9cbc3ded&zdid=533&env=mWeb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:25 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6616ed25fa272bd6-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 0ac2328bbb00002bd646bff000000001

Redirect headers

Location: https://mwzeom.zeotap.com/mw?cid=BE1-2021061821-15717-0.593412001624044563-f605ad9fc8df66fad0100b3c9cbc3ded&zdid=533&env=mWeb
Date: Fri, 18 Jun 2021 19:29:23 GMT
Server: nginx/1.10.2
Connection: keep-alive
X-Powered-By: PHP/5.4.16
Transfer-Encoding: chunked
Content-Type: text/html

GET
H2

200

mw
mwzeom.zeotap.com/ Frame F8C0
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
https://mwzeom.zeotap.com/mw?cid=6975218293929932944&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=50480bb1-d6ad-4b96-6149-d9320f3f5448&reqId=df43fcd6-95c8-49a7-7ff7-...

95 B
251 B

39ms
39ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=6975218293929932944&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=50480bb1-d6ad-4b96-6149-d9320f3f5448&reqId=df43fcd6-95c8-49a7-7ff7-41aed9c0fc3a&zdid=1361
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:25 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6616ed25ea012bd6-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 0ac2328baf00002bd65abe5000000001

Redirect headers

Location: https://mwzeom.zeotap.com/mw?cid=6975218293929932944&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=50480bb1-d6ad-4b96-6149-d9320f3f5448&reqId=df43fcd6-95c8-49a7-7ff7-41aed9c0fc3a&zdid=1361
Date: Fri, 18 Jun 2021 19:29:25 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2 200 receive
pixel.tapad.com/idsync/ex/ Frame F8C0 95 B
415 B 18ms
15ms Image
image/png 35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=50480bb1-d6ad-4b96-6149-d9320f3f5448

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Jetty(9.4.36.v20210114) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:25 GMT
via: 1.1 google
server: Jetty(9.4.36.v20210114)
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/png
alt-svc: clear
content-length: 95

GET
H2

200

mw
mwzeom.zeotap.com/ Frame F8C0
Redirect Chain

https://idsync.frontend.weborama.fr/ids?key=zeotap&value=50480bb1-d6ad-4b96-6149-d9320f3f5448&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
https://idsync.frontend.weborama.fr/ids?key=zeotap&value=50480bb1-d6ad-4b96-6149-d9320f3f5448&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
https://mwzeom.zeotap.com/mw?webouuid=9eNMxK4vPTKN/BcpgvzHQe&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=50480bb1-d6ad-4b96-6149-d9320f3f5448&reqId=df43fcd6-95c8-49...

95 B
257 B

32ms
31ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?webouuid=9eNMxK4vPTKN/BcpgvzHQe&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=50480bb1-d6ad-4b96-6149-d9320f3f5448&reqId=df43fcd6-95c8-49a7-7ff7-41aed9c0fc3a&zdid=1361
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:25 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6616ed277d452bd6-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 0ac2328ca700002bd6daa5c000000001

Redirect headers

pragma: no-cache
date: Fri, 18 Jun 2021 19:29:25 GMT
via: 1.1 google
last-modified: Fri, 18 Jun 2021 19:29:25 GMT
server: nginx/1.12.0
location: https://mwzeom.zeotap.com/mw?webouuid=9eNMxK4vPTKN/BcpgvzHQe&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=50480bb1-d6ad-4b96-6149-d9320f3f5448&reqId=df43fcd6-95c8-49a7-7ff7-41aed9c0fc3a&zdid=1361
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: clear
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 200 2.gif
dmp.theadex.com/d/949/i/ Frame F8C0 36 B
378 B 3062ms
15ms Image
image/gif 89.163.159.103
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=50480bb1-d6ad-4b96-6149-d9320f3f5448&axd_pid=175
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 89.163.159.103 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx /
Resource Hash: 204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 19:29:28 GMT
server: nginx
p3p: CP="CAO PSAa PSDa IVAa IVDa OUR UNI COM NAV"
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
content-length: 36
expires: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame F8C0
Redirect Chain

https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=50480bb1-d6ad-4b96-6149-d9320f3f5448?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_con...
https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=50480bb1-d6ad-4b96-6149-d9320f3f5448?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdp...
https://mwzeom.zeotap.com/mw?pid=b8591f9075019083ed62639cc030944f&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=50480bb1-d6ad-4b96-6149-d9320f3f5448&reqId=df43fcd6-95...

95 B
178 B

42ms
42ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?pid=b8591f9075019083ed62639cc030944f&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=50480bb1-d6ad-4b96-6149-d9320f3f5448&reqId=df43fcd6-95c8-49a7-7ff7-41aed9c0fc3a&zdid=1361
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:28 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6616ed398f482bd6-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 0ac23297f700002bd628a12000000001

Redirect headers

pragma: no-cache
date: Fri, 18 Jun 2021 19:29:28 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://mwzeom.zeotap.com/mw?pid=b8591f9075019083ed62639cc030944f&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=50480bb1-d6ad-4b96-6149-d9320f3f5448&reqId=df43fcd6-95c8-49a7-7ff7-41aed9c0fc3a&zdid=1361
cache-control: no-cache
x-server: 10.45.10.144
content-length: 0
expires: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame F8C0
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
https://mwzeom.zeotap.com/mw?cid=y-DAEoo3VE2opRnwlYvHDvlOUJcxA8ykXIVw--~A&zpartnerid=570&env=mWeb

95 B
201 B

40ms
40ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=y-DAEoo3VE2opRnwlYvHDvlOUJcxA8ykXIVw--~A&zpartnerid=570&env=mWeb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:28 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6616ed396ee12bd6-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 0ac23297df00002bd65d1f8000000001

Redirect headers

date: Fri, 18 Jun 2021 19:29:28 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: text/html;charset=utf-8
location: https://mwzeom.zeotap.com/mw?cid=y-DAEoo3VE2opRnwlYvHDvlOUJcxA8ykXIVw--~A&zpartnerid=570&env=mWeb
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000
content-length: 0
x-content-type-options: nosniff

GET
H2

200

mw
mwzeom.zeotap.com/ Frame F8C0
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=50480bb1-d6ad-4b96-6149-d9320f3f5448&reqId=df43fcd6-95c8-49a7-7ff7-41aed9c0fc3a&zd...
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=cKLyBD%2BMDtTX2C%2FKgfruWTOr%2Ft%2Fu9Sjx%2BS41iYitP1U%3D

95 B
178 B

42ms
42ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=cKLyBD%2BMDtTX2C%2FKgfruWTOr%2Ft%2Fu9Sjx%2BS41iYitP1U%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:28 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6616ed396f022bd6-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 0ac23297e500002bd65005b000000001

Redirect headers

pragma: no-cache
date: Fri, 18 Jun 2021 19:29:28 GMT
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=cKLyBD%2BMDtTX2C%2FKgfruWTOr%2Ft%2Fu9Sjx%2BS41iYitP1U%3D
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H2 200 v2
odr.mookie1.com/t/ Frame F8C0 43 B
106 B 1053ms
15ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=50480bb1-d6ad-4b96-6149-d9320f3f5448&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=50480bb1-d6ad-4b96-6149-d9320f3f5448&reqId=df43fcd6-95c8-49a7-7ff7-41aed9c0fc3a&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 19:29:26 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame F8C0 0
337 B 610ms
29ms Image
text/plain 34.246.41.247
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=50480bb1-d6ad-4b96-6149-d9320f3f5448&reqId=df43fcd6-95c8-49a7-7ff7-41aed9c0fc3a&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.41.247 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:26 GMT
cache-control: private, no-cache, no-store
x-request-time: D=52 t=1624044566
x-served-by: beacon-n012-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 /
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame F8C0 95 B
360 B 59ms
14ms Image
image/png 168.119.149.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=50480bb1-d6ad-4b96-6149-d9320f3f5448&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=50480bb1-d6ad-4b96-6149-d9320f3f5448&reqId=df43fcd6-95c8-49a7-7ff7-41aed9c0fc3a&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 168.119.149.178 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.178.149.119.168.clients.your-server.de
Software: nginx/1.10.3 /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:25 GMT
server: nginx/1.10.3
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: image/png

GET
H2

200

mw
mwzeom.zeotap.com/ Frame F8C0
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr...
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YMz0FgABrQ2zlQBg&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=50480bb1-d6ad-4b96-6149-d9320f3f5448&reqId=df43fcd6-95c8-49a7-7ff7-41a...

95 B
178 B

26ms
26ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YMz0FgABrQ2zlQBg&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=50480bb1-d6ad-4b96-6149-d9320f3f5448&reqId=df43fcd6-95c8-49a7-7ff7-41aed9c0fc3a&zdid=1361&_test=YMz0FgABrQ2zlQBg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:26 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6616ed2dab6f2bd6-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 0ac232908600002bd623a8c000000001

Redirect headers

pragma: no-cache
date: Fri, 18 Jun 2021 19:29:26 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1624044567.649509,VS0,VE0
x-served-by: cache-fra19139-FRA
x-cache: HIT
location: https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YMz0FgABrQ2zlQBg&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=50480bb1-d6ad-4b96-6149-d9320f3f5448&reqId=df43fcd6-95c8-49a7-7ff7-41aed9c0fc3a&zdid=1361&_test=YMz0FgABrQ2zlQBg
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame F8C0
Redirect Chain

https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
https://mwzeom.zeotap.com/mw?cid=c62a60cc-f415-4c00-90e0-610965890e20&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=50480bb1-d6ad-4b96-6149-d9320f3f5448&reqId=df43fcd...

95 B
178 B

38ms
38ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=c62a60cc-f415-4c00-90e0-610965890e20&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=50480bb1-d6ad-4b96-6149-d9320f3f5448&reqId=df43fcd6-95c8-49a7-7ff7-41aed9c0fc3a&zdid=1361
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:26 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6616ed2a3c3e2bd6-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 0ac2328e6500002bd63a327000000001

Redirect headers

Date: Fri, 18 Jun 2021 19:29:26 GMT
Server: MT3 3759 5f8f15b master zrh-pixel-x31
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://mwzeom.zeotap.com/mw?cid=c62a60cc-f415-4c00-90e0-610965890e20&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=50480bb1-d6ad-4b96-6149-d9320f3f5448&reqId=df43fcd6-95c8-49a7-7ff7-41aed9c0fc3a&zdid=1361
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 0
Expires: Fri, 18 Jun 2021 19:29:20 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame F8C0
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=50480bb1-d6ad-4b96-6149-d9320f3f5448&reqId=df43fcd6-95c8-49a7-7ff7-41aed9c0fc3a&zdid=1361
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=50480bb1-d6ad-4b96-6149-d9320f3f5448&reqId=df43fcd6-95c8-49a7-7ff7-41aed9c0...

0
338 B

88ms
28ms

Image
text/plain

34.246.41.247
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=50480bb1-d6ad-4b96-6149-d9320f3f5448&reqId=df43fcd6-95c8-49a7-7ff7-41aed9c0fc3a&zdid=1361
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.41.247 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:26 GMT
cache-control: private, no-cache, no-store
x-request-time: D=35 t=1624044566
x-served-by: beacon-n020-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=50480bb1-d6ad-4b96-6149-d9320f3f5448&reqId=df43fcd6-95c8-49a7-7ff7-41aed9c0fc3a&zdid=1361
date: Fri, 18 Jun 2021 19:29:25 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a013-ash-prod.krxd.net

GET
H/1.1

200
OK

dcm
aax-eu.amazon-adsystem.com/s/ Frame F8C0
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=50480bb1-d6ad-4b96-6149-d9320f3f5448&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=50480bb1-d6ad-4b96-614...
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=50480bb1-d6ad-4b96-6149-d9320f3f5448&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=50480bb1-d6ad-4b96-614...

