URL: https://omg.blog/
Submission: On September 28 via manual from CA — Scanned from CA

Summary

This website contacted 116 IPs in 12 countries across 125 domains to perform 345 HTTP transactions. The main IP is 2606:4700:20::681a:e67, located in United States and belongs to CLOUDFLARENET, US. The main domain is omg.blog. The Cisco Umbrella rank of the primary domain is 267466.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 15th 2022. Valid for: a year.
This is the only time omg.blog was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
38 2606:4700:20:... 13335 (CLOUDFLAR...)
6 2606:4700:20:... 13335 (CLOUDFLAR...)
7 173.223.56.138 16625 (AKAMAI-AS)
1 2600:1901:0:6... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 3 2600:1901:1:c... 15169 (GOOGLE)
4 192.0.77.48 2635 (AUTOMATTIC)
1 2600:9000:20e... 16509 (AMAZON-02)
3 2607:f8b0:400... 15169 (GOOGLE)
3 7 2620:116:800b... 14618 (AMAZON-AES)
3 2606:4700:20:... 13335 (CLOUDFLAR...)
1 23.52.163.40 16625 (AKAMAI-AS)
3 2a04:4e42:79:... 54113 (FASTLY)
1 2600:9000:20e... 16509 (AMAZON-02)
1 192.0.77.2 2635 (AUTOMATTIC)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2600:1901:0:f... 15169 (GOOGLE)
1 35.188.42.15 396982 (GOOGLE-CL...)
1 2600:1901:0:5... 15169 (GOOGLE)
1 2a04:4e42:79:... 54113 (FASTLY)
3 2a04:4e42:77:... 54113 (FASTLY)
1 2600:9000:20e... 16509 (AMAZON-02)
4 2600:1901:1:b... 15169 (GOOGLE)
4 35.201.71.192 15169 (GOOGLE)
1 3 13.224.214.16 16509 (AMAZON-02)
2 151.101.193.194 54113 (FASTLY)
2 2607:f8b0:400... 15169 (GOOGLE)
1 1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 23.52.162.21 16625 (AKAMAI-AS)
2 6 104.18.19.126 13335 (CLOUDFLAR...)
5 2607:f8b0:400... 15169 (GOOGLE)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 142.250.65.166 15169 (GOOGLE)
2 35.227.238.208 15169 (GOOGLE)
1 130.211.23.194 15169 (GOOGLE)
5 13.224.205.195 16509 (AMAZON-02)
9 26 2600:9000:20e... 16509 (AMAZON-02)
1 13.224.202.36 16509 (AMAZON-02)
8 34.107.140.113 15169 (GOOGLE)
1 3.208.153.18 14618 (AMAZON-AES)
3 3.230.217.116 14618 (AMAZON-AES)
1 2602:803:c002... 26667 (RUBICONPR...)
2 104.36.115.111 62713 (AS-PUBMATIC)
1 5 34.227.236.203 14618 (AMAZON-AES)
1 74.119.119.129 19750 (AS-CRITEO)
1 54.86.215.116 14618 (AMAZON-AES)
2 44.196.50.31 14618 (AMAZON-AES)
2 14 104.18.18.126 13335 (CLOUDFLAR...)
4 7 68.67.181.211 29990 (ASN-APPNEX)
1 18.211.245.94 14618 (AMAZON-AES)
1 23.217.43.215 16625 (AKAMAI-AS)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 51.222.39.184 16276 (OVH)
1 162.19.138.119 16276 (OVH)
1 2001:41d0:701... 16276 (OVH)
1 13.224.214.92 16509 (AMAZON-02)
9 11 13.224.214.95 16509 (AMAZON-02)
7 16 69.173.151.100 26667 (RUBICONPR...)
1 2607:f8b0:400... 15169 (GOOGLE)
6 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
2 21 209.54.182.161 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
5 23.52.161.180 16625 (AKAMAI-AS)
2 2 69.12.8.74 11742 (SPOTX-IAD)
2 2 34.98.64.218 15169 (GOOGLE)
12 12 35.211.178.172 19527 (GOOGLE-2)
6 6 35.190.90.30 15169 (GOOGLE)
5 5 107.178.246.49 15169 (GOOGLE)
2 3 13.224.214.26 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
5 12 35.71.139.29 16509 (AMAZON-02)
3 3 54.175.87.114 14618 (AMAZON-AES)
4 4 68.67.160.186 29990 (ASN-APPNEX)
2 2 2600:1f18:612... 14618 (AMAZON-AES)
1 1 23.52.167.93 16625 (AKAMAI-AS)
2 4 63.251.114.136 32475 (SINGLEHOP...)
1 1 63.251.28.234 13789 (INTERNAP-...)
1 1 88.214.206.142 46636 (NATCOWEB)
1 199.187.193.202 47043 (SMARTADSE...)
2 13.224.214.129 16509 (AMAZON-02)
6 2607:f8b0:400... 15169 (GOOGLE)
19 20 141.95.98.65 16276 (OVH)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 5 8.28.7.81 62713 (AS-PUBMATIC)
5 6 35.194.66.159 396982 (GOOGLE-CL...)
1 1 54.208.179.247 14618 (AMAZON-AES)
1 1 20.127.253.7 8075 (MICROSOFT...)
6 6 2606:ae80:147... 26762 (CNVR-US-EAST)
3 107.20.145.50 14618 (AMAZON-AES)
4 23.1.200.83 16625 (AKAMAI-AS)
2 5 198.148.27.139 19189 (PULSEPOINT)
2 2607:f8b0:400... 15169 (GOOGLE)
8 8 199.127.204.142 26120 (RHYTHMONE)
12 16 142.250.80.98 15169 (GOOGLE)
4 23.92.190.69 10913 (INTERNAP-BLK)
9 9 23.20.109.84 14618 (AMAZON-AES)
4 4 35.207.24.140 15169 (GOOGLE)
10 11 15.197.193.217 16509 (AMAZON-02)
1 4 2600:1f18:4e9... 14618 (AMAZON-AES)
4 4 173.231.178.81 32475 (SINGLEHOP...)
2 2 135.148.35.198 16276 (OVH)
2 3 185.167.164.42 198622 (ADFORM)
5 5 151.101.66.49 54113 (FASTLY)
7 20 8.28.7.83 62713 (AS-PUBMATIC)
1 1 199.187.193.185 47043 (SMARTADSE...)
1 1 193.122.128.135 31898 (ORACLE-BM...)
1 9 104.36.115.109 62713 (AS-PUBMATIC)
4 4 216.200.232.253 30419 (MEDIAMATH...)
6 7 8.28.7.82 62713 (AS-PUBMATIC)
1 1 159.65.196.12 14061 (DIGITALOC...)
1 38.91.45.7 398989 (DEEPINTENT)
1 74.119.119.150 19750 (AS-CRITEO)
1 1 34.193.201.64 14618 (AMAZON-AES)
2 2 52.2.182.92 14618 (AMAZON-AES)
2 52.2.60.97 14618 (AMAZON-AES)
1 1 69.90.254.78 13768 (COGECO-PEER1)
1 2 2606:4700:440... 13335 (CLOUDFLAR...)
1 1 34.102.163.6 15169 (GOOGLE)
1 2 72.44.36.54 14618 (AMAZON-AES)
2 3 35.190.60.146 15169 (GOOGLE)
2 2 107.178.254.65 15169 (GOOGLE)
1 1 34.98.67.3 15169 (GOOGLE)
2 6 8.28.7.84 62713 (AS-PUBMATIC)
2 2 2620:112:f002... 6336 (TURN-US-ASN)
1 1 54.164.39.11 14618 (AMAZON-AES)
2 18.213.85.80 14618 (AMAZON-AES)
2 2 207.198.113.93 13768 (COGECO-PEER1)
2 2 35.210.53.219 15169 (GOOGLE)
1 2 204.2.255.233 2914 (NTT-LTD-2914)
2 2 2606:ae80:145... 26762 (CNVR-US-EAST)
1 1 34.102.253.54 15169 (GOOGLE)
2 2 8.43.72.98 26667 (RUBICONPR...)
2 3 2620:1ec:21::14 8068 (MICROSOFT...)
1 52.94.223.37 16509 (AMAZON-02)
2 2620:100:a001::4 19750 (AS-CRITEO)
2 4 2620:100:a001::c 19750 (AS-CRITEO)
3 74.119.119.139 19750 (AS-CRITEO)
1 104.17.120.107 13335 (CLOUDFLAR...)
1 23.52.160.130 16625 (AKAMAI-AS)
2 4 69.166.1.10 27630 (AS-XFERNET)
3 4 50.57.31.206 19994 (RACKSPACE)
1 2 104.18.101.194 13335 (CLOUDFLAR...)
2 2 54.85.248.187 14618 (AMAZON-AES)
1 2620:1ec:c11:... 8068 (MICROSOFT...)
2 2 70.42.32.31 22075 (AS-OUTBRAIN)
1 2 173.223.57.84 16625 (AKAMAI-AS)
2 2 23.3.125.39 16625 (AKAMAI-AS)
1 1 172.104.121.22 63949 (LINODE-AP...)
1 5.161.47.120 213230 (HETZNER-C...)
1 195.5.165.20 44968 (IPROM-AS)
1 1 2a04:4e42:600... 54113 (FASTLY)
1 151.101.193.44 54113 (FASTLY)
1 1 104.45.178.220 8075 (MICROSOFT...)
1 1 74.222.140.101 18672 (EVOCATIVE1)
6 6 146.59.148.16 16276 (OVH)
2 2 52.0.156.250 14618 (AMAZON-AES)
2 2 3.215.101.237 14618 (AMAZON-AES)
1 1 76.13.32.147 26101 (YAHOO-BF1)
2 2 35.201.96.126 15169 (GOOGLE)
1 162.248.18.10 62713 (AS-PUBMATIC)
1 1 34.111.151.213 15169 (GOOGLE)
1 1 54.158.55.221 14618 (AMAZON-AES)
1 1 54.85.143.236 14618 (AMAZON-AES)
1 2606:4700::68... 13335 (CLOUDFLAR...)
345 116
Apex Domain
Subdomains
Transfer
55 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 431
ads.pubmatic.com — Cisco Umbrella Rank: 457
image6.pubmatic.com — Cisco Umbrella Rank: 647
simage2.pubmatic.com — Cisco Umbrella Rank: 686
image2.pubmatic.com — Cisco Umbrella Rank: 904
image8.pubmatic.com — Cisco Umbrella Rank: 596
image4.pubmatic.com — Cisco Umbrella Rank: 853
simage4.pubmatic.com — Cisco Umbrella Rank: 1185
aud.pubmatic.com — Cisco Umbrella Rank: 4436
59 KB
38 omg.blog
omg.blog — Cisco Umbrella Rank: 267466
303 KB
28 primis.tech
live.primis.tech — Cisco Umbrella Rank: 3108
video.primis.tech — Cisco Umbrella Rank: 5918
723 KB
28 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 297
aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 494
s.amazon-adsystem.com — Cisco Umbrella Rank: 287
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1216
109 KB
23 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 465
pixel.rubiconproject.com — Cisco Umbrella Rank: 336
eus.rubiconproject.com — Cisco Umbrella Rank: 557
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 806
token.rubiconproject.com — Cisco Umbrella Rank: 667
33 KB
23 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 79
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 180
ad.doubleclick.net — Cisco Umbrella Rank: 163
cm.g.doubleclick.net — Cisco Umbrella Rank: 212
151 KB
21 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1159
id5-sync.com — Cisco Umbrella Rank: 456
47 KB
20 casalemedia.com
as-sec.casalemedia.com — Cisco Umbrella Rank: 1348
htlb.casalemedia.com — Cisco Umbrella Rank: 481
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 429
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 528
ssum.casalemedia.com — Cisco Umbrella Rank: 1327
dsum.casalemedia.com — Cisco Umbrella Rank: 1323
17 KB
13 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 543
eb2.3lift.com — Cisco Umbrella Rank: 376
5 KB
12 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 288
6 KB
12 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
1647f23214414d860cd291a591032202.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 143
289 KB
12 intentiq.com
api.intentiq.com — Cisco Umbrella Rank: 1630
sync.intentiq.com — Cisco Umbrella Rank: 1293
sync1.intentiq.com — Cisco Umbrella Rank: 3591
13 KB
12 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 229
secure.adnxs.com — Cisco Umbrella Rank: 428
acdn.adnxs.com — Cisco Umbrella Rank: 593
27 KB
11 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 344
6 KB
11 yahoo.com
c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 959
c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 866
ups.analytics.yahoo.com — Cisco Umbrella Rank: 282
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 439
cms.analytics.yahoo.com — Cisco Umbrella Rank: 855
5 KB
10 pub.network
a.pub.network — Cisco Umbrella Rank: 5129
d.pub.network — Cisco Umbrella Rank: 5760
c.pub.network — Cisco Umbrella Rank: 5537
411 KB
9 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 479
4 KB
9 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 728
dis.criteo.com — Cisco Umbrella Rank: 665
gum.criteo.com — Cisco Umbrella Rank: 402
mug.criteo.com — Cisco Umbrella Rank: 2810
9 KB
8 dotomi.com
amazon-tam-match.dotomi.com — Cisco Umbrella Rank: 4730
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3077
pulsepoint-match.dotomi.com — Cisco Umbrella Rank: 5814
yieldmo-match.dotomi.com — Cisco Umbrella Rank: 4823
3 KB
8 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 598
ce.lijit.com — Cisco Umbrella Rank: 918
8 KB
8 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 645
sync-amz.ads.yieldmo.com — Cisco Umbrella Rank: 5277
sync-pm.ads.yieldmo.com — Cisco Umbrella Rank: 7504
4 KB
8 t13.io
s2s.t13.io — Cisco Umbrella Rank: 6190
2 KB
8 spotify.com
open.spotify.com — Cisco Umbrella Rank: 3015
apresolve.spotify.com — Cisco Umbrella Rank: 845
gue1-spclient.spotify.com — Cisco Umbrella Rank: 2908
29 KB
7 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 922
pixel.quantserve.com — Cisco Umbrella Rank: 417
22 KB
6 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 3176
3 KB
6 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 530
4 KB
6 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 815
2 KB
6 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 924
870 B
6 addthis.com
s7.addthis.com — Cisco Umbrella Rank: 1572
m.addthis.com — Cisco Umbrella Rank: 1510
246 KB
5 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 537
rtd-tm.everesttech.net — Cisco Umbrella Rank: 2329
1 KB
5 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 517
4 KB
5 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 430
679 B
4 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1041
3 KB
4 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 980
3 KB
4 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 441
2 KB
4 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1400
3 KB
4 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 898
2 KB
4 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1362
rtb.gumgum.com — Cisco Umbrella Rank: 1016
3 KB
4 scdn.co
mosaic.scdn.co — Cisco Umbrella Rank: 5850
encore.scdn.co — Cisco Umbrella Rank: 6741
257 KB
4 w.org
s.w.org — Cisco Umbrella Rank: 731
3 KB
3 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 365
1 KB
3 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 329
api.rlcdn.com Failed
571 B
3 adform.net
c1.adform.net — Cisco Umbrella Rank: 614
1 KB
3 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 455
2 KB
3 google.com
adservice.google.com — Cisco Umbrella Rank: 76
www.google.com — Cisco Umbrella Rank: 2
1 KB
3 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 604
cdn.indexww.com — Cisco Umbrella Rank: 1368
15 KB
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 152
3 KB
3 spotifycdn.com
open.spotifycdn.com — Cisco Umbrella Rank: 5837
342 KB
3 pubexchange.com
main.pubexchange.com — Cisco Umbrella Rank: 47949
cdn2.pubexchange.com — Cisco Umbrella Rank: 59034
11 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 28
20 KB
2 fiftyt.com
visitor.fiftyt.com — Cisco Umbrella Rank: 3910
625 B
2 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 708
906 B
2 exelator.com
loada.exelator.com — Cisco Umbrella Rank: 23043
2 KB
2 taboola.com
trc.taboola.com — Cisco Umbrella Rank: 690
match.taboola.com — Cisco Umbrella Rank: 2703
656 B
2 owneriq.net
px.owneriq.net — Cisco Umbrella Rank: 969
1 KB
2 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 480
tags.bluekai.com — Cisco Umbrella Rank: 524
1 KB
2 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 532
1 KB
2 creative-serving.com
ads.creative-serving.com — Cisco Umbrella Rank: 3941
1 KB
2 adsymptotic.com
p.adsymptotic.com — Cisco Umbrella Rank: 488
477 B
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 636
57 KB
2 mxptint.net
pmp.mxptint.net — Cisco Umbrella Rank: 4488
965 B
2 admedo.com
pool.admedo.com — Cisco Umbrella Rank: 4515
752 B
2 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 573
946 B
2 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1220
69 B
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 746
943 B
2 pippio.com
pippio.com — Cisco Umbrella Rank: 723
719 B
2 cognitivlabs.com
beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 1776
837 B
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 805
s.tribalfusion.com — Cisco Umbrella Rank: 2173
1 KB
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 727
1 KB
2 dyntrk.com
gu.dyntrk.com — Cisco Umbrella Rank: 1344
1 KB
2 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1165
1 KB
2 inmobi.com
sync.inmobi.com — Cisco Umbrella Rank: 2059
mweb.ck.inmobi.com — Cisco Umbrella Rank: 3447
971 B
2 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 832
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 626
509 B
2 tremorhub.com
mb9eo.publishers.tremorhub.com — Cisco Umbrella Rank: 6610
992 B
2 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 909
131 B
2 openx.net
u.openx.net — Cisco Umbrella Rank: 641
437 B
2 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 574
1 KB
2 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1356
lbs.eu-1-id5-sync.com — Cisco Umbrella Rank: 1405
545 B
2 floors.dev
api.floors.dev — Cisco Umbrella Rank: 8060
2 KB
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 1031
1 KB
2 btloader.com
btloader.com — Cisco Umbrella Rank: 919
api.btloader.com — Cisco Umbrella Rank: 1034
103 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 191
71 KB
2 fastly.net
confiant-integrations.global.ssl.fastly.net — Cisco Umbrella Rank: 1349
88 KB
2 unusedstone.com
unusedstone.com
2 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 64
132 KB
1 extend.tv
sync.extend.tv — Cisco Umbrella Rank: 1659
546 B
1 advangelists.com
nep.advangelists.com — Cisco Umbrella Rank: 2367
230 B
1 brand-display.com
dmp.brand-display.com — Cisco Umbrella Rank: 1652
350 B
1 bnmla.com
match.bnmla.com — Cisco Umbrella Rank: 2481