43 B
433 B

61ms
30ms

Image
image/gif

52.95.123.167
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=50480bb1-d6ad-4b96-6149-d9320f3f5448&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=50480bb1-d6ad-4b96-6149-d9320f3f5448&reqId=df43fcd6-95c8-49a7-7ff7-41aed9c0fc3a&zdid=1361&dcc=t
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.123.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Jun 2021 19:29:26 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 18 Jun 2021 19:29:26 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=50480bb1-d6ad-4b96-6149-d9320f3f5448&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=50480bb1-d6ad-4b96-6149-d9320f3f5448&reqId=df43fcd6-95c8-49a7-7ff7-41aed9c0fc3a&zdid=1361&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame F8C0
Redirect Chain

https://tags.bluekai.com/site/87734?id=50480bb1-d6ad-4b96-6149-d9320f3f5448&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK...
https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734

95 B
177 B

39ms
38ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:26 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6616ed2b1e332bd6-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 0ac2328ef000002bd65d10e000000001

Redirect headers

Location: https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
Date: Fri, 18 Jun 2021 19:29:26 GMT
Connection: keep-alive
Content-Length: 0
BK-Server: aa6e
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H2 200 zeo
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/ Frame F8C0 0
38 B 344ms
30ms Image
text/plain 54.170.215.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D50480bb1-d6ad-4b96-6149-d9320f3f5448%26reqId%3Ddf43fcd6-95c8-49a7-7ff7-41aed9c0fc3a%26zdid%3D1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.170.215.80 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:26 GMT
content-length: 0

GET
H2 200 cmp.min.js Show response
spl.zeotap.com/ Frame F8C0 557 B
492 B 39ms
34ms Script
text/plain 2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=50480bb1-d6ad-4b96-6149-d9320f3f5448&reqId=df43fcd6-95c8-49a7-7ff7-41aed9c0fc3a&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3db50cf88e17c66f7d3c4e66219ccc0967086368e1d2222dbab19fe0cec6806e

Request headers

Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray: 6616ed25184e2bd6-FRA
date: Fri, 18 Jun 2021 19:29:25 GMT
via: 1.1 google
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
content-encoding: br
access-control-allow-headers: *
cf-request-id: 0ac2328b2b00002bd650334000000001

GET
H/1.1 400
Request failed due to privacy signals getuid
ib.adnxs.com/ Frame 2560 0
0 43ms
14ms Image
text/html 185.33.221.13
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c292db97-5755-4c20-4c50-899d0570d592&reqId=c1fc2cfd-b90a-4338-5a51-de81fd4da1f4&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 2560
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c292db97-5755-4c20-4c50-899d0570d592&reqId=c1fc2cfd-b90a-4338-5a...
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c292db97-5755-4c20-4c50-899d0570d592&reqId=c1fc2cfd-b90a-4338-5...
https://mwzeom.zeotap.com/mw?google_gid=CAESEDN9C7FGZqiQiJtpAmFvdSs&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c292db97-5755-4c20-4c50-899d0570d592&reqId=c1fc2c...

95 B
178 B

51ms
51ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?google_gid=CAESEDN9C7FGZqiQiJtpAmFvdSs&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c292db97-5755-4c20-4c50-899d0570d592&reqId=c1fc2cfd-b90a-4338-5a51-de81fd4da1f4&zdid=1361
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:25 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6616ed2579462bd6-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 0ac2328b6900002bd6daa40000000001

Redirect headers

pragma: no-cache
date: Fri, 18 Jun 2021 19:29:25 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://mwzeom.zeotap.com/mw?google_gid=CAESEDN9C7FGZqiQiJtpAmFvdSs&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c292db97-5755-4c20-4c50-899d0570d592&reqId=c1fc2cfd-b90a-4338-5a51-de81fd4da1f4&zdid=1361
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 470
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 2560
Redirect Chain

https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
https://mwzeom.zeotap.com/mw?cid=826cf9dc-990e-4153-afc8-aa345432b3db&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c292db97-5755-4c20-4c50-899d0570d592&reqId=c1fc2cfd-b90a-4338...

95 B
189 B

40ms
38ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=826cf9dc-990e-4153-afc8-aa345432b3db&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c292db97-5755-4c20-4c50-899d0570d592&reqId=c1fc2cfd-b90a-4338-5a51-de81fd4da1f4&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:25 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6616ed2558fd2bd6-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 0ac2328b5700002bd6fc0ed000000001

Redirect headers

date: Fri, 18 Jun 2021 19:29:25 GMT
via: 1.1 google
server: Jetty(9.4.36.v20210114)
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://mwzeom.zeotap.com/mw?cid=826cf9dc-990e-4153-afc8-aa345432b3db&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c292db97-5755-4c20-4c50-899d0570d592&reqId=c1fc2cfd-b90a-4338-5a51-de81fd4da1f4&zdid=1361
alt-svc: clear
content-length: 0

GET
H2 403 /
dmp.adform.net/serving/cookie/match/ Frame 2560 0
330 B 85ms
28ms Image
text/plain 37.157.2.238
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c292db97-5755-4c20-4c50-899d0570d592&reqId=c1fc2cfd-b90a-4338-5a51-de81fd4da1f4&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 19:29:25 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 2560
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dc292db97-5755-4c20-4c50-899d0570d592%26reqId%3Dc...
https://match.adsrvr.org/track/cmb/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dc292db97-5755-4c20-4c50-899d0570d592%26reqId%3Dc...
https://mwzeom.zeotap.com/mw?cid=82568308-ad07-4688-b08a-9a5be29b3e97&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c292db97-5755-4c20-4c50-899d0570d592&reqId=c1fc2cfd-b90a-4338...

95 B
178 B

34ms
34ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=82568308-ad07-4688-b08a-9a5be29b3e97&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c292db97-5755-4c20-4c50-899d0570d592&reqId=c1fc2cfd-b90a-4338-5a51-de81fd4da1f4&zdid=1361
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:25 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6616ed25d9eb2bd6-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 0ac2328ba600002bd63f349000000001

Redirect headers

pragma: no-cache
date: Fri, 18 Jun 2021 19:29:25 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://mwzeom.zeotap.com/mw?cid=82568308-ad07-4688-b08a-9a5be29b3e97&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c292db97-5755-4c20-4c50-899d0570d592&reqId=c1fc2cfd-b90a-4338-5a51-de81fd4da1f4&zdid=1361
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 481

GET
H2 200 cm
trc.taboola.com/sg/zeotap/1/ Frame 2560 0
57 B 31ms
15ms Image
text/plain 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c292db97-5755-4c20-4c50-899d0570d592&reqId=c1fc2cfd-b90a-4338-5a51-de81fd4da1f4&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Fri, 18 Jun 2021 19:29:25 GMT
via: 1.1 varnish
server: nginx
x-timer: S1624044565.306944,VS0,VE9
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-hhn11572-HHN

GET
H/1.1 200
OK u
dmp.v.fwmrm.net/ad/ Frame 2560 0
411 B 400ms
96ms Image
text/html 2600:1f18:6593:f602:82a0:df8e:67ea:6e72
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:6593:f602:82a0:df8e:67ea:6e72 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Jun 2021 19:29:25 GMT
P3P: policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control: no-store
Connection: keep-alive
Content-Type: text/html
Keep-Alive: timeout=300
Content-Length: 0
Expires: 0

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 2560 0
166 B 72ms
21ms Image
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dc292db97-5755-4c20-4c50-899d0570d592%26reqId%3Dc1fc2cfd-b90a-4338-5a51-de81fd4da1f4%26zdid%3D1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:25 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 2560
Redirect Chain

https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c292db97-5755-4c20-4c50-899d0570d592&reqId=c1fc2cfd-b90a-4338-5a51-de81fd4da1f4&zdid=1361
https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c292db97-5755-4c20-4c50-899d0570d592&reqId=c1fc2cfd-b90a-4338-5a51-de81fd4da1f4&zdid=136...
https://mwzeom.zeotap.com/mw?cid=f8e3050f-278e-4a12-a87d-79caa8c9b309&zpartnerid=317&gdpr=1&gdpr_consent=

95 B
178 B

49ms
49ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=f8e3050f-278e-4a12-a87d-79caa8c9b309&zpartnerid=317&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:25 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6616ed260a552bd6-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 0ac2328bc700002bd6061bf000000001

Redirect headers

pragma: no-cache
date: Fri, 18 Jun 2021 19:29:25 GMT
server: Apache-Coyote/1.1
location: https://mwzeom.zeotap.com/mw?cid=f8e3050f-278e-4a12-a87d-79caa8c9b309&zpartnerid=317&gdpr=1&gdpr_consent=
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
x-xss-protection: 1; mode=block
expires: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 2560
Redirect Chain

https://dpm.demdex.net/ibs:dpid=199624&dpuuid=c292db97-5755-4c20-4c50-899d0570d592&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=c292db97-5755-4c20-4c50-899d0570d592&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
https://mwzeom.zeotap.com/mw?cid=38054003663975413562669029602504682078&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c292db97-5755-4c20-4c50-899d0570d592&reqId=c1fc2cfd-b90a-...

95 B
280 B

49ms
49ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=38054003663975413562669029602504682078&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c292db97-5755-4c20-4c50-899d0570d592&reqId=c1fc2cfd-b90a-4338-5a51-de81fd4da1f4&zdid=1361
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:25 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6616ed263ac62bd6-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 0ac2328be300002bd626392000000001

Redirect headers

DCS: dcs-prod-irl1-2-v009-055236074.edge-irl1.demdex.com 6.3.0.20210616085605
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: g+A10yZZT3U=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://mwzeom.zeotap.com/mw?cid=38054003663975413562669029602504682078&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c292db97-5755-4c20-4c50-899d0570d592&reqId=c1fc2cfd-b90a-4338-5a51-de81fd4da1f4&zdid=1361
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 204 /
loadeu.exelator.com/load/ Frame 2560 0
324 B 84ms
33ms Image
text/plain 54.78.254.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c292db97-5755-4c20-4c50-899d0570d592&reqId=c1fc2cfd-b90a-4338-5a51-de81fd4da1f4&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:25 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 2560
Redirect Chain

https://bn01.er.bemail.it/zeotap.php?_bid=c292db97-5755-4c20-4c50-899d0570d592&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c292db97-5755-4c20-4c50-899d0570d592&reqId=c1fc2cfd-...
https://mwzeom.zeotap.com/mw?cid=BE1-2021061821-13884-0.594279001624044563-5bb6f325994a182d02af287083ccf1f5&zdid=533&env=mWeb

95 B
178 B

44ms
44ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=BE1-2021061821-13884-0.594279001624044563-5bb6f325994a182d02af287083ccf1f5&zdid=533&env=mWeb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:25 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6616ed25fa2f2bd6-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 0ac2328bbd00002bd6582cf000000001

Redirect headers

Location: https://mwzeom.zeotap.com/mw?cid=BE1-2021061821-13884-0.594279001624044563-5bb6f325994a182d02af287083ccf1f5&zdid=533&env=mWeb
Date: Fri, 18 Jun 2021 19:29:23 GMT
Server: nginx/1.10.2
Connection: keep-alive
X-Powered-By: PHP/5.4.16
Transfer-Encoding: chunked
Content-Type: text/html

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 2560
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
https://mwzeom.zeotap.com/mw?cid=6975218293930195097&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c292db97-5755-4c20-4c50-899d0570d592&reqId=c1fc2cfd-b90a-4338-5a51-...

95 B
178 B

21ms
21ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=6975218293930195097&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c292db97-5755-4c20-4c50-899d0570d592&reqId=c1fc2cfd-b90a-4338-5a51-de81fd4da1f4&zdid=1361
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:25 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6616ed25ea072bd6-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 0ac2328baf00002bd66ab47000000001

Redirect headers

Location: https://mwzeom.zeotap.com/mw?cid=6975218293930195097&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c292db97-5755-4c20-4c50-899d0570d592&reqId=c1fc2cfd-b90a-4338-5a51-de81fd4da1f4&zdid=1361
Date: Fri, 18 Jun 2021 19:29:25 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2 200 receive
pixel.tapad.com/idsync/ex/ Frame 2560 95 B
426 B 18ms
14ms Image
image/png 35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=c292db97-5755-4c20-4c50-899d0570d592

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Jetty(9.4.36.v20210114) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:25 GMT
via: 1.1 google
server: Jetty(9.4.36.v20210114)
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/png
alt-svc: clear
content-length: 95

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 2560
Redirect Chain

https://idsync.frontend.weborama.fr/ids?key=zeotap&value=c292db97-5755-4c20-4c50-899d0570d592&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
https://idsync.frontend.weborama.fr/ids?key=zeotap&value=c292db97-5755-4c20-4c50-899d0570d592&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
https://mwzeom.zeotap.com/mw?webouuid=9eNMxK4vPTKN/BcpgvzHQe&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c292db97-5755-4c20-4c50-899d0570d592&reqId=c1fc2cfd-b90a-43...

95 B
178 B

39ms
39ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?webouuid=9eNMxK4vPTKN/BcpgvzHQe&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c292db97-5755-4c20-4c50-899d0570d592&reqId=c1fc2cfd-b90a-4338-5a51-de81fd4da1f4&zdid=1361
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:25 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6616ed277d472bd6-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 0ac2328ca700002bd646818000000001

Redirect headers

pragma: no-cache
date: Fri, 18 Jun 2021 19:29:25 GMT
via: 1.1 google
last-modified: Fri, 18 Jun 2021 19:29:25 GMT
server: nginx/1.12.0
location: https://mwzeom.zeotap.com/mw?webouuid=9eNMxK4vPTKN/BcpgvzHQe&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c292db97-5755-4c20-4c50-899d0570d592&reqId=c1fc2cfd-b90a-4338-5a51-de81fd4da1f4&zdid=1361
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: clear
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 200 2.gif
dmp.theadex.com/d/949/i/ Frame 2560 36 B
378 B 3068ms
16ms Image
image/gif 89.163.159.103
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=c292db97-5755-4c20-4c50-899d0570d592&axd_pid=175
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 89.163.159.103 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx /
Resource Hash: 204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 19:29:28 GMT
server: nginx
p3p: CP="CAO PSAa PSDa IVAa IVDa OUR UNI COM NAV"
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
content-length: 36
expires: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 2560
Redirect Chain

https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=c292db97-5755-4c20-4c50-899d0570d592?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_con...
https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=c292db97-5755-4c20-4c50-899d0570d592?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdp...
https://mwzeom.zeotap.com/mw?pid=b8591f9075019083ed62639cc030944f&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c292db97-5755-4c20-4c50-899d0570d592&reqId=c1fc2cfd-b9...

95 B
178 B

34ms
33ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?pid=b8591f9075019083ed62639cc030944f&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c292db97-5755-4c20-4c50-899d0570d592&reqId=c1fc2cfd-b90a-4338-5a51-de81fd4da1f4&zdid=1361
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:28 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6616ed398f432bd6-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 0ac23297f800002bd6062f8000000001

Redirect headers

pragma: no-cache
date: Fri, 18 Jun 2021 19:29:28 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://mwzeom.zeotap.com/mw?pid=b8591f9075019083ed62639cc030944f&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c292db97-5755-4c20-4c50-899d0570d592&reqId=c1fc2cfd-b90a-4338-5a51-de81fd4da1f4&zdid=1361
cache-control: no-cache
x-server: 10.45.25.143
content-length: 0
expires: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 2560
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
https://mwzeom.zeotap.com/mw?cid=y-NJ3XvXZE2oolfQva0qDAKqV__KaSm1DKXw--~A&zpartnerid=570&env=mWeb

95 B
178 B

63ms
63ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=y-NJ3XvXZE2oolfQva0qDAKqV__KaSm1DKXw--~A&zpartnerid=570&env=mWeb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:28 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6616ed396ee32bd6-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 0ac23297df00002bd63a01c000000001

Redirect headers

date: Fri, 18 Jun 2021 19:29:28 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: text/html;charset=utf-8
location: https://mwzeom.zeotap.com/mw?cid=y-NJ3XvXZE2oolfQva0qDAKqV__KaSm1DKXw--~A&zpartnerid=570&env=mWeb
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000
content-length: 0
x-content-type-options: nosniff

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 2560
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c292db97-5755-4c20-4c50-899d0570d592&reqId=c1fc2cfd-b90a-4338-5a51-de81fd4da1f4&zd...
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=7e7kM3VyDGfX2C%2FKgfruWejSGrFknjRx%2BS41iYitP1U%3D

95 B
188 B

32ms
32ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=7e7kM3VyDGfX2C%2FKgfruWejSGrFknjRx%2BS41iYitP1U%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:28 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6616ed396f002bd6-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 0ac23297e500002bd6013ce000000001

Redirect headers

pragma: no-cache
date: Fri, 18 Jun 2021 19:29:28 GMT
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=7e7kM3VyDGfX2C%2FKgfruWejSGrFknjRx%2BS41iYitP1U%3D
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H2 200 v2
odr.mookie1.com/t/ Frame 2560 43 B
324 B 1067ms
15ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=c292db97-5755-4c20-4c50-899d0570d592&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c292db97-5755-4c20-4c50-899d0570d592&reqId=c1fc2cfd-b90a-4338-5a51-de81fd4da1f4&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 19:29:26 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 2560 0
337 B 607ms
29ms Image
text/plain 34.246.41.247
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c292db97-5755-4c20-4c50-899d0570d592&reqId=c1fc2cfd-b90a-4338-5a51-de81fd4da1f4&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.41.247 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:26 GMT
cache-control: private, no-cache, no-store
x-request-time: D=52 t=1624044566
x-served-by: beacon-n003-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 /
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame 2560 95 B
360 B 42ms
13ms Image
image/png 168.119.149.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=c292db97-5755-4c20-4c50-899d0570d592&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c292db97-5755-4c20-4c50-899d0570d592&reqId=c1fc2cfd-b90a-4338-5a51-de81fd4da1f4&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 168.119.149.178 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.178.149.119.168.clients.your-server.de
Software: nginx/1.10.3 /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:25 GMT
server: nginx/1.10.3
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: image/png

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 2560
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr...
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YMz0FgABrRGzoQBg&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c292db97-5755-4c20-4c50-899d0570d592&reqId=c1fc2cfd-b90a-4338-5a51-de8...

95 B
177 B

34ms
34ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YMz0FgABrRGzoQBg&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c292db97-5755-4c20-4c50-899d0570d592&reqId=c1fc2cfd-b90a-4338-5a51-de81fd4da1f4&zdid=1361&_test=YMz0FgABrRGzoQBg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:26 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6616ed2dab852bd6-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 0ac232908d00002bd641aae000000001

Redirect headers

pragma: no-cache
date: Fri, 18 Jun 2021 19:29:26 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1624044567.656981,VS0,VE0
x-served-by: cache-fra19139-FRA
x-cache: HIT
location: https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YMz0FgABrRGzoQBg&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c292db97-5755-4c20-4c50-899d0570d592&reqId=c1fc2cfd-b90a-4338-5a51-de81fd4da1f4&zdid=1361&_test=YMz0FgABrRGzoQBg
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 2560
Redirect Chain

https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
https://mwzeom.zeotap.com/mw?cid=228160cc-f415-4000-9451-3c1f0f19fdc2&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c292db97-5755-4c20-4c50-899d0570d592&reqId=c1fc2cf...

95 B
201 B

28ms
27ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=228160cc-f415-4000-9451-3c1f0f19fdc2&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c292db97-5755-4c20-4c50-899d0570d592&reqId=c1fc2cfd-b90a-4338-5a51-de81fd4da1f4&zdid=1361
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:26 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6616ed2a0bcf2bd6-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 0ac2328e4700002bd66522f000000001

Redirect headers

Date: Fri, 18 Jun 2021 19:29:25 GMT
Server: MT3 3759 5f8f15b master zrh-pixel-x30
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://mwzeom.zeotap.com/mw?cid=228160cc-f415-4000-9451-3c1f0f19fdc2&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c292db97-5755-4c20-4c50-899d0570d592&reqId=c1fc2cfd-b90a-4338-5a51-de81fd4da1f4&zdid=1361
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 0
Expires: Fri, 18 Jun 2021 19:29:20 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 2560
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c292db97-5755-4c20-4c50-899d0570d592&reqId=c1fc2cfd-b90a-4338-5a51-de81fd4da1f4&zdid=1361
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c292db97-5755-4c20-4c50-899d0570d592&reqId=c1fc2cfd-b90a-4338-5a51-de81fd4d...

0
337 B

89ms
29ms

Image
text/plain

34.246.41.247
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c292db97-5755-4c20-4c50-899d0570d592&reqId=c1fc2cfd-b90a-4338-5a51-de81fd4da1f4&zdid=1361
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.41.247 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:26 GMT
cache-control: private, no-cache, no-store
x-request-time: D=35 t=1624044566
x-served-by: beacon-n022-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c292db97-5755-4c20-4c50-899d0570d592&reqId=c1fc2cfd-b90a-4338-5a51-de81fd4da1f4&zdid=1361
date: Fri, 18 Jun 2021 19:29:25 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a010-ash-prod.krxd.net

GET
H/1.1

200
OK

dcm
aax-eu.amazon-adsystem.com/s/ Frame 2560
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=c292db97-5755-4c20-4c50-899d0570d592&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c292db97-5755-4c20-4c5...
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=c292db97-5755-4c20-4c50-899d0570d592&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c292db97-5755-4c20-4c5...

43 B
433 B

58ms
31ms

Image
image/gif

52.95.123.167
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=c292db97-5755-4c20-4c50-899d0570d592&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c292db97-5755-4c20-4c50-899d0570d592&reqId=c1fc2cfd-b90a-4338-5a51-de81fd4da1f4&zdid=1361&dcc=t
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.123.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Jun 2021 19:29:26 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 18 Jun 2021 19:29:26 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=c292db97-5755-4c20-4c50-899d0570d592&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c292db97-5755-4c20-4c50-899d0570d592&reqId=c1fc2cfd-b90a-4338-5a51-de81fd4da1f4&zdid=1361&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 2560
Redirect Chain

https://tags.bluekai.com/site/87734?id=c292db97-5755-4c20-4c50-899d0570d592&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK...
https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734

95 B
195 B

39ms
39ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:26 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 6616ed2c08292bd6-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 0ac2328f8300002bd60b326000000001

Redirect headers

Location: https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
Date: Fri, 18 Jun 2021 19:29:26 GMT
Connection: keep-alive
Content-Length: 0
BK-Server: 44ff
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H2 200 zeo
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/ Frame 2560 0
37 B 344ms
30ms Image
text/plain 54.170.215.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dc292db97-5755-4c20-4c50-899d0570d592%26reqId%3Dc1fc2cfd-b90a-4338-5a51-de81fd4da1f4%26zdid%3D1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.170.215.80 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:26 GMT
content-length: 0

GET
H2 200 cmp.min.js Show response
spl.zeotap.com/ Frame 2560 557 B
431 B 49ms
48ms Script
text/plain 2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c292db97-5755-4c20-4c50-899d0570d592&reqId=c1fc2cfd-b90a-4338-5a51-de81fd4da1f4&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ad04495fc3e7b9021ae4e59d61ecf2d785a5d41e75fecdbbae01a9f6a03c4f1

Request headers

Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray: 6616ed2518512bd6-FRA
date: Fri, 18 Jun 2021 19:29:25 GMT
via: 1.1 google
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
content-encoding: br
access-control-allow-headers: *
cf-request-id: 0ac2328b2c00002bd6d4af9000000001