900 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 5768
279 B
1 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 6147
1 appier.net
gocm.c.appier.net — Cisco Umbrella Rank: 2208
393 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 224
666 B
1 brealtime.com
biddr.brealtime.com — Cisco Umbrella Rank: 2807
1 KB
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 3648
465 B
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 886
554 B
1 linksynergy.com
tags.rd.linksynergy.com — Cisco Umbrella Rank: 4438
392 B
1 mrtnsvr.com
ad.mrtnsvr.com — Cisco Umbrella Rank: 2060
290 B
1 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 1297
674 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 689
615 B
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 863
223 B
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2396
534 B
1 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1181
801 B
1 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 1160
538 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 389
2 KB
1 gstatic.com
fonts.gstatic.com
16 KB
1 admanmedia.com
cs.admanmedia.com — Cisco Umbrella Rank: 1299
880 B
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 716
832 B
1 media.net
cs.media.net — Cisco Umbrella Rank: 1341
1 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 41
1 KB
1 google.ca
adservice.google.ca — Cisco Umbrella Rank: 13694
792 B
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 749
865 B
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1352
17 KB
1 emxdgt.com
hb.emxdgt.com — Cisco Umbrella Rank: 2400
154 B
1 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 929
226 B
1 videoplayerhub.com
freestar-io.videoplayerhub.com — Cisco Umbrella Rank: 6338
467 B
1 addthisedge.com
v1.addthisedge.com — Cisco Umbrella Rank: 1755
1 KB
1 qccerttest.com
pxl.qccerttest.com — Cisco Umbrella Rank: 993
549 B
1 sentry.io
sentry.io — Cisco Umbrella Rank: 292
406 B
1 makeup.com
www.makeup.com — Cisco Umbrella Rank: 331360
58 KB
1 wp.com
i1.wp.com — Cisco Umbrella Rank: 7396
11 KB
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 861
1 KB
1 moatads.com
z.moatads.com — Cisco Umbrella Rank: 385
1 KB
1 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 575
467 B
1 causecherry.com
causecherry.com
28 KB
345 125
Domain Requested by
38 omg.blog omg.blog
26 live.primis.tech 9 redirects a.pub.network
live.primis.tech
ads.pubmatic.com
21 s.amazon-adsystem.com 2 redirects c.amazon-adsystem.com
s.amazon-adsystem.com
ap.lijit.com
ssum-sec.casalemedia.com
bh.contextweb.com
sync-amz.ads.yieldmo.com
eus.rubiconproject.com
eb2.3lift.com
ads.pubmatic.com
20 simage2.pubmatic.com 7 redirects ads.pubmatic.com
20 id5-sync.com 19 redirects cdn.id5-sync.com
16 cm.g.doubleclick.net 12 redirects sync-amz.ads.yieldmo.com
eus.rubiconproject.com
eb2.3lift.com
13 pixel.rubiconproject.com 4 redirects eus.rubiconproject.com
12 eb2.3lift.com 5 redirects a.pub.network
eb2.3lift.com
12 x.bidswitch.net 12 redirects
11 match.adsrvr.org 10 redirects a.pub.network
11 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
10 sync.intentiq.com 8 redirects
9 image2.pubmatic.com 1 redirects ads.pubmatic.com
9 match.prod.bidr.io 9 redirects
8 s2s.t13.io a.pub.network
onetag-sys.com
7 image8.pubmatic.com 6 redirects sync-amz.ads.yieldmo.com
7 ib.adnxs.com 4 redirects a.pub.network
acdn.adnxs.com
6 pixel.onaudience.com 6 redirects
6 sync.1rx.io 6 redirects
6 um.simpli.fi 5 redirects ads.pubmatic.com
6 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
6 odr.mookie1.com 6 redirects
6 a.pub.network omg.blog
a.pub.network
5 bh.contextweb.com 2 redirects s.amazon-adsystem.com
bh.contextweb.com
5 image6.pubmatic.com 2 redirects ads.pubmatic.com
5 ssum-sec.casalemedia.com 2 redirects s.amazon-adsystem.com
ssum-sec.casalemedia.com
js-sec.indexww.com
5 pixel.tapad.com 5 redirects
5 ads.pubmatic.com live.primis.tech
s.amazon-adsystem.com
ads.pubmatic.com
a.pub.network
5 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
5 ads.yieldmo.com 1 redirects a.pub.network
sync-amz.ads.yieldmo.com
5 c.amazon-adsystem.com a.pub.network
c.amazon-adsystem.com
live.primis.tech
5 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
omg.blog
5 pixel.quantserve.com 3 redirects omg.blog
4 uipglob.semasio.net 3 redirects ads.pubmatic.com
4 sync.go.sonobi.com 2 redirects
4 gum.criteo.com 2 redirects static.criteo.net
4 image4.pubmatic.com 2 redirects ads.pubmatic.com
4 sync.mathtag.com 4 redirects
4 cm.adgrx.com 4 redirects
4 pr-bh.ybp.yahoo.com 1 redirects ssum-sec.casalemedia.com
ads.pubmatic.com
4 rtb.mfadsrvr.com 4 redirects
4 ce.lijit.com ap.lijit.com
4 eus.rubiconproject.com s.amazon-adsystem.com
eus.rubiconproject.com
a.pub.network
4 ap.lijit.com 2 redirects s.amazon-adsystem.com
ap.lijit.com
4 secure.adnxs.com 4 redirects
4 gue1-spclient.spotify.com open.spotifycdn.com
4 s.w.org omg.blog
4 s7.addthis.com omg.blog
s7.addthis.com
3 mug.criteo.com
3 px.ads.linkedin.com 2 redirects eus.rubiconproject.com
3 token.rubiconproject.com 3 redirects
3 idsync.rlcdn.com 2 redirects ads.pubmatic.com
3 sync-tm.everesttech.net 3 redirects
3 c1.adform.net 2 redirects ads.pubmatic.com
3 ups.analytics.yahoo.com 3 redirects
3 aa.agkn.com 2 redirects ads.pubmatic.com
3 c.pub.network a.pub.network
3 sb.scorecardresearch.com 1 redirects a.pub.network
3 encore.scdn.co open.spotifycdn.com
3 open.spotifycdn.com open.spotify.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 open.spotify.com 1 redirects omg.blog
open.spotifycdn.com
2 visitor.fiftyt.com 2 redirects
2 sync.crwdcntrl.net 2 redirects
2 loada.exelator.com 2 redirects
2 px.owneriq.net 2 redirects
2 b1sync.zemanta.com 2 redirects
2 ads.creative-serving.com 2 redirects
2 p.adsymptotic.com 1 redirects eb2.3lift.com
2 rtd-tm.everesttech.net 2 redirects
2 simage4.pubmatic.com ads.pubmatic.com
2 static.criteo.net a.pub.network
static.criteo.net
2 pixel-us-east.rubiconproject.com 2 redirects
2 yieldmo-match.dotomi.com 2 redirects
2 pulsepoint-match.dotomi.com 2 redirects
2 pmp.mxptint.net 1 redirects ads.pubmatic.com
2 pool.admedo.com 2 redirects
2 sync-pm.ads.yieldmo.com ads.pubmatic.com
2 pixel-sync.sitescout.com 2 redirects
2 pubmatic-match.dotomi.com 2 redirects
2 rtb.adentifi.com ads.pubmatic.com
ssum-sec.casalemedia.com
2 ad.turn.com 2 redirects
2 pippio.com 2 redirects
2 beacon.lynx.cognitivlabs.com 1 redirects ads.pubmatic.com
2 rtb.gumgum.com ads.pubmatic.com
2 pm.w55c.net 2 redirects
2 gu.dyntrk.com 2 redirects
2 sync.targeting.unrulymedia.com 2 redirects
2 www.google.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
2 amazon-tam-match.dotomi.com 2 redirects
2 video.primis.tech
2 mb9eo.publishers.tremorhub.com 2 redirects
2 csync.loopme.me ads.pubmatic.com
2 u.openx.net 2 redirects
2 sync.search.spotxchange.com 2 redirects
2 c2shb.pubgw.yahoo.com a.pub.network
2 g2.gumgum.com a.pub.network
2 hbopenbid.pubmatic.com a.pub.network
live.primis.tech
2 api.floors.dev a.pub.network
2 ad-delivery.net
2 js-sec.indexww.com a.pub.network
2 www.googletagservices.com a.pub.network
securepubads.g.doubleclick.net
2 confiant-integrations.global.ssl.fastly.net a.pub.network
confiant-integrations.global.ssl.fastly.net
2 m.addthis.com s7.addthis.com
2 unusedstone.com causecherry.com
2 cdn2.pubexchange.com main.pubexchange.com
2 secure.quantserve.com www.googletagmanager.com
a.pub.network
2 www.googletagmanager.com omg.blog
www.googletagmanager.com
1 cdn.indexww.com ssum-sec.casalemedia.com
1 sync.extend.tv 1 redirects
1 nep.advangelists.com 1 redirects
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 dmp.brand-display.com 1 redirects
1 aud.pubmatic.com ads.pubmatic.com
1 tags.bluekai.com ads.pubmatic.com
1 cms.analytics.yahoo.com 1 redirects
1 match.bnmla.com 1 redirects
1 mweb.ck.inmobi.com 1 redirects
1 match.taboola.com ads.pubmatic.com
1 trc.taboola.com 1 redirects
1 core.iprom.net ads.pubmatic.com
1 matching.truffle.bid ads.pubmatic.com
1 gocm.c.appier.net 1 redirects
1 stags.bluekai.com 1 redirects
1 c.bing.com eb2.3lift.com
1 acdn.adnxs.com a.pub.network
1 biddr.brealtime.com a.pub.network
1 ssum.casalemedia.com 1 redirects
1 aax-eu.amazon-adsystem.com eus.rubiconproject.com
1 ads.playground.xyz 1 redirects
1 sync.ipredictive.com 1 redirects
1 tags.rd.linksynergy.com 1 redirects
1 ad.mrtnsvr.com 1 redirects
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 ums.acuityplatform.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 match.deepintent.com ads.pubmatic.com
1 match.adsby.bidtheatre.com 1 redirects
1 sync.technoratimedia.com 1 redirects
1 rtb-csync.smartadserver.com 1 redirects
1 sync-amz.ads.yieldmo.com s.amazon-adsystem.com
1 sync.inmobi.com 1 redirects
1 jadserve.postrelease.com 1 redirects
1 cdn.jsdelivr.net live.primis.tech
1 fonts.gstatic.com fonts.googleapis.com
1 ssbsync.smartadserver.com
1 cs.admanmedia.com 1 redirects
1 ads.stickyadstv.com 1 redirects
1 cs.media.net 1 redirects
1 fonts.googleapis.com live.primis.tech
1 1647f23214414d860cd291a591032202.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.ca securepubads.g.doubleclick.net
1 sync1.intentiq.com 1 redirects
1 api.intentiq.com live.primis.tech
1 lbs.eu-1-id5-sync.com cdn.id5-sync.com
1 lb.eu-1-id5-sync.com cdn.id5-sync.com
1 onetag-sys.com a.pub.network
1 cdn.id5-sync.com omg.blog
1 secure.cdn.fastclick.net omg.blog
1 hb.emxdgt.com a.pub.network
1 htlb.casalemedia.com a.pub.network
1 btlr.sharethrough.com a.pub.network
1 bidder.criteo.com a.pub.network
1 fastlane.rubiconproject.com a.pub.network
1 c2shb.ssp.yahoo.com a.pub.network
1 tlx.3lift.com a.pub.network
1 aax-dtb-cf.amazon-adsystem.com c.amazon-adsystem.com
1 api.btloader.com freestar-io.videoplayerhub.com
1 ad.doubleclick.net
1 as-sec.casalemedia.com js-sec.indexww.com
1 btloader.com
1 freestar-io.videoplayerhub.com 1 redirects
1 v1.addthisedge.com s7.addthis.com
1 d.pub.network a.pub.network
1 pxl.qccerttest.com omg.blog
1 mosaic.scdn.co open.spotify.com
1 apresolve.spotify.com open.spotifycdn.com
1 sentry.io open.spotifycdn.com
1 stats.g.doubleclick.net www.google-analytics.com
1 www.makeup.com omg.blog
1 i1.wp.com omg.blog
1 rules.quantcount.com secure.quantserve.com
1 z.moatads.com s7.addthis.com
1 main.pubexchange.com omg.blog
1 static.adsafeprotected.com causecherry.com
1 causecherry.com omg.blog
0 api.rlcdn.com Failed a.pub.network
345 190
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-05-15 -
2023-05-15
a year crt.sh
odc-addthis-prod-01.oracle.com
DigiCert SHA2 Secure Server CA
2022-02-27 -
2023-02-28
a year crt.sh
causecherry.com
R3
2022-08-28 -
2022-11-26
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2022-09-05 -
2022-11-28
3 months crt.sh
*.spotify.com
DigiCert TLS RSA SHA256 2020 CA1
2022-04-06 -
2023-04-06
a year crt.sh
*.w.org
Sectigo RSA Domain Validation Secure Server CA
2021-11-24 -
2022-12-25
a year crt.sh
static.adsafeprotected.com
Amazon
2022-08-06 -
2023-09-04
a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1
2022-08-09 -
2023-09-09
a year crt.sh
moatads.com
DigiCert SHA2 Secure Server CA
2021-11-27 -
2022-11-29
a year crt.sh
*.spotifycdn.com
DigiCert TLS RSA SHA256 2020 CA1
2022-08-02 -
2023-08-02
a year crt.sh
*.wp.com
Sectigo RSA Domain Validation Secure Server CA
2022-06-11 -
2023-07-12
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-09-05 -
2022-11-28
3 months crt.sh
unusedstone.com
R3
2022-08-27 -
2022-11-25
3 months crt.sh
sentry.io
DigiCert TLS RSA SHA256 2020 CA1
2022-06-03 -
2023-07-04
a year crt.sh
*.scdn.co
DigiCert TLS RSA SHA256 2020 CA1
2022-08-02 -
2023-08-02
a year crt.sh
qccerttest.com
Amazon
2022-04-04 -
2023-05-03
a year crt.sh
*.pub.network
Go Daddy Secure Certificate Authority - G2
2022-03-19 -
2023-04-20
a year crt.sh
*.scorecardresearch.com
Amazon
2022-01-29 -
2023-02-27
a year crt.sh
*.freetls.fastly.net
GlobalSign Atlas R3 DV TLS CA 2022 Q2
2022-05-04 -
2023-06-05
a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018
2021-12-12 -
2022-12-13
a year crt.sh
*.doubleclick.net
GTS CA 1C3
2022-09-05 -
2022-11-28
3 months crt.sh
api.floors.dev
GTS CA 1D4
2022-08-06 -
2022-11-04
3 months crt.sh
api.btloader.com
GTS CA 1D4
2022-08-21 -
2022-11-19
3 months crt.sh
c.amazon-adsystem.com
Amazon
2022-05-09 -
2023-04-18
a year crt.sh
*.primis.tech
Amazon
2021-10-28 -
2022-11-26
a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon
2022-06-15 -
2023-06-15
a year crt.sh
s2s.t13.io
GTS CA 1D4
2022-09-27 -
2022-12-26
3 months crt.sh
*.3lift.com
Amazon
2022-05-13 -
2023-06-11
a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2022-08-02 -
2023-01-25
6 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2022-03-08 -
2023-04-04
a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1
2022-06-13 -
2023-07-14
a year crt.sh
*.yieldmo.com
Amazon
2022-09-12 -
2023-10-12
a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-08-27 -
2022-11-22
3 months crt.sh
*.sharethrough.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-08-10 -
2023-08-11
a year crt.sh
*.gumgum.com
Amazon
2022-09-14 -
2023-10-11
a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2022-02-11 -
2023-03-14
a year crt.sh
*.emxdgt.com
Amazon
2022-06-03 -
2023-07-02
a year crt.sh
secure.cdn.fastclick.net
DigiCert SHA2 Secure Server CA
2022-01-15 -
2023-01-17
a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-01-10 -
2023-01-03
a year crt.sh
*.eu-1-id5-sync.com
R3
2022-08-18 -
2022-11-16
3 months crt.sh
*.intentiq.com
Amazon
2022-03-20 -
2023-04-17
a year crt.sh
*.google.ca
GTS CA 1C3
2022-09-12 -
2022-12-05
3 months crt.sh
*.google.com
GTS CA 1C3
2022-09-05 -
2022-11-28
3 months crt.sh
s.amazon-adsystem.com
Amazon
2022-05-09 -
2023-04-21
a year crt.sh
upload.video.google.com
GTS CA 1C3
2022-09-05 -
2022-11-28
3 months crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-01-25 -
2023-01-25
a year crt.sh
*.id5-sync.com
R3
2022-08-18 -
2022-11-16
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-09-05 -
2022-11-28
3 months crt.sh
*.ads.yieldmo.com
Amazon
2022-04-25 -
2023-05-24
a year crt.sh
*.contextweb.com
DigiCert TLS RSA SHA256 2020 CA1
2022-04-07 -
2023-05-08
a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2
2022-06-27 -
2023-06-05
a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2022-09-12 -
2022-12-05
3 months crt.sh
www.google.com
GTS CA 1C3
2022-09-05 -
2022-11-28
3 months crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2022-06-14 -
2022-12-07
6 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1
2022-09-20 -
2023-09-20
a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2
2022-05-02 -
2023-06-03
a year crt.sh
beacon.lynx.cognitivlabs.com
Amazon
2022-04-13 -
2023-05-12
a year crt.sh
adentifi.com
Amazon
2022-08-05 -
2023-09-03
a year crt.sh
aax-eu.amazon-adsystem.com
Amazon
2022-07-20 -
2023-07-19
a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-09-01 -
2022-11-30
3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2022-03-31 -
2023-05-02
a year crt.sh
*.brealtime.com
Go Daddy Secure Certificate Authority - G2
2022-01-21 -
2023-02-22
a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018
2021-12-10 -
2022-12-09
a year crt.sh
www.bing.com
Microsoft RSA TLS CA 02
2022-09-03 -
2023-03-03
6 months crt.sh
truffle.bid
R3
2022-07-21 -
2022-10-19
3 months crt.sh
*.iprom.net
R3
2022-09-13 -
2022-12-12
3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1
2021-11-28 -
2022-12-29
a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1
2021-10-27 -
2022-11-27
a year crt.sh
*.agkn.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1
2022-09-06 -
2023-09-21
a year crt.sh