GET
H2 204 cmp
spl.zeotap.com/ Frame F8C0 0
0 40ms
37ms Document
text/plain 2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=50480bb1-d6ad-4b96-6149-d9320f3f5448&reqId=df43fcd6-95c8-49a7-7ff7-41aed9c0fc3a&zdid=1361&cmp=0
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=50480bb1-d6ad-4b96-6149-d9320f3f5448&reqId=df43fcd6-95c8-49a7-7ff7-41aed9c0fc3a&zdid=1361
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: spl.zeotap.com
:scheme: https
:path: /cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=50480bb1-d6ad-4b96-6149-d9320f3f5448&reqId=df43fcd6-95c8-49a7-7ff7-41aed9c0fc3a&zdid=1361&cmp=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: zc=c292db97-5755-4c20-4c50-899d0570d592; zsc=%AEd%86%C7%D1u%DA0%D3%2C%7BL%0A-%E2n%28U%99%26F%05n%D7g%EB%B1%19%10%8FW%8B%DB1%A3%C4%EC2%A3%8E%85+84%2B%CAN%7C%22%0D%C5%7B%A9fAHB%E6%8BP%3D%FEf%87%FBH%85_c%C3f%BD%A7%F3KS%C8%1E%BA%8B3gh%F9%92%D9%99Z%9F%BEI%9A%DCC%85%D5%84%9F%2B%0C%E5%08W%CD%93Q%D0%23%25x%C2%E55%3Fl%DD%A0%90%0C%CC%BCA%1BA%7D%9D%AFww%81%B3X%F6H%22%E0u%A0%ED%B0%3A%5Cu-%0BEh%80%FF%5C%FA%DE%EA%04%1A%FF%15S%FE%D6%93%24%9Ae%F1%80%7B%810
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Response headers

date: Fri, 18 Jun 2021 19:29:25 GMT
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://spl.zeotap.com
vary: Origin
via: 1.1 google
cf-cache-status: DYNAMIC
cf-request-id: 0ac2328b5500002bd66ab40000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6616ed2558e72bd6-FRA

GET
H2 204 cmp
spl.zeotap.com/ Frame 2560 0
0 38ms
37ms Document
text/plain 2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c292db97-5755-4c20-4c50-899d0570d592&reqId=c1fc2cfd-b90a-4338-5a51-de81fd4da1f4&zdid=1361&cmp=0
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c292db97-5755-4c20-4c50-899d0570d592&reqId=c1fc2cfd-b90a-4338-5a51-de81fd4da1f4&zdid=1361
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: spl.zeotap.com
:scheme: https
:path: /cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=c292db97-5755-4c20-4c50-899d0570d592&reqId=c1fc2cfd-b90a-4338-5a51-de81fd4da1f4&zdid=1361&cmp=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: zc=c292db97-5755-4c20-4c50-899d0570d592; zsc=%AEd%86%C7%D1u%DA0%D3%2C%7BL%0A-%E2n%28U%99%26F%05n%D7g%EB%B1%19%10%8FW%8B%DB1%A3%C4%EC2%A3%8E%85+84%2B%CAN%7C%22%0D%C5%7B%A9fAHB%E6%8BP%3D%FEf%87%FBH%85_c%C3f%BD%A7%F3KS%C8%1E%BA%8B3gh%F9%92%D9%99Z%9F%BEI%9A%DCC%85%D5%84%9F%2B%0C%E5%08W%CD%93Q%D0%23%25x%C2%E55%3Fl%DD%A0%90%0C%CC%BCA%1BA%7D%9D%AFww%81%B3X%F6H%22%E0u%A0%ED%B0%3A%5Cu-%0BEh%80%FF%5C%FA%DE%EA%04%1A%FF%15S%FE%D6%93%24%9Ae%F1%80%7B%810
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Response headers

date: Fri, 18 Jun 2021 19:29:25 GMT
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://spl.zeotap.com
vary: Origin
via: 1.1 google
cf-cache-status: DYNAMIC
cf-request-id: 0ac2328b6100002bd6651fb000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6616ed25692b2bd6-FRA

GET
H2

200

setuid
sync.quantumdex.io/ Frame 5634
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2734687890487579040

43 B
343 B

138ms
138ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2734687890487579040
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:25 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2BZV%2BnYd762XdI0s9rH2PfyXrA%2F46dOVXRy9KlAtun3uv31F0sn14qMXTbASKIEuR1mZQLXxOIIGjoP6Y5Hjrbxm9FeroRVjLkHIgl0bz24bWCo1HR2W%2BmLo4DWWaJYmHO0xTArsSannvu5Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 6616ed263edb4a98-FRA
content-length: 43
cf-request-id: 0ac2328be400004a98e58d6000000001

Redirect headers

Pragma: no-cache
Date: Fri, 18 Jun 2021 19:29:25 GMT
X-Proxy-Origin: 89.249.64.203; 89.249.64.203; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.222.251:80
AN-X-Request-Uuid: 648edaa1-ecc6-4ce4-9774-4c3dd949a60c
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2734687890487579040
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 5634
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danx152media%2526uid%253D%2524UID
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=489450943534794481

43 B
370 B

128ms
128ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=anx152media&uid=489450943534794481
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:25 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=UGtRDzQvO0qTERyt8uHvP6uFGoCDYLishJA32oYuYSwl0jb5%2BW1yAQbtia%2B%2FDMO19P4UJmcJYmvvmUnZRYPRGDwcI5FeTOz4wvEsKTDZ1uxtSrSS%2BrRaDkz8ba44%2F7MHzPA7ygo8TM%2BjHWo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 6616ed262ebf4a98-FRA
content-length: 43
cf-request-id: 0ac2328bd900004a98040c3000000001

Redirect headers

Pragma: no-cache
Date: Fri, 18 Jun 2021 19:29:25 GMT
X-Proxy-Origin: 89.249.64.203; 89.249.64.203; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.78:80
AN-X-Request-Uuid: 8da2eb36-6b3b-41be-832d-0013637aac6b
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=anx152media&uid=489450943534794481
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 5634
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danswermedia%2526uid%253D%2524UID
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=5555583536721370301

43 B
344 B

134ms
134ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=5555583536721370301
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:25 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=m%2F9%2FWBQtpPY5heFxLNOs8tBwuzw1WfcWc%2FsriBRKZheS1rtMZ5FVtWffTB0T3D7%2FLiBkAJb5zWdjG1BM6bPZxLNxiK9aA5tWdlTPaR0R2Y%2BF61lCt9eRa6dzgwDEOV5f3cFuq13GGKD8Nnw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 6616ed264f1d4a98-FRA
content-length: 43
cf-request-id: 0ac2328bef00004a98dd93c000000001

Redirect headers

Pragma: no-cache
Date: Fri, 18 Jun 2021 19:29:25 GMT
X-Proxy-Origin: 89.249.64.203; 89.249.64.203; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.43:80
AN-X-Request-Uuid: bd3b0c1d-ed97-4485-8a7b-374def0cf89a
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=5555583536721370301
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 5634
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=e178fe267763ef61eaca8b90

43 B
497 B

133ms
131ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=e178fe267763ef61eaca8b90
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:25 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2FIj4U1tNC8IlFgy4m%2FmgbWTrsQidtJidYZ%2Bygi3yzFEwfel%2FUwkDXrq938XmlFsQt%2FIPJ9wtr4LJaRad2UmWPdk7fS0QR3ahJUrgx%2BKW40T3%2Fxh3JCKhOhqIu4uvP9eZy%2Bx8MaMW1mrXkz4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 6616ed25ddea4a98-FRA
content-length: 43
cf-request-id: 0ac2328ba500004a98bc99e000000001

Redirect headers

Date: Fri, 18 Jun 2021 19:29:25 GMT
Server: nginx
Location: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=e178fe267763ef61eaca8b90
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 5634
Redirect Chain

https://ms.quantumdex.io/user/sync/quantumdex
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=2a7f175e-e375-4d5d-a3c1-02b5e8d16603

43 B
343 B

129ms
128ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=2a7f175e-e375-4d5d-a3c1-02b5e8d16603
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:25 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Xi7TxWtAC9Zoe5Kk3mKfrXO0sU%2FzOR2V1laBwFgs8wrlyrx5GSfXTukUDOEV4MBg57NuURqxEPb2yEOF%2FZPfaDizxC0%2BceO6vlaUuT2YNY9kHWbKqYPiHm3H0D6E7VQmWItlksyTLyZqSpk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 6616ed269ff84a98-FRA
content-length: 43
cf-request-id: 0ac2328c2200004a98a78b9000000001

Redirect headers

date: Fri, 18 Jun 2021 19:29:25 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Tv3H8KfFJ%2BhWTtq2GVnqQsTsiw5d%2Fh%2Fyog26Nabiba%2BijojAqXtTHuS2Dyv3O1Eje%2BLecRZvUkQeSkPNk%2FdGjJQNTLcB93DM3a%2BKvwYUozL99VX4i3P%2FadJ2i445FDqnGB%2BeNGt4ZsbR"}],"group":"cf-nel","max_age":604800}
location: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=2a7f175e-e375-4d5d-a3c1-02b5e8d16603
cf-ray: 6616ed25dde44a98-FRA
content-length: 0
cf-request-id: 0ac2328ba400004a980a026000000001

GET
H/1.1 200
OK us
sync.go.sonobi.com/ Frame 5634 0
474 B 310ms
15ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Jun 2021 19:29:25 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 5634
Redirect Chain

https://bh.contextweb.com/rtset?pid=561205&ev=1&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpulsepoint%26uid%3D%25%25VGUID%25%25
https://sync.quantumdex.io/setuid?bidder=pulsepoint&uid=ip9iB1ABCNYC&ev=1&pid=561205

43 B
339 B

136ms
136ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=pulsepoint&uid=ip9iB1ABCNYC&ev=1&pid=561205
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:25 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=goNf4v8LLBb7LoQSmFXJI8YeDsbNkyUA2WmXFFbnbYV7UXi9l5Cxed9ndxzLQKAglSBr2tdlFwNzdQVyqDfp20oGXTVCvrVEoMxKJzgSYBuXT0wX2bMjzI9ZqAiYX%2B0ljlzoT7oEYaPUAcA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 6616ed2739bd4a98-FRA
content-length: 43
cf-request-id: 0ac2328c8400004a9817a21000000001

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: en-US
location: https://sync.quantumdex.io/setuid?bidder=pulsepoint&uid=ip9iB1ABCNYC&ev=1&pid=561205
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-8474b759f8-tdq42
expires: -1

GET
H2

200

setuid
sync.quantumdex.io/ Frame 5634
Redirect Chain

https://bh.contextweb.com/rtset?pid=557779&ev=1&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpulsepoint%26uid%3D%25%25VGUID%25%25
https://sync.quantumdex.io/setuid?bidder=pulsepoint&uid=6k8ipm40tH9D&ev=1&pid=557779

43 B
349 B

130ms
130ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=pulsepoint&uid=6k8ipm40tH9D&ev=1&pid=557779
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:25 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=9YK8FD%2FflRnZKp%2BgjxraVF8PokdkW%2FytuG46IJ3eKvXU0x%2BxYRttaakJLPwg9cJF9CxXiJHnC7P%2Bpfbdk4cT%2BmF%2FqkFWMDFniqlrvYt%2BviMCYa7282TBdKytgKwLiZiYuaN6uaUnlSY1lkE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 6616ed2739c44a98-FRA
content-length: 43
cf-request-id: 0ac2328c8400004a98b7219000000001

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: en-US
location: https://sync.quantumdex.io/setuid?bidder=pulsepoint&uid=6k8ipm40tH9D&ev=1&pid=557779
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-8474b759f8-sv74q
expires: -1

GET
H2

200

setuid
sync.quantumdex.io/ Frame 5634
Redirect Chain

https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true
https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP7f83e3b4-d06b-11eb-9173-063661f31842
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP7f83e3b4-d06b-11eb-9173-063661f31842

43 B
371 B

142ms
142ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP7f83e3b4-d06b-11eb-9173-063661f31842
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:28 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=H%2BVQxGFzxb4IXUM1Aog2Zi2RiMgooAl%2F5hMZLF3CSiWtF12GACMcq0bQL5pd1G%2B7D1%2BPr%2Fv7Gx8TU0AIxmJCThuel%2F8TdTjHAd0Ud0DbOxvujuRG4o%2BmSeSaghPcq4d%2FjSP3nxsupv50ujQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 6616ed390c094a98-FRA
content-length: 43
cf-request-id: 0ac23297a700004a98f687f000000001

Redirect headers

Date: Fri, 18 Jun 2021 19:29:28 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP7f83e3b4-d06b-11eb-9173-063661f31842
Connection: keep-alive
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 5634
Redirect Chain

https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-9e00eca2-7fbe-4a41-8aac-73dde9f1e12c

43 B
339 B

144ms
144ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-9e00eca2-7fbe-4a41-8aac-73dde9f1e12c
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:28 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=scrlNrjvDaAcuawKa4VJkQgqizj09mPk1okbqtWknKwTWlkskpkj4dRxm78e8%2FunqOUoaBxYI6HZHhGtTr7zdv9dGd4WsBklcCn08UTpneQzRsq18gEQjCrfevqahSeUTJxIE%2BcwLY31er8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 6616ed3a78014a98-FRA
content-length: 43
cf-request-id: 0ac232988b00004a989b90e000000001

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-9e00eca2-7fbe-4a41-8aac-73dde9f1e12c
date: Fri, 18 Jun 2021 19:29:28 GMT
server: Apache-Coyote/1.1
content-length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 5634
Redirect Chain

https://ups.analytics.yahoo.com/ups/58424/occ
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-DWUM7LVE2uH5scbXdkz.YtkWCbDg0PYid07E1hY-~A

43 B
493 B

130ms
130ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-DWUM7LVE2uH5scbXdkz.YtkWCbDg0PYid07E1hY-~A
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:26 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=PAxQckBrLk9nfl36%2FIlbPxhH3WdSe7qRI%2FgF7bmIy95IBIacdFqjsI5kvNC0pWOFdba4%2BsA1v1TzWAjZpE%2BFYTynIodNL%2FySx8MjvUgVRQEUOHnjpp787t53VNgcxSGKgpOK21sXSEsczPc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 6616ed2dad124a98-FRA
content-length: 43
cf-request-id: 0ac232908500004a98ae9b6000000001

Redirect headers

Date: Fri, 18 Jun 2021 19:29:26 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-DWUM7LVE2uH5scbXdkz.YtkWCbDg0PYid07E1hY-~A
Connection: keep-alive
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 5634
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
https://sync.quantumdex.io/setuid?bidder=between&uid=4d9a8294-dc2a-52a9-8a40-6fa4ea8c9bb1

43 B
342 B

134ms
134ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=between&uid=4d9a8294-dc2a-52a9-8a40-6fa4ea8c9bb1
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:25 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=wKsYp7r4%2F9GBmtisNicjreHnlV%2BVDZM8Y0ILVKY1KD51e4oQs2gxDf%2B6YV7O3IeGz1HCHwhqRZPupQtc5ucTPfr8ITyr1GhmSsPJ4%2FgVYLYRi0VNRqCaon8rTkXaST36ZbnBCrZjogbeTUc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 6616ed27cb944a98-FRA
content-length: 43
cf-request-id: 0ac2328cde00004a98a60f7000000001

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=between&uid=4d9a8294-dc2a-52a9-8a40-6fa4ea8c9bb1
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 5634
Redirect Chain

https://cs.admanmedia.com/sync/valueimpression?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadman%26uid%3D%7B%24UID%7D
https://sync.quantumdex.io/setuid?bidder=adman&uid=670e2fc9c09785aabfbf0ac05112e6e7690c96c7

43 B
364 B

134ms
134ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=adman&uid=670e2fc9c09785aabfbf0ac05112e6e7690c96c7
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:26 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=uMoJjR3EtA8CewWgIhtBUcjjT8AUggcMAcQhL70GBQ25c%2Fsmp4kDzm%2FiM0Kwo6sFYdR4atMGvDI7bzo937sdFnP6hV2OnX8jcPWCRvGHkxhkwXMPXajqzx8OtHNE7%2F4Hd9kEIHZAZlIZ4qY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 6616ed2a4b144a98-FRA
content-length: 43
cf-request-id: 0ac2328e6c00004a98ae96e000000001

Redirect headers

Location: https://sync.quantumdex.io/setuid?bidder=adman&uid=670e2fc9c09785aabfbf0ac05112e6e7690c96c7
Date: Fri, 18 Jun 2021 19:29:26 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame F1B2 2 KB
818 B 3061ms
13ms Document
text/html 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2bb78272a859ca6

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?pubId=2bb78272a859ca6
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
strict-transport-security: max-age=15552000

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame 181D 0
0 3350ms
110ms Document
text/plain 67.202.110.21
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.110.21 Crown Point, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip21.67-202-110.static.steadfastdns.net
Software: 33XP004 /
Resource Hash

Request headers

:method: GET
:authority: ssc-cms.33across.com
:scheme: https
:path: /ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

x-33x-status: 2000208
server: 33XP004
date: Fri, 18 Jun 2021 19:29:28 GMT

GET
H/1.1

200
OK

Cookie set usermatch Show response
ssum-sec.casalemedia.com/ Frame EA7A
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

2 KB
3 KB

37ms
34ms

Document
text/html

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b831802eedee3661a6d9418e223167762df36e9a7cd61c2d8de390b005567b0f

Request headers

Host: ssum-sec.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://sync.quantumdex.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMID=YMz0GJnrLbNa40vpkQX0SQAA; CMPS=3274
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 230|241|45|39|196|221|206|65
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1815
Expires: Fri, 18 Jun 2021 19:29:28 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 18 Jun 2021 19:29:28 GMT
Connection: keep-alive
Set-Cookie: CMID=YMz0GJnrLbNa40vpkQX0SQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 18 Jun 2022 19:29:28 GMT CMPS=3274;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 16 Sep 2021 19:29:28 GMT CMPRO=1155;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 16 Sep 2021 19:29:28 GMT CMRUM3=4160ccf41805a0&dd60ccf4182760&c460ccf41805a0&2760ccf4180b40&ce60ccf41805a0&f160ccf41805a0&e660ccf4182760&2d60ccf41805a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 18 Jun 2022 19:29:28 GMT CMST=YMz0GGDM9BgA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 19 Jun 2021 19:29:28 GMT

Redirect headers

Server: Apache
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Fri, 18 Jun 2021 19:29:28 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 18 Jun 2021 19:29:28 GMT
Connection: keep-alive
Set-Cookie: CMID=YMz0GJnrLbNa40vpkQX0SQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 18 Jun 2022 19:29:28 GMT CMPS=3274;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 16 Sep 2021 19:29:28 GMT

GET
H/1.1 200
OK Cookie set uc.html Show response
sync.go.sonobi.com/ Frame 7218 43 B
555 B 269ms
223ms Document
text/html 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Host: sync.go.sonobi.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://sync.quantumdex.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

Date: Fri, 18 Jun 2021 19:29:25 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, no-store, private
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma: no-cache
Tcn: Choice
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
X-Xss-Protection: 0
Content-Encoding: gzip
Server: sonobi-go
Set-Cookie: HAPLB5S=s57129|YMz0G; path=/; domain=.go.sonobi.com

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame A1F2 14 KB
5 KB 1076ms
28ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

server: Apache/2.2.15 (CentOS)
last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=21284
expires: Sat, 19 Jun 2021 01:24:10 GMT
date: Fri, 18 Jun 2021 19:29:26 GMT
vary: Accept-Encoding

GET
H2

200

setuid
sync.quantumdex.io/ Frame A08B
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danx152media%2526uid%253D%2524UID
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=2369233646043512192

43 B
341 B

133ms
133ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=anx152media&uid=2369233646043512192
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:25 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=rASVmNA5esFuqpKoD%2Bsf74oQNX6eAcKaBz311fQYpKsHPFcaoMD1JwVOAGvPug2EjrJZPJzcvAlSn0NJitQQkXxeUVnQV2TeI%2FcWL6M92W%2BPf5pQ4Xd2sHvjBs909jMBhfesDgngtIH1%2Ffs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 6616ed263efb4a98-FRA
content-length: 43
cf-request-id: 0ac2328be600004a98b7209000000001

Redirect headers

Pragma: no-cache
Date: Fri, 18 Jun 2021 19:29:25 GMT
X-Proxy-Origin: 89.249.64.203; 89.249.64.203; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.48:80
AN-X-Request-Uuid: a0a6770f-595d-4505-b84a-c7384797ccc4
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=anx152media&uid=2369233646043512192
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame A08B
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danswermedia%2526uid%253D%2524UID
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=733142116511177062

43 B
344 B

134ms
134ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=733142116511177062
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:25 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=8Hqj7A8oZCerZ6Pk9R2kSYYnuw6bb%2FIw5gRpV7BSuN3ohQDiqSTzCANYE%2FZyEQJ0ixK7cib8BlZGaF658HXWLy4gR%2FujyPrSsPXV%2Bz4JS7e9th9X7HucCQlrIomfRVWB8K8g9cKff6fUZ1s%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 6616ed264f054a98-FRA
content-length: 43
cf-request-id: 0ac2328be800004a98f0a46000000001

Redirect headers

Pragma: no-cache
Date: Fri, 18 Jun 2021 19:29:25 GMT
X-Proxy-Origin: 89.249.64.203; 89.249.64.203; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.49:80
AN-X-Request-Uuid: 82de2122-4b25-44d3-9a52-b4592ccc6b86
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=733142116511177062
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame A08B
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=e178fe267763ef61eaca8b90

43 B
346 B

129ms
128ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=e178fe267763ef61eaca8b90
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:25 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=NHOUqX7aV6HDtD6l0%2BEflVJhWKc6Xi3XcFfLxBuvHPl0MFRSePgaIABUCDGRS6r5PI71EMDIkBjDMkm1hi%2FuNxE4UCAGoQ0HdE%2BF4wMyamRzfswOUSDXZ3nkd8vBVXFQexqeBu%2FPohkgzX4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 6616ed25ee0f4a98-FRA
content-length: 43
cf-request-id: 0ac2328bb300004a9876361000000001

Redirect headers

Date: Fri, 18 Jun 2021 19:29:25 GMT
Server: nginx
Location: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=e178fe267763ef61eaca8b90
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame A08B
Redirect Chain

https://ms.quantumdex.io/user/sync/quantumdex
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=53ea6cd3-18ce-4695-ab28-370035ad9f9a

43 B
494 B

131ms
130ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=53ea6cd3-18ce-4695-ab28-370035ad9f9a
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:25 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=cP%2B9%2BufBmZ3Xmrs4fVndTCgnGQjC5QC3MdtU6x7kj4GWPoanc9oPIu9AcTrzdC4Ij3rTkTutvyzra0Or0HNDfW6LVIRBmAKRWcy9GrFD9Lq7j%2F%2FZtHQFpEfMH%2F0lX%2BNtoZZuigvBAdvQklI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 6616ed269fff4a98-FRA
content-length: 43
cf-request-id: 0ac2328c2300004a98c51ef000000001