This page contains 59 frames:

Primary Page: https://omg.blog/
Frame ID: 4E3B8936D92E17A1BFAC8C6396412A65
Requests: 152 HTTP requests in this frame

Frame: https://open.spotify.com/embed-legacy/playlist/4GCVvY4NTIh0RJ3wu0ALzZ?utm_source=generator
Frame ID: 228DBDB3D5BD51E12DA0F3BDC2551A11
Requests: 13 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 58CA1CBB57C6FC89C380EC0580C8DF37
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 21BE7F69284C80371E49DDF092B67EF8
Requests: 1 HTTP requests in this frame

Frame: https://live.primis.tech/live/liveView.php?s=108645&cbuster=1664368967&pubUrl=https://omg.blog/&x=700&y=476&playerApiId=freestarPrimisPlayer&schain=1.0,1!freestar.com,974,1&cbuster=1664368966&pubUrlAuto=https%3A%2F%2Fomg.blog%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Frame ID: C4EFED003C750307BD132412611A6D46
Requests: 28 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D
Frame ID: C63A39D5DD2B406EEAFD2FF0EF6BF0AC
Requests: 2 HTTP requests in this frame

Frame: https://1647f23214414d860cd291a591032202.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 594A21445817E99B1E848016EFC70BC3
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-mediagrid_n-index_n-LoopMe_n-inmobi_cnv_pm-db5_n-simpli.fi_ym_rbd_ppt_n-nativo_an-db5_sovrn_3lift&dcc=t
Frame ID: 92F3F1ABF95B97B67AC5871D231FF2B6
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D63344146bfc14%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D0%26gdpr_consent%3D
Frame ID: DF3E4923987B66247F1785248CF7AB84
Requests: 22 HTTP requests in this frame

Frame: https://live.primis.tech/live/liveCS.php?source=external&csuuid=63344146bfc14&pixel=&advId=94&advUuid=0e42515f-3f2b-11ed-b9dc-14caa66b0403
Frame ID: 7B222169CC5240531F687DDCB39C0949
Requests: 1 HTTP requests in this frame

Frame: https://live.primis.tech/live/liveCS.php?source=external&csuuid=63344146bfc14&pixel=&advId=98&advUuid=e164636c-d41d-4a8b-b73d-6b9b61f56845
Frame ID: D0EE3BCD484AB6D6074F2CB3953FA676
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_n-inmobi_cnv_pm-db5_n-simpli.fi_ym_rbd_ppt_n-nativo_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: 6C08A27EA831A516E293EDB730476F0D
Requests: 4 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Frame ID: 598300C3969E8CE3CCD331692A962679
Requests: 10 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=inmobi.com&id=ID5-ZHMOapxn1QF9gThSrEx8U-ZaCCidJkGgMrs621BeOQ
Frame ID: ECE30628296980E64C21956B9F244EC9
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAHz9iswJe84QMN-W_MAAAAAAA&expiration=1664455367&is_secure=true
Frame ID: 42C552F9A69EA4A81AEA3701CF406D57
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Frame ID: CDD3A185D01990D01101F9BC1C994EB7
Requests: 2 HTTP requests in this frame

Frame: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Frame ID: DB500ECE13F816D691A6C326B01742C1
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Frame ID: A230FB6263E96E847BABC04BA1648784
Requests: 11 HTTP requests in this frame

Frame: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Frame ID: ED199202E07E7C7C174EC0E2F6FAA69C
Requests: 4 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=3672728183819967796&ex=appnexus.com
Frame ID: 4A7F622026C6EEBB3C06D56AF9B8ACD2
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Frame ID: AED5ECA89A457B5DB282D326EBD066C1
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=4718842991840813561514
Frame ID: 68A0CC5447D38389566365E1319AB923
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss-eQzJfTfsnVnfwNYbaptbW0J8MIxgRGYDuxEcqjpeeMI7IrqTrIi9nSWDba1goxhUNQz28Pp7bNFBfaEdsV4suvMWr7zfwnKa4tDzSCx0P_ckTpsInxloRXIDU9i2-U8KDKYmYJhn7hSvtDzZwWUWwy5fNCiyrxhSEgYJHBViZFTIBERotE6kav1r8fuUCCYcwg2HAR7V6TFEo4nriojaBQYkV0in14uFZ6CetCrgnbsV4YY9Iz7t_hgJeh-O-MruLNLlD1MGBpJGHEHKrenyN0ZmUF8W3S0tvamb1GEaSDkX0Xis4kK01Kyo3w&sai=AMfl-YSZvuxobE6OQNGXbTackiICnECbxMvNmGk2OExI723OT_6ZYdC9UrEBlxW72gFDP_r3J_r-6dm0Wwou4WSI51kR3glfpVOmMfiglU9EKOXp-UCulSaxDlCV71nJuR__xrX7&sig=Cg0ArKJSzJJudjNsWPQfEAE&uach_m=[UACH]&adurl=
Frame ID: F21D2DC719AD83362673E5F80AA97722
Requests: 9 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=EB0918BB-D98C-4931-AD49-EA7233D2A3DA
Frame ID: 966010F8E86FB795BF8E086A1397337C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YzRBRwAABKv4aQAK&gdpr=0&gdpr_consent=&_test=YzRBRwAABKv4aQAK
Frame ID: B257C208A2B23F879CF1C07ED63138D6
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFQ707GaIMAAB826eu3Ow
Frame ID: 9774A2ECB3066A8D8DD35CC8A6A0F693
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:d73b6334-4147-4100-a5ec-96e71a094ff2&gdpr=0&gdpr_consent=
Frame ID: 948FB558F936BD9B88E32E28212A90A7
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:588a9e2e-75d3-49fa-9a59-bbb8902ea662&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Frame ID: 93790B28BCF8BF097A30F78FF8A648F4
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 01CB214CAEA2797C51965D8BCC00CA82
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 321F446BD3CD8FE0DF9AF44925D04E58
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=NvmzZiTnRZ5-Z7Y0uO_0qpU4mbU
Frame ID: 2D7DC4EE2E445B220DC261ADD9D6586C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:hims5jZv1ODwoL5&gdpr=0&gdpr_consent=
Frame ID: C532FCEF33E5972F682565E7563554F1
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
Frame ID: 0570FFE39DEF0F63F060DBE4D9BBA829
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=695670762000
Frame ID: 7207E24DE518F13138FA3C0511C10FAE
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 08F028A5E348C60D3493B23D9487AF45
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=SoctVDtaM
Frame ID: AEF177EB17105DBD226BAA26765AA2FA
Requests: 1 HTTP requests in this frame

Frame: https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=EB0918BB-D98C-4931-AD49-EA7233D2A3DA
Frame ID: A62B64BD188252B161EBE19D113534A3
Requests: 1 HTTP requests in this frame

Frame: https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=0&gdpr_consent=
Frame ID: 9FBCC0A58D3C10C5F4D8C3C13EA1C321
Requests: 1 HTTP requests in this frame