Redirect headers

date: Fri, 18 Jun 2021 19:29:25 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=MDAFkNgXMz2T%2BuNt7n5N1yn5MoyRmK7kBza8lCYM3%2Fuf%2BjSh%2FunOWljrwdotKF95BCwLXOFZ34R3Ho5jaAj%2F%2Bp5SDbrRpx4GkMvt7q30diyblOaEget3oOoMv2AIO7qWvJgYV2%2BTNGyq"}],"group":"cf-nel","max_age":604800}
location: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=53ea6cd3-18ce-4695-ab28-370035ad9f9a
cf-ray: 6616ed25dde74a98-FRA
content-length: 0
cf-request-id: 0ac2328ba500004a9876360000000001

GET
H2

200

setuid
sync.quantumdex.io/ Frame A08B
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=489450943534794481

43 B
343 B

131ms
131ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=489450943534794481
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:25 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=jwSxYdS%2FMuWFeznDfMM3EjkK8baEWjOAGV5anJe3Otw%2FiE0k0FUecQWQWhygjzzo2WznBvbfd4jO7XOdk%2FEMVUlVtiN76Zs8S9gHozS6ot1uUD9oyuRWYnSazmslHYLcz9gts%2B2E3yYPUAw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 6616ed265f284a98-FRA
content-length: 43
cf-request-id: 0ac2328bf200004a98d59f1000000001

Redirect headers

Pragma: no-cache
Date: Fri, 18 Jun 2021 19:29:25 GMT
X-Proxy-Origin: 89.249.64.203; 89.249.64.203; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.133:80
AN-X-Request-Uuid: e3c11985-d6c2-41ca-9a77-755297f953b8
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=489450943534794481
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK us
sync.go.sonobi.com/ Frame A08B 0
478 B 307ms
13ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Jun 2021 19:29:25 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame A08B
Redirect Chain

https://bh.contextweb.com/rtset?pid=561205&ev=1&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpulsepoint%26uid%3D%25%25VGUID%25%25
https://sync.quantumdex.io/setuid?bidder=pulsepoint&uid=1eqCafM504MV&ev=1&pid=561205

43 B
364 B

135ms
135ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=pulsepoint&uid=1eqCafM504MV&ev=1&pid=561205
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:25 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=9IRvcblUME7PqheUrIIVwkSI8PGKo1hsP7EgLbiHRLsHPB0alSmSYES95Krem1c%2F8D0%2FUimB7X1hC0sriUIPlaCslFZ59skDFOnfwos3YEbAn16v6DiBHAF6GVW7%2FmoG1gS3bdyIU4TXIjE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 6616ed2739c04a98-FRA
content-length: 43
cf-request-id: 0ac2328c8400004a98f6b3c000000001

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: en-US
location: https://sync.quantumdex.io/setuid?bidder=pulsepoint&uid=1eqCafM504MV&ev=1&pid=561205
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-8474b759f8-gv7fk
expires: -1

GET
H2

200

setuid
sync.quantumdex.io/ Frame A08B
Redirect Chain

https://bh.contextweb.com/rtset?pid=557779&ev=1&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpulsepoint%26uid%3D%25%25VGUID%25%25
https://sync.quantumdex.io/setuid?bidder=pulsepoint&uid=0LHaC17cIfba&ev=1&pid=557779

43 B
345 B

144ms
144ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=pulsepoint&uid=0LHaC17cIfba&ev=1&pid=557779
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:25 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=LhOQAnS1C7kSajEnZk2R8JzpaAxTUKMn2KmEIW4lmPbIGhlkdXG9xB7EBMu3fhkcLscPyQdiCED%2B%2Bno%2FENVkRpIoeCJlEksMai6OHG4J5j%2BeqdLxzN%2F%2Fb2s0zfk5UGyiGtfGrk70o8RoJ9E%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 6616ed2739c74a98-FRA
content-length: 43
cf-request-id: 0ac2328c8900004a98c1b0e000000001

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: en-US
location: https://sync.quantumdex.io/setuid?bidder=pulsepoint&uid=0LHaC17cIfba&ev=1&pid=557779
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-8474b759f8-2hvq9
expires: -1

GET
H2

200

setuid
sync.quantumdex.io/ Frame A08B
Redirect Chain

https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true
https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP7f840acb-d06b-11eb-a91f-02cf5c076976
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP7f840acb-d06b-11eb-a91f-02cf5c076976

43 B
345 B

132ms
131ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP7f840acb-d06b-11eb-a91f-02cf5c076976
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:28 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=PXTLTR0CXNBXuvq323HeoijdfJFDZzBvDDUjrTbccjgBexnsPr693jS6DLPwtEVd29XN7aVfbgp5n%2FW%2BaE2aXNCZjrnfCfgRcUOdtRRXAgwX%2BvkmQe4HcP%2FkV4KnQWkRJtjmwHVbOdzdKR8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 6616ed392c774a98-FRA
content-length: 43
cf-request-id: 0ac23297b500004a98b7368000000001

Redirect headers

Date: Fri, 18 Jun 2021 19:29:28 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP7f840acb-d06b-11eb-a91f-02cf5c076976
Connection: keep-alive
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame A08B
Redirect Chain

https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-a64df95a-131f-4e1d-9ff8-8400cb8ca70d

43 B
345 B

134ms
134ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-a64df95a-131f-4e1d-9ff8-8400cb8ca70d
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:28 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=EMJ%2Bm%2FgMiTrX7jJrdQ6l1aOi%2FqA3LiI%2FpcQUN2SJ4ByBWYnIA3qgAiBlE%2FWGj4cWCUXWoIqkonohP23%2B63tFnet8mhJowLJh8f9fduAnmsRQFrT42eSIf%2Br0bM1GhjE5Q64rkcRLfice4Cc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 6616ed3a780c4a98-FRA
content-length: 43
cf-request-id: 0ac232988b00004a98c1836000000001

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-a64df95a-131f-4e1d-9ff8-8400cb8ca70d
date: Fri, 18 Jun 2021 19:29:28 GMT
server: Apache-Coyote/1.1
content-length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame A08B
Redirect Chain

https://ups.analytics.yahoo.com/ups/58424/occ
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-RPiYkdVE2uE8zEnifKsjy7mxQNXK7nqhzHtCHgg-~A

43 B
340 B

138ms
137ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-RPiYkdVE2uE8zEnifKsjy7mxQNXK7nqhzHtCHgg-~A
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:26 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=xjpB8cE0sOeXylH04DPOLtdkWokYVGbCgHccKi2BkVsh2V9Ojo241pUEtxJjLzvW1%2FBXu9eC4PNbyZXo1Faqsh09%2BEquBma8H6lHMSobi1U4ijJvEaLcGjKTyXnK6IoEsr%2BBESrE1paiQcw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 6616ed2dbd544a98-FRA
content-length: 43
cf-request-id: 0ac232909900004a98f6bb7000000001

Redirect headers

Date: Fri, 18 Jun 2021 19:29:26 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-RPiYkdVE2uE8zEnifKsjy7mxQNXK7nqhzHtCHgg-~A
Connection: keep-alive
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame A08B
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
https://sync.quantumdex.io/setuid?bidder=between&uid=4d9a8294-dc2a-52a9-8a40-6fa4ea8c9bb1

43 B
347 B

132ms
132ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=between&uid=4d9a8294-dc2a-52a9-8a40-6fa4ea8c9bb1
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:25 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=TM5%2FCnR5a2W%2F1uMPTJ1HTNzfuQDVr%2BRkmDXOO0NMgnuxrsj91gGhYaAlHRIHJ1IwsvwgETLjhm%2Fj3wCmlwZqu14holi5%2Feg9LKbEE6KVCv69GBrsBcXPfWUvAZR723oZ30EjvipRR8%2Bmv3M%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 6616ed27cb9a4a98-FRA
content-length: 43
cf-request-id: 0ac2328cdd00004a9876389000000001

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=between&uid=4d9a8294-dc2a-52a9-8a40-6fa4ea8c9bb1
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame A08B
Redirect Chain

https://cs.admanmedia.com/sync/valueimpression?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadman%26uid%3D%7B%24UID%7D
https://sync.quantumdex.io/setuid?bidder=adman&uid=670e2fc9c09785aabfbf0ac05112e6e7690c96c7

43 B
344 B

131ms
126ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=adman&uid=670e2fc9c09785aabfbf0ac05112e6e7690c96c7
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:26 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=38C8ntfW8H0M3BIDByk25UXeMHNSIjM37Zy8geTyPuEV2oRFWM%2BfV3ByN6%2FtyqKEPtF6wM5bwjkKITzGm5xhtMJzEXi%2BPT3GspabSKO1laYvUaZ9ZqnfKWNS012ZzRk1jk6hMTI3uY1BKRU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 6616ed2adcc04a98-FRA
content-length: 43
cf-request-id: 0ac2328ecb00004a9879b82000000001

Redirect headers

Location: https://sync.quantumdex.io/setuid?bidder=adman&uid=670e2fc9c09785aabfbf0ac05112e6e7690c96c7
Date: Fri, 18 Jun 2021 19:29:26 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked

GET
H/1.1

200
OK

Cookie set usermatch Show response
ssum-sec.casalemedia.com/ Frame 779B
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

2 KB
3 KB

33ms
33ms

Document
text/html

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7374a6b2a54ed0ea1efb388b72da95127417fdfdcd24cd1b246b241b6bcb9770

Request headers

Host: ssum-sec.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://sync.quantumdex.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMPS=3274; CMID=YMz0GNxfBGuV-h-v3q--mQAA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 45|241|39|230|206|5|65|188
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1711
Expires: Fri, 18 Jun 2021 19:29:28 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 18 Jun 2021 19:29:28 GMT
Connection: keep-alive
Set-Cookie: CMID=YMz0GNxfBGuV-h-v3q--mQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 18 Jun 2022 19:29:28 GMT CMPS=3274;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 16 Sep 2021 19:29:28 GMT CMPRO=1136;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 16 Sep 2021 19:29:28 GMT CMRUM3=4160ccf41805a0&bc60ccf41805a00&2760ccf4180b40&0560ccf41805a0&ce60ccf41805a0&f160ccf41805a0&e660ccf4182760&2d60ccf41805a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 18 Jun 2022 19:29:28 GMT CMST=YMz0GGDM9BgA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 19 Jun 2021 19:29:28 GMT

Redirect headers

Server: Apache
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Fri, 18 Jun 2021 19:29:28 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 18 Jun 2021 19:29:28 GMT
Connection: keep-alive
Set-Cookie: CMID=YMz0GNxfBGuV-h-v3q--mQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 18 Jun 2022 19:29:28 GMT CMPS=3274;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 16 Sep 2021 19:29:28 GMT

GET
H/1.1 200
OK Cookie set uc.html Show response
sync.go.sonobi.com/ Frame B045 43 B
555 B 256ms
16ms Document
text/html 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Host: sync.go.sonobi.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://sync.quantumdex.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

Date: Fri, 18 Jun 2021 19:29:25 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, no-store, private
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma: no-cache
Tcn: Choice
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
X-Xss-Protection: 0
Content-Encoding: gzip
Server: sonobi-go
Set-Cookie: HAPLB5S=s57129|YMz0G; path=/; domain=.go.sonobi.com

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 91C1 14 KB
5 KB 1096ms
77ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

server: Apache/2.2.15 (CentOS)
last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=21284
expires: Sat, 19 Jun 2021 01:24:10 GMT
date: Fri, 18 Jun 2021 19:29:26 GMT
vary: Accept-Encoding

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 99A1 2 KB
818 B 3025ms
12ms Document
text/html 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2bb78272a859ca6

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?pubId=2bb78272a859ca6
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
strict-transport-security: max-age=15552000

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame 4653 0
0 3311ms
109ms Document
text/plain 67.202.110.21
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.110.21 Crown Point, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip21.67-202-110.static.steadfastdns.net
Software: 33XP003 /
Resource Hash

Request headers

:method: GET
:authority: ssc-cms.33across.com
:scheme: https
:path: /ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

x-33x-status: 2000208
server: 33XP003
date: Fri, 18 Jun 2021 19:29:28 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame A1F2 0
39 B 21ms
21ms Script
text/plain 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=26867065&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:26 GMT
content-length: 0