Frame: https://live.primis.tech/live/liveCS.php?source=external&csuuid=63344146bfc14&pixel=&advId=91&advUuid=EB0918BB-D98C-4931-AD49-EA7233D2A3DA&gdpr=0&gdpr_consent=
Frame ID: 9E8AD7BAEEEC7A116E457542FBDB7C6D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 31AD3CF3167F3DFF1B0388F7D969A1C4
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: EBA05A6DBC967CB24ADD42FCE9999408
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=omg.blog
Frame ID: FDC2D1ADDE3A04BD125680FC6AA25513
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595
Frame ID: FA4CC872E84C6362256412F364D26105
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: FEB95E013B47156DC89F8ED8A7D053D4
Requests: 2 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 2E2A9F9CB2EE192F3213381A786E08C7
Requests: 11 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 121585AA33CC8AF5C87BDDFDB4E4BCBD
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Frame ID: 69313812F9637560566ABF72E2008625
Requests: 7 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 75E9BFF3CC29AB599F11309B02D4DEAB
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: E877DE04B9DC1887FC184BE075B16547
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fomg.blog%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: A03AF728C47FF59443236F9E979CC043
Requests: 10 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7176553702049903647
Frame ID: E06E05F655379CF323EB62CE344F7DEB
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=rpaobp32AJ2dBBtPSkE0Yw
Frame ID: B98049C64E2DDAAC6150A5B98B37BEDA
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 95925A14B1E463A87A4CECBEDFFCAEEA
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync
Frame ID: 89F645F343B18EFB6F27AFDA5E402794
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=741cffde-96da-41ff-b860-7999aa95a3ac-tucta2dc6ca&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: 61DCAD743823003456EFA38C7AD91556
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=8581d625-9c3b-4747-9873-6365c14bea63
Frame ID: D736956870296FECBA5E6B7FF3A3937C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:60A5D0A496404844AA3941651D548860
Frame ID: 49AA5D3BC95A5AD8F0C417CF071920E4
Requests: 1 HTTP requests in this frame

Frame: https://um.simpli.fi/epx
Frame ID: C389464BB6C35118119C477849AFFBA1
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UIDEB0918BB-D98C-4931-AD49-EA7233D2A3DA
Frame ID: D4545A73276CA522E488E89170B39A5C
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

OMG.BLOG - The original, since 2003.

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • addthis\.com/js/

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • moatads\.com

Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

345
Requests

75 %
HTTPS

29 %
IPv6

125
Domains

190
Subdomains

116
IPs

12
Countries

3693 kB
Transfer

10111 kB
Size

243
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29
  • https://open.spotify.com/embed/playlist/4GCVvY4NTIh0RJ3wu0ALzZ?utm_source=generator HTTP 302
  • https://open.spotify.com/embed-legacy/playlist/4GCVvY4NTIh0RJ3wu0ALzZ?utm_source=generator
Request Chain 98
  • https://freestar-io.videoplayerhub.com/gallery.js HTTP 301
  • https://btloader.com/tag?h=freestar-io&upapi=true
Request Chain 101
  • https://sb.scorecardresearch.com/b?c1=2&c2=23384447&cs_ucfr=&cs_it=b3&cv=3.8.0.210223&ns__t=1664368966025&ns_c=UTF-8&c7=https%3A%2F%2Fomg.blog%2F&c8=OMG.BLOG%20-%20The%20original%2C%20since%202003.&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_ucfr=&cs_it=b3&cv=3.8.0.210223&ns__t=1664368966025&ns_c=UTF-8&c7=https%3A%2F%2Fomg.blog%2F&c8=OMG.BLOG%20-%20The%20original%2C%20since%202003.&c9=
Request Chain 151
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=793790479&rnd=970528&iiqidtype=2&iiqpcid=9407f0ac-defd-463c-86ce-f6f71c191d08&iiqpciddate=1664368967053&tsrnd=730_1664368967059&vrref=https%3A%2F%2Fomg.blog%2F&jsver=5.09 HTTP 302
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=793790479&rnd=970528&iiqidtype=2&iiqpcid=9407f0ac-defd-463c-86ce-f6f71c191d08&iiqpciddate=1664368967053&tsrnd=730_1664368967059&vrref=https%3A%2F%2Fomg.blog%2F&jsver=5.09&ckls=true&ci=8Ci9HzX4HH&nc=false&trid=661371857 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=12218&nid=2528&put=8Ci9HzX4HH&expires=1825&rnd=-647762211
Request Chain 157
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-mediagrid_n-index_n-LoopMe_n-inmobi_cnv_pm-db5_n-simpli.fi_ym_rbd_ppt_n-nativo_an-db5_sovrn_3lift HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-mediagrid_n-index_n-LoopMe_n-inmobi_cnv_pm-db5_n-simpli.fi_ym_rbd_ppt_n-nativo_an-db5_sovrn_3lift&dcc=t
Request Chain 160
  • https://pixel.quantserve.com/pixel/p-N04C2m09Yy8f8.gif?idmatch=0 HTTP 302
  • https://s2s.t13.io/setuid?bidder=quantcastfsx&gdpr=0&uid=rsSUj6zGk461lpHYqZGKiKiTlt21xZGP-sFMWI_o
Request Chain 163
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D63344146bfc14%26pixel%3D%26advId%3D94%26advUuid%3D%24SPOTX_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D63344146bfc14%26pixel%3D%26advId%3D94%26advUuid%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=0e4251a2-3f2b-11ed-b9dc-14caa66b0403 HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=63344146bfc14&pixel=&advId=94&advUuid=0e42515f-3f2b-11ed-b9dc-14caa66b0403
Request Chain 164
  • https://u.openx.net/w/1.0/cm?id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D63344146bfc14%26pixel%3D%26advId%3D98%26advUuid%3D HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D63344146bfc14%26pixel%3D%26advId%3D98%26advUuid%3D HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=63344146bfc14&pixel=&advId=98&advUuid=e164636c-d41d-4a8b-b73d-6b9b61f56845
Request Chain 168
  • https://x.bidswitch.net/sync?ssp=sekindo&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=sekindo&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=c889e140-9c07-4ae9-92f9-0642e63aa07d&ssp=sekindo&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10594366284727598666&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dsekindo%26gdpr_consent%3D%26gdpr%3D0 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10594366284727598666&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dsekindo%26gdpr_consent%3D%26gdpr%3D0 HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=5c0fbc42-26a5-4a7e-82c4-c0b888aa62b0&ssp=sekindo&gdpr_consent=&gdpr=0 HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10594366284727598666&ssp=sekindo&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=213860604288006275697&ssp=sekindo&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10594366284727598666&ssp=sekindo&gdpr=0&gdpr_consent= HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D1267919208%26pcid%3Dc889e140-9c07-4ae9-92f9-0642e63aa07d%26csh%3D&advId=24830&advUuid=c889e140-9c07-4ae9-92f9-0642e63aa07d HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1267919208&pcid=c889e140-9c07-4ae9-92f9-0642e63aa07d&csh=
Request Chain 170
  • https://ssum-sec.casalemedia.com/usermatchredir?s=192962&cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D63344146bfc14%26pixel%3D%26advId%3D99%26advUuid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D63344146bfc14%26pixel%3D%26advId%3D99%26advUuid%3D&s=192962&C=1 HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=63344146bfc14&pixel=&advId=99&advUuid=YzRBR-N0Fdi2CjE8Ei5dxQAAAc8AAAAB
Request Chain 171
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofiles_engine%252FProfilesEngineServlet%253Fat%253D20%2526mi%253D10%2526dpi%253D259151345%2526pcid%253D%24UID%26advId%3D121%26advUuid%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofiles_engine%252FProfilesEngineServlet%253Fat%253D20%2526mi%253D10%2526dpi%253D259151345%2526pcid%253D%24UID%26advId%3D121%26advUuid%3D%24UID HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D259151345%26pcid%3D4718842991840813561514&advId=121&advUuid=4718842991840813561514 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=259151345&pcid=4718842991840813561514 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=12218&nid=2528&put=8Ci9HzX4HH&expires=1825&rnd=-1863933107
Request Chain 172
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=618110e63fc8f&advId=100&advUuid=L8LMB5ZU-Q-6LA8&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D1725065545%26pcid%3DL8LMB5ZU-Q-6LA8 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1725065545&pcid=L8LMB5ZU-Q-6LA8 HTTP 302
  • https://x.bidswitch.net/sync?ssp=sekindo&r=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1267919208%26mi%3D10%26csh%3D54%3B1725065545%26rnd%3D-1957195189%26pcid%3D HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=c889e140-9c07-4ae9-92f9-0642e63aa07d&ssp=sekindo&gdpr=&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10594366284727598666&gdpr=&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dsekindo%26gdpr_consent%3D%26gdpr%3D HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=5c0fbc42-26a5-4a7e-82c4-c0b888aa62b0&ssp=sekindo&gdpr_consent=&gdpr= HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10594366284727598666&ssp=sekindo&gdpr=&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=213580604288006270609&ssp=sekindo&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10594366284727598666&ssp=sekindo&gdpr=&gdpr_consent= HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D1267919208%26pcid%3Dc889e140-9c07-4ae9-92f9-0642e63aa07d%26csh%3D&advId=24830&advUuid=c889e140-9c07-4ae9-92f9-0642e63aa07d HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1267919208&pcid=c889e140-9c07-4ae9-92f9-0642e63aa07d&csh=
Request Chain 173
  • https://ups.analytics.yahoo.com/ups/58627/occ HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D1028935272%26pcid%3Dy-GZVnOcxE2uEcX6WJum3QgqeMoIGiujw80xne240-~A&advUuid=y-GZVnOcxE2uEcX6WJum3QgqeMoIGiujw80xne240-~A HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1028935272&pcid=y-GZVnOcxE2uEcX6WJum3QgqeMoIGiujw80xne240-~A HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=12218&nid=2528&put=8Ci9HzX4HH&expires=1825&rnd=-1284791469
Request Chain 174
  • https://secure.adnxs.com/getuid?https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D63344146bfc14%26pixel%3D%26advId%3D105%26advUuid%3D%24UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Flive.primis.tech%252Flive%252FliveCS.php%253Fsource%253Dexternal%2526csuuid%253D63344146bfc14%2526pixel%253D%2526advId%253D105%2526advUuid%253D%2524UID HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=63344146bfc14&pixel=&advId=105&advUuid=3672728183819967796
Request Chain 175
  • https://mb9eo.publishers.tremorhub.com/pubsync?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D63344146bfc14%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofiles_engine%252FProfilesEngineServlet%253Fat%253D20%2526mi%253D10%2526dpi%253D584182936%2526pcid%253D%5Btvid%5D%26advId%3D126%26advUuid%3D%5Btvid%5D HTTP 302
  • https://mb9eo.publishers.tremorhub.com/pubsync/verify?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D63344146bfc14%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofiles_engine%252FProfilesEngineServlet%253Fat%253D20%2526mi%253D10%2526dpi%253D584182936%2526pcid%253D%5Btvid%5D%26advId%3D126%26advUuid%3D%5Btvid%5D HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=63344146bfc14&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D584182936%26pcid%3De63a547d2fb44dc4b05efb776ca8b478&advId=126&advUuid=e63a547d2fb44dc4b05efb776ca8b478 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=584182936&pcid=e63a547d2fb44dc4b05efb776ca8b478 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=12218&nid=2528&put=8Ci9HzX4HH&expires=1825&rnd=489002009
Request Chain 176
  • https://cs.media.net/cksync?cs=34&type=pri&ovsid=63344146bfc14&redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D63344146bfc14%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofiles_engine%252FProfilesEngineServlet%253Fat%253D20%2526mi%253D10%2526dpi%253D1723987475%2526pcid%253D%3Cvsid%3E%26advId%3D127%26advUuid%3D%3Cvsid%3E HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=63344146bfc14&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D1723987475%26pcid%3D3073705671454982000V10&advId=127&advUuid=3073705671454982000V10 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1723987475&pcid=3073705671454982000V10 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=12218&nid=2528&put=8Ci9HzX4HH&expires=1825&rnd=1570214265
Request Chain 177
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D63344146bfc14%26pixel%3D%26advId%3D130%26advUuid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D63344146bfc14%26pixel%3D%26advId%3D130%26advUuid%3D%24UID&sovrn_retry=true HTTP 307
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=63344146bfc14&pixel=&advId=130&advUuid=FZEadLZHN15ZqvYISY2gzKHr
Request Chain 178
  • https://ads.stickyadstv.com/user-matching?id=3586&gdpr=0&gdpr_consent= HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D793790479%263rddpi%3D484859127%263rdpcid%3D51a2f777231ac03cfdd08d3549c1db29&advId=134&advUuid=51a2f777231ac03cfdd08d3549c1db29 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=484859127&3rdpcid=51a2f777231ac03cfdd08d3549c1db29 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=12218&nid=2528&put=8Ci9HzX4HH&expires=1825&rnd=-2078623590
Request Chain 179
  • https://cs.admanmedia.com/3613a31b6329d1c17d5663d05b080db1.gif?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofiles_engine%252FProfilesEngineServlet%253Fat%253D20%2526mi%253D10%2526dpi%253D793790479%25263rddpi%253D2136778551%25263rdpcid%253D%5BUID%5D%26advId%3D138%26advUuid%3D%5BUID%5D HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D793790479%263rddpi%3D2136778551%263rdpcid%3Da631ccb5-4729-43ca-932d-108eb2489421&advId=138&advUuid=a631ccb5-4729-43ca-932d-108eb2489421 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=2136778551&3rdpcid=a631ccb5-4729-43ca-932d-108eb2489421 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=12218&nid=2528&put=8Ci9HzX4HH&expires=1825&rnd=1738185511
Request Chain 191
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-triple13&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://s2s.t13.io/setuid?bidder=rubicon&uid=L8LMB5ZU-Q-6LA8
Request Chain 193
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=c889e140-9c07-4ae9-92f9-0642e63aa07d
Request Chain 194
  • https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=60A5D0A496404844AA3941651D548860&ex=simpli.fi&status=ok
Request Chain 195
  • https://jadserve.postrelease.com/suid/101959?ntv_r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dnativo.com%26id%3DNTV_USER_ID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=nativo.com&id=9be7de40-14dc-4759-93a5-f3f1800bbe8e
Request Chain 197
  • https://sync.inmobi.com/TAM?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=inmobi.com&id=ID5-ZHMOapxn1QF9gThSrEx8U-ZaCCidJkGgMrs621BeOQ
Request Chain 198
  • https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D HTTP 302
  • https://amazon-tam-match.dotomi.com/match/bounce/current?DotomiTest=6b4d2d1638e5160e&is_secure=true&networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAHz9iswJe84QMN-W_MAAAAAAA&expiration=1664455367&is_secure=true
Request Chain 202
  • https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint HTTP 302
  • https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Request Chain 203
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=3672728183819967796&ex=appnexus.com
Request Chain 205
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=4718842991840813561514
Request Chain 213
  • https://sync.1rx.io/usersync2/sovrn?gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/sovrn?zcc=1&cb=1664368967737 HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-6832713e-82e4-4536-9770-c4b4aefdc3c6-005&rndcb=2918428377 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=c889e140-9c07-4ae9-92f9-0642e63aa07d&google_hm=Yzg4OWUxNDAtOWMwNy00YWU5LTkyZjktMDY0MmU2M2FhMDdk HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEPB8hO8qzU6FMNVSBqaQzaY&google_cver=1&ssp=adconductor&bsw_param=c889e140-9c07-4ae9-92f9-0642e63aa07d HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/c889e140-9c07-4ae9-92f9-0642e63aa07d?gdpr=&gdpr_consent= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-6832713e-82e4-4536-9770-c4b4aefdc3c6-005?redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D56%263pid%3DRX-6832713e-82e4-4536-9770-c4b4aefdc3c6-005 HTTP 302
  • https://ce.lijit.com/merge?pid=56&3pid=RX-6832713e-82e4-4536-9770-c4b4aefdc3c6-005
Request Chain 215
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://ce.lijit.com/merge?pid=85&3pid=AAFQ707GaIMAAB826eu3Ow&gdpr=0
Request Chain 216
  • https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=87&3pid=dc98ff85-97e2-46db-b230-9da195bc858e
Request Chain 217
  • https://pixel.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=ix2k_Ikfo_2QT6GrjEi6-41Kpq6QHKH83xiXFMh8
Request Chain 218
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YzRBR-N0Fdi2CjE8Ei5dxQAAAc8AAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEBEXIRWp-laE4hvrNJD815E&google_cver=1
Request Chain 219
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YzRBR.N0Fdi2CjE8Ei5dxQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFRCGXcroMjF596UXO2y5JU&google_cver=1&google_hm=2
Request Chain 221
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://match.adsrvr.org/track/cmb/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=dee4a90a-7826-4daf-a6d8-996f99f94684&expiration=1666960967&gdpr=0&gdpr_consent=
Request Chain 223
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=60A5D0A496404844AA3941651D548860
Request Chain 224
  • https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=casale HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=0e8a0d10-3f2b-11ed-bba5-2c64b5add5bb
Request Chain 225
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=06030002_63344147a406c&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=06030002_63344147a406c
Request Chain 228
  • https://c1.adform.net/serving/cookie/match?party=14&cid=EB0918BB-D98C-4931-AD49-EA7233D2A3DA HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=EB0918BB-D98C-4931-AD49-EA7233D2A3DA
Request Chain 229
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YzRBRwAABKv4aQAK HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YzRBRwAABKv4aQAK&gdpr=0&gdpr_consent=&_test=YzRBRwAABKv4aQAK
Request Chain 230
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFGUTcwN0dhSU1BQUI4MjZldTNPdw&bee_sync_partners=sas%2Cpp%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAFQ707GaIMAAB826eu3Ow&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Csyn%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Csyn%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=5230961174065027787 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAFQ707GaIMAAB826eu3Ow&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D5230961174065027787%26bee_sync_partners%3Dsyn%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?userid=5230961174065027787&bee_sync_partners=syn%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAFQ707GaIMAAB826eu3Ow&pid=558502&do=add HTTP 303
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AAFQ707GaIMAAB826eu3Ow&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D5230961174065027787%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4 HTTP 307
  • https://match.prod.bidr.io/cookie-sync?userid=5230961174065027787&bee_sync_partners=pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=4 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFQ707GaIMAAB826eu3Ow
Request Chain 231
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:d73b6334-4147-4100-a5ec-96e71a094ff2&gdpr=0&gdpr_consent=
Request Chain 232
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=0e8a0d10-3f2b-11ed-bba5-2c64b5add5bb HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:588a9e2e-75d3-49fa-9a59-bbb8902ea662&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 235
  • https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=NvmzZiTnRZ5-Z7Y0uO_0qpU4mbU
Request Chain 236
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:hims5jZv1ODwoL5&gdpr=0&gdpr_consent=
Request Chain 237
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1664368967708 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6144068632 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/dee4a90a-7826-4daf-a6d8-996f99f94684 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-6832713e-82e4-4536-9770-c4b4aefdc3c6-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-6832713e-82e4-4536-9770-c4b4aefdc3c6-005 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-6832713e-82e4-4536-9770-c4b4aefdc3c6-005 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
Request Chain 238
  • https://ums.acuityplatform.com/tum?umid=6 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=695670762000
Request Chain 239
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 240
  • https://ad.mrtnsvr.com/sync/pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=SoctVDtaM