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame EA7A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YMz0GJnrLbNa40vpkQX0SQAABIMAAAAB&gdpr_consent=&us_privacy=&gdpr=1
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEDFRMcvtfBp6m2s-27kr9Sc&google_cver=1

43 B
315 B

28ms
28ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEDFRMcvtfBp6m2s-27kr9Sc&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Jun 2021 19:29:28 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Fri, 18 Jun 2021 19:29:28 GMT

Redirect headers

pragma: no-cache
date: Fri, 18 Jun 2021 19:29:28 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEDFRMcvtfBp6m2s-27kr9Sc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame EA7A
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YMz0GJnrLbNa40vpkQX0SQAABIMAAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YMz0GJnrLbNa40vpkQX0SQAABIMAAAAB&dcc=t

43 B
433 B

201ms
100ms

Image
image/gif

52.94.232.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YMz0GJnrLbNa40vpkQX0SQAABIMAAAAB&dcc=t
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.94.232.32 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Jun 2021 19:29:29 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 18 Jun 2021 19:29:29 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YMz0GJnrLbNa40vpkQX0SQAABIMAAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame EA7A
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YMz0GJnrLbNa40vpkQX0SQAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPLNMk6gIzrGh5rJXvHSfDk&google_cver=1&gdpr=1

43 B
999 B

58ms
24ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPLNMk6gIzrGh5rJXvHSfDk&google_cver=1&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Jun 2021 19:29:29 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 18 Jun 2021 19:29:29 GMT

Redirect headers

pragma: no-cache
date: Fri, 18 Jun 2021 19:29:29 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPLNMk6gIzrGh5rJXvHSfDk&google_cver=1&gdpr=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 325
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame EA7A 70 B
264 B 35ms
31ms Image
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=39&cm_user_id=YMz0GJnrLbNa40vpkQX0SQAA&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 19:29:28 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame EA7A
Redirect Chain

https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1
https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=

43 B
315 B

53ms
24ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Jun 2021 19:29:29 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Fri, 18 Jun 2021 19:29:29 GMT

Redirect headers

date: Fri, 18 Jun 2021 19:29:29 GMT
server: nginx
access-control-allow-origin: *
transfer-encoding: chunked
access-control-allow-methods: POST, GET, OPTIONS
p3p: CP="NOI DEV OUR BUS UNI"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
cache-control: no-cache
content-type: text/html; charset=UTF-8
access-control-allow-headers: Origin
keep-alive: timeout=10

GET
H2

200

tpid=YMz0GJnrLbNa40vpkQX0SQAA%261155
bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/ Frame EA7A
Redirect Chain

https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YMz0GJnrLbNa40vpkQX0SQAA%261155?gdpr_consent=&us_privacy=&gdpr=1
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YMz0GJnrLbNa40vpkQX0SQAA%261155?gdpr_consent=&us_privacy=&gdpr=1

49 B
265 B

34ms
34ms

Image
image/gif

54.194.226.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YMz0GJnrLbNa40vpkQX0SQAA%261155?gdpr_consent=&us_privacy=&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.226.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 19:29:28 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.16.175
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 18 Jun 2021 19:29:28 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YMz0GJnrLbNa40vpkQX0SQAA%261155?gdpr_consent=&us_privacy=&gdpr=1
cache-control: no-cache
x-server: 10.45.1.130
content-length: 0
expires: 0

GET
H/1.1 204
No Content sync
ups.analytics.yahoo.com/ups/55940/ Frame EA7A 0
234 B 20ms
17ms Image
text/plain 3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YMz0GJnrLbNa40vpkQX0SQAABIMAAAAB&gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS/7.1.2.128 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 19:29:28 GMT
Server: ATS/7.1.2.128
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

rum
dsum.casalemedia.com/ Frame EA7A
Redirect Chain

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1624130968&gdpr=1

43 B
315 B

61ms
23ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1624130968&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Jun 2021 19:29:28 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Fri, 18 Jun 2021 19:29:28 GMT

Redirect headers

location: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1624130968&gdpr=1
pragma: no-cache
date: Fri, 18 Jun 2021 19:29:28 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
content-length: 0
expires: 0

GET
H2 200 setuid
sync.quantumdex.io/ Frame EA7A 43 B
346 B 252ms
250ms Image
image/gif 2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=ix&uid=YMz0GJnrLbNa40vpkQX0SQAABIMAAAAB
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:28 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=rQpHMSASj8yzIz0mPyKsGVlf51UDNNfZdtlYE0l%2BqxGXITBdPfnBBCP6bRt3NUbtvCUh%2FByqgV5xv0naasguflQ5RDCvR0Ny2OIxKjrjOzFXFeK2RJPeXxw%2FP%2BeHqDs%2FBLMA2s86tJodKgU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 6616ed394ce44a98-FRA
content-length: 43
cf-request-id: 0ac23297d000004a980baa9000000001

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 779B
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YMz0GNxfBGuV-h-v3q--mQAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPLNMk6gIzrGh5rJXvHSfDk&google_cver=1&gdpr=1

43 B
1 KB

1097ms
1088ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPLNMk6gIzrGh5rJXvHSfDk&google_cver=1&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Jun 2021 19:29:30 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 18 Jun 2021 19:29:30 GMT

Redirect headers

pragma: no-cache
date: Fri, 18 Jun 2021 19:29:29 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPLNMk6gIzrGh5rJXvHSfDk&google_cver=1&gdpr=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 325
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 779B
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YMz0GNxfBGuV_h_v3q__mQAABHAAAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YMz0GNxfBGuV_h_v3q__mQAABHAAAAAB&dcc=t

43 B
433 B

195ms
100ms

Image
image/gif

52.94.232.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YMz0GNxfBGuV_h_v3q__mQAABHAAAAAB&dcc=t
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.94.232.32 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Jun 2021 19:29:29 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 18 Jun 2021 19:29:29 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YMz0GNxfBGuV_h_v3q__mQAABHAAAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 779B 70 B
264 B 33ms
31ms Image
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=70&cm_user_id=YMz0GNxfBGuV-h-v3q--mQAA&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 19:29:28 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame 779B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YMz0GNxfBGuV_h_v3q__mQAABHAAAAAB&gdpr_consent=&us_privacy=&gdpr=1
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEDFRMcvtfBp6m2s-27kr9Sc&google_cver=1

43 B
315 B

28ms
27ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEDFRMcvtfBp6m2s-27kr9Sc&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Jun 2021 19:29:28 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Fri, 18 Jun 2021 19:29:28 GMT

Redirect headers

pragma: no-cache
date: Fri, 18 Jun 2021 19:29:28 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEDFRMcvtfBp6m2s-27kr9Sc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content sync
ups.analytics.yahoo.com/ups/55940/ Frame 779B 0
234 B 18ms
16ms Image
text/plain 3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YMz0GNxfBGuV_h_v3q__mQAABHAAAAAB&gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS/7.1.2.128 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 19:29:28 GMT
Server: ATS/7.1.2.128
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 ix
ad4m.at/ad/sim/ Frame 779B 0
0 35ms
16ms Image
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad4m.at/ad/sim/ix?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1

200
OK

rum
dsum.casalemedia.com/ Frame 779B
Redirect Chain

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1624130968&gdpr=1

43 B
315 B

83ms
21ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1624130968&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Jun 2021 19:29:28 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Fri, 18 Jun 2021 19:29:28 GMT

Redirect headers

location: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1624130968&gdpr=1
pragma: no-cache
date: Fri, 18 Jun 2021 19:29:28 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
content-length: 0
expires: 0

GET
H/1.1 200
OK CookieIndex
rtb.adentifi.com/ Frame 779B 0
88 B 1414ms
102ms Image
text/plain 35.171.36.131
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.adentifi.com/CookieIndex
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.171.36.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 0
Content-Type: text/plain

GET
H2 200 setuid
sync.quantumdex.io/ Frame 779B 43 B
347 B 129ms
128ms Image
image/gif 2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=ix&uid=YMz0GNxfBGuV_h_v3q__mQAABHAAAAAB
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:29:28 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=dp%2B1MhLd8FMa9jTVh1KDEUO%2FNn48jZEJ0KiDGcvgP9Tc3geagoDbzeu8j%2FhoyNTtJuG%2F30frKXlwmCcw%2BSJ%2BgO1CL31IoLvZgdqWPvYwa%2FsqHoLwsQ4axc2lU6PIPm9fF1b27g5up%2Br2TEc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 6616ed396d584a98-FRA
content-length: 43
cf-request-id: 0ac23297e800004a980fbe2000000001

POST
H/1.1 200
OK deb5462324 Show response
bam.nr-data.net/events/1/ 24 B
181 B 105ms
105ms XHR
image/gif 162.247.242.21
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/deb5462324?a=260834462&v=1209.f04e2b9&to=NFNUNkIDXUNZVEMMCg0ZYxBZTVpeXFJPSxULRg%3D%3D&rst=11348&ck=1&ref=https://theblemish.com/
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1209.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.21 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-9.nr-data.net
Software: /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://theblemish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: text/plain

Response headers

Access-Control-Allow-Origin: https://theblemish.com
Access-Control-Allow-Credentials: true
Content-Length: 24
Content-Type: image/gif

Verdicts & Comments Add Verdict or Comment

159 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
theblemish.com/	1970-01-20 03:53:00	Name: _pubcid Value: 3cab4a6c-9930-42fb-8f0d-149a037dd05a
theblemish.com/	1970-01-19 19:07:31	Name: __vliIPL Value: {"value":["2a01:4f8:121:131a::2"],"expiredAt":1624051761695}
.theblemish.com/	1970-01-19 19:08:50	Name: _gid Value: GA1.2.35527766.1624044562
.theblemish.com/	1970-01-19 19:07:24	Name: _gat Value: 1
.theblemish.com/	1970-01-19 21:17:00	Name: _fbp Value: fb.1.1624044561626.1654757713
.theblemish.com/	1970-01-20 12:38:36	Name: _ga Value: GA1.2.2056504066.1624044562
.theblemish.com/	1970-01-19 19:07:28	Name: AMP_TOKEN Value: %24NOT_FOUND

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	error	URL: https://assets.bilsyndication.com/plugins/cmptcf2/cmp-v2.0.1.js(Line 439) Message: TypeError: Cannot read property 'getItem' of null
console-api	log	URL: https://ads.ayads.co/ajs.php?zid=3914(Line 30) Message: %cwf%cs%c color: #FFFFFF; padding: 1px 3px; border-radius: 3px 0 0 3px; background: #ED7D04; color: #3E3E40; padding: 1px 3px; background: #6BEC7C color: #292929; padding: 1px 3px; border-radius: 0 3px 3px 0; background: #DEDEDE; Ads exhausted
console-api	log	URL: https://ads.ayads.co/ajs.php?zid=3914(Line 30) Message: console.trace
console-api	log	URL: https://ads.ayads.co/ajs.php?zid=3914(Line 30) Message: console.groupEnd