Request Chain 241
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=0cacbc55-2d24-4c26-af6d-efc6a8cf5846&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=${PUBMATIC_UID} HTTP 302
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=EB0918BB-D98C-4931-AD49-EA7233D2A3DA
Request Chain 244
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=6wkYu9mMSTGtSepyM9Kj2g%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 245
  • https://idsync.rlcdn.com/420486.gif?partner_uid=EB0918BB-D98C-4931-AD49-EA7233D2A3DA HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJEVCMDkxOEJCLUQ5OEMtNDkzMS1BRDQ5LUVBNzIzM0QyQTNEQRAAGg0Ix4LRmQYSBQjoBxAAQgBKAA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=e0b4403676c020cd00131591ba5f3fab03df1d7c73918ffd1507734e1bca29ab791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlBlMGI0NDAzNjc2YzAyMGNkMDAxMzE1OTFiYTVmM2ZhYjAzZGYxZDdjNzM5MThmZmQxNTA3NzM0ZTFiY2EyOWFiNzkxNDI2YjU0MTdkY2UyMRAAGgwIyILRmQYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlBlMGI0NDAzNjc2YzAyMGNkMDAxMzE1OTFiYTVmM2ZhYjAzZGYxZDdjNzM5MThmZmQxNTA3NzM0ZTFiY2EyOWFiNzkxNDI2YjU0MTdkY2UyMRAAGgwIyILRmQYSBAgCEABCAEoA&google_gid=CAESEINtkVuhjt9Jy4kUkpBq09I&google_cver=1 HTTP 307
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
  • https://idsync.rlcdn.com/458249.gif?partner_uid=2517ed25-d348-4c74-8b8d-5514cd96ee2b
Request Chain 246
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=0cdd6334-4147-4800-820f-b7ec28b356d1
Request Chain 247
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RUIwOTE4QkItRDk4Qy00OTMxLUFENDktRUE3MjMzRDJBM0RB&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 248
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESED-BE5J4ljkR8iH5jZT-bKc&google_cver=1
Request Chain 249
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:60A5D0A496404844AA3941651D548860
Request Chain 250
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=dee4a90a-7826-4daf-a6d8-996f99f94684
Request Chain 251
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2330777839504810061&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
Request Chain 253
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=EB0918BB-D98C-4931-AD49-EA7233D2A3DA&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-ME5KuKFE2uUK6qtr3yL8zocbfGsyPfA-~A&gdpr=0&gdpr_consent=
Request Chain 254
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=9eacfdab-d995-4cdf-b5c1-35499246cefc&gdpr=0&gdpr_consent=
Request Chain 255
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3672728183819967796&gdpr=0&gdpr_consent=
Request Chain 257
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=EB0918BB-D98C-4931-AD49-EA7233D2A3DA&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=467929d9210415c3&is_secure=true&networkId=17100&version=1&nuid=EB0918BB-D98C-4931-AD49-EA7233D2A3DA&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAHz9iswJe84wMVgD8MAAAAAAA&expiration=1664455367&nuid=EB0918BB-D98C-4931-AD49-EA7233D2A3DA&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 258
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=30504c13-e28b-4c2a-86c3-22188607f8ac-63344147-4341&gdpr=0&gdpr_consent=
Request Chain 259
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=au8VQmjtEkNxvRAVbboLRWy4FxBx7hBCPuprTFWm HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=160648&pmc=1&pr=https%3A%2F%2Fsync-pm.ads.yieldmo.com%2Fsync%3Fpn_id%3Dpub%26id%3DEB0918BB-D98C-4931-AD49-EA7233D2A3DA HTTP 302
  • https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=EB0918BB-D98C-4931-AD49-EA7233D2A3DA
Request Chain 260
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=c889e140-9c07-4ae9-92f9-0642e63aa07d HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=c889e140-9c07-4ae9-92f9-0642e63aa07d HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=cd565a13-ab13-4356-941b-585ce37fba5e&user_group=1&ssp=pubmatic&bsw_param=c889e140-9c07-4ae9-92f9-0642e63aa07d HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c889e140-9c07-4ae9-92f9-0642e63aa07d&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 261
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R1B332_F6EAD229_1EE4870A&r=https://pmp.mxptint.net/sn.ashx?ak=1 HTTP 302
  • https://pmp.mxptint.net/sn.ashx?ak=1
Request Chain 262
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3789377830791269412 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=160648&pmc=1&pr=https%3A%2F%2Fsync-pm.ads.yieldmo.com%2Fsync%3Fpn_id%3Dpub%26id%3DEB0918BB-D98C-4931-AD49-EA7233D2A3DA HTTP 302
  • https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=EB0918BB-D98C-4931-AD49-EA7233D2A3DA
Request Chain 263
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=Zm1TNkM5NXo3ZU9aZ1lOSk1vSWZ5UQ&gdpr=0&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEFyOQA-25r7C6-Hltlcou2w&google_cver=1
Request Chain 264
  • https://pulsepoint-match.dotomi.com/match/bounce/current?networkId=14200&version=1&nuid= HTTP 302
  • https://pulsepoint-match.dotomi.com/match/bounce/current?DotomiTest=67382084d44113eb&is_secure=true&networkId=14200&version=1&nuid= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAFzzCW3jIT9wNddXKFAAAAAAA&expiration=1664455367&nuid=&is_secure=true
Request Chain 268
  • https://rtb.mfadsrvr.com/sync?ssp=yieldmo HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=yieldmo HTTP 302
  • https://ads.yieldmo.com/v000/sync?pn_id=mf&userid=dc98ff85-97e2-46db-b230-9da195bc858e&gdpr=&gdpr_pd=&gdpr_consent=
Request Chain 269
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160648&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.yieldmo.com%252Fsync%253Fpn_id%253Dpub%2526id%253D%2523PMUID HTTP 302
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3672728183819967796 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 270
  • https://yieldmo-match.dotomi.com/match/bounce/current?networkId=42851&version=1 HTTP 302
  • https://yieldmo-match.dotomi.com/match/bounce/current?DotomiTest=7bb1869a0d1204f4&is_secure=true&networkId=42851&version=1 HTTP 302
  • https://ads.yieldmo.com/sync?pn_id=eps&id=AAAH1eLQ2jKKgQNyqV12AAAAAAA&expiration=1664455367&is_secure=true
Request Chain 271
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=yieldmo HTTP 302
  • https://ads.yieldmo.com/sync?pn_id=rc&id=L8LMB5ZU-Q-6LA8
Request Chain 273
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=L8LMB5ZU-Q-6LA8 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=L8LMB5ZU-Q-6LA8&ex=d-rubiconproject.com&status=ok
Request Chain 276
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Ll9or36MTUSGFyXhfOziUw&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Ll9or36MTUSGFyXhfOziUw
Request Chain 277
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MjIwNTEzN2IxZmNkYmVhMWQ3ZmFkMDY1MGRkM2QxYWE4ZmI3ZGUzZg
Request Chain 278
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJTTs483MLfg70YeXejoiPA&google_cver=1
Request Chain 279
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L8LMB5ZU-Q-6LA8
Request Chain 281
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=dee4a90a-7826-4daf-a6d8-996f99f94684&gdpr=0&gdpr_consent=&expires=30
Request Chain 282
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhMTUI1WlUtUS02TEE4
Request Chain 283
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=L8LMB5ZU-Q-6LA8&ex=d-rubiconproject.com&status=ok
Request Chain 287
  • https://sync-tm.everesttech.net/upi/pid/1508?redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadbe%26uid%3D%24%7BTM_USER_ID%7D%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26us_privacy%3D HTTP 302
  • https://s2s.t13.io/setuid?bidder=adbe&uid=YzRBRwAABKv4aQAK&gdpr=&gdpr_consent=&f=i&us_privacy=
Request Chain 293
  • https://ssum.casalemedia.com/usermatchredir?s=189517&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid%3D HTTP 302
  • https://s2s.t13.io/setuid?bidder=ix&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=YzRBR.N0Fdi2CjE8Ei5dxQAA%26463
Request Chain 295
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=omg.blog&sn=ChromeSyncframe&so=0&topUrl=omg.blog&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=utukgXxzR1NCb3dvMFV6cVRxaklUeUpLT1B1ZG9Bd2xHM05QVm0rdmRyUExncjBQS1RXTWFXbVpKSzZXWUd2NHFkNndoQTg5Y1Izb0ZCWC95RUorWnRQSi8zMHE0UEkxQVBDNlgwTUsrRFNkWGhvbTcwRjJpMzFtOWljNWZoVEtnOEJmQk8wMnhLVGZlbVdjbFowbUlZdzVsdnBNQURIZ1A5SGFuS1NxcS84d3Q0NnVteXh3ckE0bDcyVmEyaDQyZ0J2ZUV6VmhRbFgxNXM2RXRwaHFvcnMxNUIrZUFENWFQaEkzK0ZCOXZ4bXExVVVEclU2VEV2bkRRNHZzWDhyN2ZFNEUrK3crYWJnc3ZGd3ZpaXUvekV0alFzZz09fA&cppv=2
Request Chain 296
  • https://ads.yieldmo.com/pbsync?gdpr=&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dyieldmo%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://s2s.t13.io/setuid?bidder=yieldmo&f=i&uid=g50f94bcb720d67ad24b&gdpr=&gdpr_consent=&us_privacy=
Request Chain 303
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fomg.blog%2F&domain=omg.blog&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=Tk3OqHw5Q3EyWUhsbXprcEhLM1VSZHNkeXEwRnBtZVVJaDltU2J0bHpmVlh3dXlUSE9uRjV5Vk9UVkw3UGovbUJTRFJBcGxzV1N5UmpWOTRZNGFzalZIVzVuZlhYR3BScHIySW1udzlPZnVRdFJweWNFODlEeUloeEgxYW5mR3dpcEdkQkkwOC9hbEhhYkdYQzgzd09VeG8xNFNMYlR3RjlFK0FnbmZKOG52NjgvWWVDcWhTT3JoYWJsNVJLQ1RZV1E1STBQTTJYK2ZIaktWKzJjYlpyNURZWTJNanM2RU54MU53SVJyS1piWVVTNUVMTkVCUDRuUFlCMDcxdXYyeDdVNCtQTjNqRi9KOURwa2RJWmpPK1RYSVY1Zz09fA&cppv=2
Request Chain 312
  • https://id5-sync.com/s/441/9.gif?puid=u_aedd22df-436d-4c7b-85c3-6a7485397977&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/441/2/8/2.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/2/8/2.gif?puid=3672728183819967796&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-ZHMOapxn1QF9gThSrEx8U-ZaCCidJkGgMrs621BeOQ&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F3%2F7%2F3.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/3/7/3.gif?puid=d73b6334-4147-4100-a5ec-96e71a094ff2&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=dee4a90a-7826-4daf-a6d8-996f99f94684&ttl=%%TTL%% HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F429%2F5%2F5.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://id5-sync.com/c/441/429/5/5.gif?puid=EB0918BB-D98C-4931-AD49-EA7233D2A3DA&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F434%2F4%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent= HTTP 302
  • https://id5-sync.com/c/441/434/4/6.gif?puid=309247b1-f447-48b9-85b8-d074b5e81674&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F108%2F3%2F7.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/108/3/7.gif?puid=5c0fbc42-26a5-4a7e-82c4-c0b888aa62b0&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F112%2F2%2F8.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/441/112/2/8.gif?puid=4709BA07D6CB552F&gdpr=0&gdpr_consent= HTTP 302
  • https://rtd-tm.everesttech.net/upi/pid/dm4ha19W?redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F136%2F1%2F9.gif%3Fpuid%3D%24%7BTM_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/441/136/1/9.gif?puid=YzRBRwAABKv4aQAK&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=i5mm&nuid=d73b6334-4147-4100-a5ec-96e71a094ff2&gdpr=0&consent=&id5id=ID5-ZHMOapxn1QF9gThSrEx8U-ZaCCidJkGgMrs621BeOQ
Request Chain 313
  • https://id5-sync.com/s/441/9.gif?puid=u_8a155a22-d61b-4484-8b42-e05ec02c5315&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/441/2/8/2.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/2/8/2.gif?puid=3672728183819967796&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-ZHMOapxn1QF9gThSrEx8U-ZaCCidJkGgMrs621BeOQ&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F3%2F7%2F3.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/3/7/3.gif?puid=d73b6334-4147-4100-a5ec-96e71a094ff2&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=dee4a90a-7826-4daf-a6d8-996f99f94684&ttl=%%TTL%% HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F429%2F5%2F5.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://id5-sync.com/c/441/429/5/5.gif?puid=EB0918BB-D98C-4931-AD49-EA7233D2A3DA&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F434%2F4%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent= HTTP 302
  • https://id5-sync.com/c/441/434/4/6.gif?puid=79ba752f-58e3-4000-b67d-b0ea3170af15&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F108%2F3%2F7.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/108/3/7.gif?puid=5c0fbc42-26a5-4a7e-82c4-c0b888aa62b0&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F112%2F2%2F8.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/441/112/2/8.gif?puid=4709BA07D6CB552F&gdpr=0&gdpr_consent= HTTP 302
  • https://rtd-tm.everesttech.net/upi/pid/dm4ha19W?redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F136%2F1%2F9.gif%3Fpuid%3D%24%7BTM_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/441/136/1/9.gif?puid=YzRBRwAABKv4aQAK&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=i5mm&nuid=d73b6334-4147-4100-a5ec-96e71a094ff2&gdpr=0&consent=&id5id=ID5-ZHMOapxn1QF9gThSrEx8U-ZaCCidJkGgMrs621BeOQ
Request Chain 315
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=dee4a90a-7826-4daf-a6d8-996f99f94684&dongle=0cfd
Request Chain 316
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDcxODg0Mjk5MTg0MDgxMzU2MTUxNA%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 317
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEEMF2qEI5-fFnrCZt_lN_co&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 318
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDcxODg0Mjk5MTg0MDgxMzU2MTUxNA%3D%3D
Request Chain 319
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=4718842991840813561514&dbredirect=true&gdpr=0&consent= HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=4718842991840813561514&dbredirect=true&gdpr=0&consent=&cookiesTest=true HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=81ea6b90-24c8-4e3f-b4ab-9eccf8fcf332&_noobservation=1 HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=81ea6b90-24c8-4e3f-b4ab-9eccf8fcf332&_noobservation=1&_expected_cookie=a8d1639f029a5049671338f5ca633a0c
Request Chain 320
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=4718842991840813561514&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=triplelift&bsw_custom_parameter=c889e140-9c07-4ae9-92f9-0642e63aa07d HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=triplelift&bsw_custom_parameter=c889e140-9c07-4ae9-92f9-0642e63aa07d HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=7e30ea0e-192b-49d2-8c09-990b01999c78&ssp=triplelift&expires=30&user_group=5&bsw_param=c889e140-9c07-4ae9-92f9-0642e63aa07d HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=c889e140-9c07-4ae9-92f9-0642e63aa07d&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 321
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/4718842991840813561514?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-gbtnvWhE2oS0ml8raE_FvHqRFs.CvArAz7TXoY.s9w--~A&dongle=0883
Request Chain 324
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=Wn4oBX0qAX71mtLoH5Lk&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5K5XDI32CLAYHCQKYG4YW25CMN5EDKTDL&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5K5XDI32CLAYHCQKYG4YW25CMN5EDKTDL HTTP 302
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=Wn4oBX0qAX71mtLoH5Lk
Request Chain 327
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7176553702049903647&uid=Q7176553702049903647&ref=%2Fepm HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7176553702049903647
Request Chain 328
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=rpaobp32AJ2dBBtPSkE0Yw
Request Chain 331
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=741cffde-96da-41ff-b860-7999aa95a3ac-tucta2dc6ca&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 332
  • https://mweb.ck.inmobi.com/sync/15?redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA%3D%3D%26piggybackCookie%3D%24DSP_CKID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=8581d625-9c3b-4747-9873-6365c14bea63
Request Chain 333
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:60A5D0A496404844AA3941651D548860
Request Chain 334
  • https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D HTTP 302
  • https://um.simpli.fi/bnmlahttps%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D6%26uuid%3D%24UID HTTP 302
  • https://um.simpli.fi/epx
Request Chain 335
  • https://pixel.onaudience.com/?partner=214&mapped=EB0918BB-D98C-4931-AD49-EA7233D2A3DA HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=474dfa72cf78138a75dd415b88f1d349&gdpr=0 HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=6da9908d946fc464/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD/tpid=6da9908d946fc464/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=e50eaf7f1f3c3d9cc19c378b4946249d&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0 HTTP 302
  • https://pixel.onaudience.com/?partner=147&mapped=dee4a90a-7826-4daf-a6d8-996f99f94684&icm&gdpr=0&gdpr_consent=&cver HTTP 302
  • https://cms.analytics.yahoo.com/cms?partner_id=DELI&gdpr=0 HTTP 302
  • https://pixel.onaudience.com/?partner=252&mapped=y-TrTrojdE2pQsNoi2nOks1RbA.q1mDHR5hQ--~A&gdpr=0 HTTP 302
  • https://pixel.onaudience.com/?partner=109&icm&cver&gdpr=0&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m HTTP 302
  • https://tags.bluekai.com/site/33141?&id=ac28a74eefe29e18
Request Chain 336
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=EB0918BB-D98C-4931-AD49-EA7233D2A3DA&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=EB0918BB-D98C-4931-AD49-EA7233D2A3DA&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=EB0918BB-D98C-4931-AD49-EA7233D2A3DA&addseg=10,33,39
Request Chain 337
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=EB0918BB-D98C-4931-AD49-EA7233D2A3DA&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=EB0918BB-D98C-4931-AD49-EA7233D2A3DA&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 340
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3672728183819967796
Request Chain 341
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YzRBR-N0Fdi2CjE8Ei5dxQAAAc8AAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/YzRBR-N0Fdi2CjE8Ei5dxQAAAc8AAAAB
Request Chain 342
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2330777839504810061
Request Chain 343
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAFQ707GaIMAAB826eu3Ow&expiration=1665578570
Request Chain 344
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=b6e50425-c49a-0cb5-5d848496
Request Chain 346
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-132e3fe0-5e2a-429e-a121-8b8b41c82e3e
Request Chain 347
  • https://sync.extend.tv/r.gif?exchange=index HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=4b70f043-a054-41c1-b1d2-4ebd9acf459e