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa.agkn.com
aax-eu.amazon-adsystem.com
ad4m.at
ads.ayads.co
ads.betweendigital.com
ads.pubmatic.com
ads.us.e-planning.net
ajax.googleapis.com
ampcid.google.com
ampcid.google.de
antenna-us.ayads.co
ap.lijit.com
apex.go.sonobi.com
assets.bilsyndication.com
bam.nr-data.net
bcp.crwdcntrl.net
beacon.krxd.net
bh.contextweb.com
bidder.criteo.com
biltag.bilsyndication.com
bn01.er.bemail.it
casale-match.dotomi.com
cdn.jsdelivr.net
cdn.taboola.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect.facebook.net
cs.admanmedia.com
dmp.adform.net
dmp.theadex.com
dmp.v.fwmrm.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
files.theblemish.com
fonts.googleapis.com
fonts.gstatic.com
geoworker.ayads.co
gu.dyntrk.com
gum.criteo.com
ib.adnxs-simple.com
ib.adnxs.com
idsync.frontend.weborama.fr
image6.pubmatic.com
imasdk.googleapis.com
js-agent.newrelic.com
loadeu.exelator.com
match.adsrvr.org
maxcdn.bootstrapcdn.com
ms.quantumdex.io
mwzeom.zeotap.com
nep.advangelists.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
odr.mookie1.com
onetag-sys.com
optchk.ayads.co
pixel.advertising.com
pixel.mathtag.com
pixel.tapad.com
pixel.wp.com
platform.instagram.com
prebid-eu.creativecdn.com
prebid.a-mo.net
rtb.adentifi.com
s.amazon-adsystem.com
sac.ayads.co
sb.scorecardresearch.com
securepubads.g.doubleclick.net
services.bilsyndication.com
spl.zeotap.com
ssc-cms.33across.com
ssum-sec.casalemedia.com
static.criteo.net
stats.bilsyndication.com
stats.g.doubleclick.net
stats.wp.com
sync-tm.everesttech.net
sync.1rx.io
sync.e-planning.net
sync.go.sonobi.com
sync.quantumdex.io
sync.richaudience.com
sync.targeting.unrulymedia.com
sync.tidaltv.com
tags.bluekai.com
theblemish.com
trc.taboola.com
u-ams02.e-planning.net
ufo.approximity.com
ups.analytics.yahoo.com
useast.quantumdex.io
usermatch.krxd.net
worldstatistics.live
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.instagram.com
www8.smartadserver.com
104.21.234.188
107.21.231.45
13.248.242.197
136.144.59.88
142.250.186.34
151.1.205.165
151.101.13.44
151.101.14.110
151.101.14.49
162.247.242.21
168.119.149.178
178.162.133.149
178.162.133.150
178.250.0.165
18.184.153.186
185.184.8.65
185.33.221.13
185.64.190.78
185.86.137.114
188.42.191.196
192.0.76.3
198.148.27.139
199.232.137.44
2.18.233.180
2.18.233.201
2.18.234.21
212.82.100.182
213.19.147.44
216.58.212.130
23.45.99.241
2600:1f18:6593:f602:82a0:df8e:67ea:6e72
2606:4700:10::6814:a25
2606:4700:10::6814:b25
2606:4700:10::6816:1758
2606:4700:10::ac43:1faa
2606:4700:10::ac43:db6
2606:4700:20::681a:34e
2606:4700:20::681a:bd1
2606:4700::6810:5514
2606:4700::6812:acf
2606:4700:e2::ac40:8127
2a00:1450:4001:810::2002
2a00:1450:4001:810::2004
2a00:1450:4001:810::200e
2a00:1450:4001:813::2008
2a00:1450:4001:827::200a
2a00:1450:4001:827::200e
2a00:1450:4001:828::2003
2a00:1450:4001:828::200a
2a00:1450:4001:829::2003
2a00:1450:4001:82b::200e
2a00:1450:4001:830::200a
2a00:1450:400c:c01::9c
2a00:7c80:0:120::2
2a02:2638:1::13
2a02:2638:1::3
2a02:fa8:8806:16::1370
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a03:2880:f21c:81c4:face:b00c:0:43fe
2a03:2880:f21c:81e5:face:b00c:0:4420
2a05:d018:24:b002:ebbe:4057:3491:6f67
3.126.56.137
3.127.52.31
3.229.52.31
34.246.41.247
34.98.67.61
35.170.112.41
35.171.36.131
35.201.81.244
35.227.248.159
37.157.2.238
37.252.172.250
46.249.52.249
51.178.20.140
51.89.9.251
52.17.93.232
52.48.181.137
52.94.232.32
52.95.123.167
54.170.215.80
54.194.226.253
54.78.254.47
65.9.77.30
67.202.110.21
72.251.249.13
85.114.159.93
88.214.206.142
89.163.159.103
02c80e1e45b7235dcdf178b76674c7a5a262ea0d0328a2982de182c462d51d61
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0e62d43b403075d13dec18261becbf55942b6436467904454aeb7b6924f45807
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2
105643c59b878c6441eaa17051d4a71711c57bc29b60ce4072579d38b3cb2183
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12f394a79f62f2adae090da73fbba8245b7c97654ce04cefe4e8ad19e49629cc
1676a8158867ca736ff0a960b9300b8e0e8c016faa2b3211d54d1317213be669
16966f90bd98d85e1c86f57d6422d5632d4d2541c4eb3add9836227851dd9826
174fa874eee88ffd59d5c9cc7fd064f06e721fad3a156ddb5f4098fd987eb5f9
1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0
1df44e19df29dcd5ada4400f421249d94f929320d9cd276d5560d74bb79d9993
204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223
21f6e30ca887061ff2540f1734c068d4dfdb217dfe2e3c8c358c29c4b65f272c
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
22961ee557de0d1d28e13069065197ddea6e93cda1e6a23c510577e16d4fdc10
2890ce1f69865912fd6e2e919bb8871e0d055296ef9383c02397053c0223534d
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2ffe76b9c3aa881936b6145865d3059e2b35da85af5abbcccd499a98101b41d7
30b410b83af8676ba33a86cce11abe9db8e5c660b3ec379502ceb32cc014ccb7
3486818d238010d16d9c1d6903bb298d8720292c158d7a64f8c7aebff3688150
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
37bd89d0776acdb8565abd79559d140909e68570f7d74a6f0141d21aed4122f4
388906152967f639b6aa0e48c8cd9b7c536aa9a9484393754cfb6f14b178c8a5
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
3db50cf88e17c66f7d3c4e66219ccc0967086368e1d2222dbab19fe0cec6806e
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
408abc3a5bedff37056ecb1ba4872225de8a269ffe9aa04fd8fd38a7e7ec5116
488618d82452e62d29058429fce0232b8b8eabc44b91810899d61ce8afbd0c7d
49120de5d47bd735b7fe51736fde6bfd75dcdadbe3862c7eff507f27214ad6c2
497cfa9a8ffd69d991580fdc6f2db4b8d4acd70c5fbe4686c8cd88bf88770f96
49d7a304026657a57da93af99940763c1ff9367815338af259b664bffa7325cd
5029108fdfe403fa22aa858b05da579017edd567ffdc28b2ed082015dc9bd963
522e029d31644f5358f3099003b4d545762fc4072b2bbe9a1f79386436645ecd
522fcf7edad25c53f9931e20f4900a7e33e7f5063e1296460d9ea8193f22ca7c
55e4952be9599ffd0c411a904a954ac984ed919d612ac2c044545a373aebd1f8
58cb153700a65f215ed40bbba9968a61b9d21b982b2f48ec56c4208ab779f498
5a58c592039d8db3f52d43540b193f623acb77718ab452f6c0c0341a38b26baa
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5cce2306a2b7a641280a0e61d53b3cd645edb91d9389edaa2ba961a29337cfc0
5f18a3d12978e87ddf0b812311e0262eb2c14b4242104f9cf1240822cb3be0d7
645c745c972fa286538b481ff3da9a58bf2a8b2fba6b8a195853f6d221a4775e
6811f19b49c31f0c74ed1dc11f9547b96c9b9c9f56ad0d08d6f34eb592e2cec8
6943f4036943958e31aea8de79afcf7fa74a612a45443b734db806ba25e73088
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c9cadb2fd6b946904811a4b7bca409a091accc12de8ef57133c7a946866a93a
6cf1b04061e9335ff0e576fce7e8da44b2933cc67ff073dfbab250f4ba0d81b9
725bbf9aa1333c4322ef109062fc72dbeff9eb741f1bedebd6b76b03767ba7b3
7374a6b2a54ed0ea1efb388b72da95127417fdfdcd24cd1b246b241b6bcb9770
7512ae62108af074eaa90622e9df04625f120ecf4a909443fa6dc1a2b071c7a1
7a99f96711360ce1b70d0c1b8ecc80e2d5bcd940c679c9d8d279831ba6d2ba3b
7ad04495fc3e7b9021ae4e59d61ecf2d785a5d41e75fecdbbae01a9f6a03c4f1
80911ae1df2bdbca7c64bc552294247de84c08293020565b269468ec5c3da9f0
80adc03a59293870e7159d5c7177f1d69bf7bb3785afa7ea44fd162c0907854f
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83bcdfa5df8e5f84aa8715b0aefb06e9909b30290843475a0ecc6887650f811f
84c4fe27bc5ba9ec7ab2c3e8e2402e316c4653ef1cfc660e7481b4dc08cd1d82
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86e305d9b33cfd99d306174f6299b6042a59d02b3b70916231aeb49c2915eb77
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e569e1c271b04827ae65f754cd848bbb421b7d13ffdbd3eef077414d0284e64
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
94a0d7e15e8dcb75eae2dc3c63a1310ce1352b99ffcf3d676ed22c4ea73f20b2
95dc30d8b40e0bae97c0a41fa52d8d43ef7b66a7de4645c913aa994def62e5dd
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
9aaafad273dcec6735540020fb5126f85e4a83e85b0deef6dbd2a3ee1fa682ec
9c2fc710a25b74fa2238098619bc7f1e27c6f0e8da295bffccf7284a48e20677
9d823e8134c8e4a9a36dae50e4917c8df3bab3776cfd927a922753eda4a0ff2b
9e329af33b10e61476009e1936f9300b4335dd0fe52c41b593c4b2b08e295232
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a2b0aa1a3013b8ca56ea08beb786549a64a05e583b40239dca4a36139867b48d
a6bc4e6f0c55cbc68ba0fd9aab0744e80775af694aadb953b184f4098eeafb18
a98e1f08dd27c121a337ddc31691d4044f56ae83301b574728548b78d3068d3b
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b831802eedee3661a6d9418e223167762df36e9a7cd61c2d8de390b005567b0f
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
c0ea4e9072b69aa477e1ab3c8e3d913f9754d39defcb38a875f1e6c7411227af
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ceb9d170d89a7505ab5a4140701c48c772902393f779f16fe5471ffeb9a9fe97
d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1
d64f13b44d29a5e1bad6f7423abd940aaa529c1d768dfdfe2403a67712842bdb
d6f2af177ef71b6c90ff32854d8e9440dad00ac0279e56dc4227e336caaf9f53
d8cc7e8c8280c4d552097ec009bef41e01f2b7ca14ec49525aec1297b3dc83b6
dceea4b82d53579331ee205d34d283845bbaa2f9ebabe31ce091f772468d991e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e75ed7aa9bf46ba055e3654ad03592a5d90fccfb51ba9751cd5f5c8442195eed
edd010405afcf7f11562b847e3295cd2d9d12bcc1c90a30ef6321a38ea4758fe
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f3babd624816c7880c7c10cf229de4d260cbc3bce61eb7bc1d87aeff8e77631f
f841f3f16e0f0d066aab6b971b56b3b974310befd13c7edd65bd42d65fb426fc
fb6e6938b0a72e9d1d13c194783866c674f8d7c8af0703f5c8459512993d4017

theblemish.com Open in urlscan Pro 104.21.234.188 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

234 Requests

100 %HTTPS

36 %IPv6

72 Domains

102 Subdomains

66 IPs

10 Countries

2590 kBTransfer

6047 kBSize

7 Cookies

3 Outgoing links

Page URL History

Redirected requests

234 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

theblemish.com Open in urlscan Pro
104.21.234.188 Public Scan

Screenshot
Live screenshot

Full Image

234
Requests

100 %
HTTPS

36 %
IPv6

72
Domains

102
Subdomains

66
IPs

10
Countries

2590 kB
Transfer

6047 kB
Size

7
Cookies

234 HTTP transactions
0 data transactions