345 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
omg.blog/
94 KB
21 KB
Document
General
Full URL
https://omg.blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85f85eaa1b0386bcd8fb6323089c14be5416df57333b1b8b2fc2d4a1a217538a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cf-apo-via
origin,no-cache
cf-cache-status
BYPASS
cf-ray
751c8f8bae737157-YUL
content-encoding
br
content-type
text/html; charset=UTF-8
cross-origin-opener-policy
same-origin
date
Wed, 28 Sep 2022 12:42:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
no-referrer-when-downgrade
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2tRb7p3WEcVAIJFv4oVCDXbP1LX%2B5gLDM1oKSMDKe%2FBKC%2B7CQAhYiQDADAGOnsLF6O8PPqqaEQspo2b9MB%2Bj6471I1H9VWI4UDPtljP2oeal%2Fzet7EGH9stOhTW%2Bu464oOoKnM0u"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
X-Forwarded-Proto,Accept-Encoding,User-Agent
lazyload.min.js
omg.blog/wp-content/plugins/w3-total-cache/pub/js/
6 KB
3 KB
Script
General
Full URL
https://omg.blog/wp-content/plugins/w3-total-cache/pub/js/lazyload.min.js
Requested by
Host: omg.blog
URL: https://omg.blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a54a1907a6443e3c81608130bfed4546eb0ce5d0c8897e1d7a3b43d89ecc367

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 12:42:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
33082
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 10 Aug 2022 01:47:45 GMT
server
cloudflare
cross-origin-opener-policy
same-origin
etag
W/"1883-5e5d93c4caf77-gzip"
vary
X-Forwarded-Proto,Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TlKp5WI3kE00WZXBHblq%2Fhsv02doWh1sVoImNSGOkVM63D%2BhKZ%2FcFx2hhIiaq5aoaT9FWiByiy9mdf%2BcHgFmgxOPNB7lSmSYePl2vSUeYrP0lNsq3N7xuIc4R6oA5J0CITynUI9e"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=31536000
cf-ray
751c8f8e49677157-YUL
expires
Thu, 28 Sep 2023 03:31:21 GMT
style.min.css
omg.blog/wp-includes/css/dist/block-library/
87 KB
12 KB
Stylesheet
General
Full URL
https://omg.blog/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
Requested by
Host: omg.blog
URL: https://omg.blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 12:42:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
33083
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 13 Jul 2022 01:47:26 GMT
server
cloudflare
cross-origin-opener-policy
same-origin
etag
W/"15b64-5e3a5f797cc84-gzip"
vary
X-Forwarded-Proto,Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FAylA3hfQ%2FWM3Kga%2Bcej%2FdwpWz%2Fq24u9ntiZNarWE70%2FZ8UJTFEewZGpJ2I%2FgyD4VzYO6%2BVudC6SmQr7Ij%2Fl5GHhj%2FHE1ybEXDOPFYYXBZay0K%2FrcPdSQmJMTec389crxjt0Gdg%2B"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
751c8f8e49687157-YUL
expires
Thu, 28 Sep 2023 03:31:21 GMT
bc_cw_style.css
omg.blog/wp-content/plugins/category-widget/assets/css/
324 B
539 B
Stylesheet
General
Full URL
https://omg.blog/wp-content/plugins/category-widget/assets/css/bc_cw_style.css?ver=6.0.2
Requested by
Host: omg.blog
URL: https://omg.blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e6ad40299db05371b4e6905128b5f2e84fa22faf93623f240f3ecd7d06658a2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 12:42:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
33083
cf-polished
origSize=401
referrer-policy
no-referrer-when-downgrade
cf-bgj
minify
last-modified
Fri, 23 Feb 2018 09:01:20 GMT
cross-origin-opener-policy
same-origin
server
cloudflare
etag
W/"191-565dd675ed800-gzip"
vary
X-Forwarded-Proto,Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V36HYOJABsatM4Xl3FrqS7WZP%2FvC5Hxtr3dDr%2FX1ljYlFwcadPhu2Ieiqd%2FDqyZYnrDJiKDWDlHessB9zxwRgcmJho0gbrS7R1RVWMlUDfRjpVdgbPDcs0j15C0rWpONHZmZLZTA"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
751c8f8e496a7157-YUL
expires
Thu, 28 Sep 2023 03:31:21 GMT
bootstrap-tooltip.css
omg.blog/wp-content/plugins/social-media-buttons-toolbar/inc/lib/bootstrap-tooltip/
2 KB
966 B
Stylesheet
General
Full URL
https://omg.blog/wp-content/plugins/social-media-buttons-toolbar/inc/lib/bootstrap-tooltip/bootstrap-tooltip.css?ver=4.73
Requested by
Host: omg.blog
URL: https://omg.blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d149bf6067ed1488704b3b8133d19e4577390381782f80682b5ddeaf598b1869

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 12:42:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
33083
cf-polished
origSize=2575
referrer-policy
no-referrer-when-downgrade
cf-bgj
minify
last-modified
Mon, 06 Sep 2021 20:00:15 GMT
cross-origin-opener-policy
same-origin
server
cloudflare
etag
W/"a0f-5cb591903e384-gzip"
vary
X-Forwarded-Proto,Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KMocHSUYXajoKz6sC4BcA1Lmy8rsV83IZFqEjD%2FNOieUK7uHLovVLN0tD0v%2Bm3e6VRxKbd%2BPv4j9VMm2wE6ChsdK6mDyJDkbWxUeovX6EoVowGACXXwSXifxSg0sAm8kPrvNg1at"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
751c8f8e496b7157-YUL
expires
Thu, 28 Sep 2023 03:31:21 GMT
frontend.css
omg.blog/wp-content/plugins/social-media-buttons-toolbar/inc/css/
1 KB
537 B
Stylesheet
General
Full URL
https://omg.blog/wp-content/plugins/social-media-buttons-toolbar/inc/css/frontend.css?ver=4.73
Requested by
Host: omg.blog
URL: https://omg.blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0dc625c21aec3948dc2cee874ea8cfcdabf555a3e3c774bcb346ac4547bb589

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 12:42:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
33082
cf-polished
origSize=2459
referrer-policy
no-referrer-when-downgrade
cf-bgj
minify
last-modified
Mon, 06 Sep 2021 20:00:15 GMT
cross-origin-opener-policy
same-origin
server
cloudflare
etag
W/"99b-5cb591902fd10-gzip"
vary
X-Forwarded-Proto,Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kiOKQHYIQYLULwNP%2FYSszohxE3af1ZSjga31sJ2R%2FxYHWONJuFInJkeMlFjIm7q802MqeEG%2BYANpmerEGkUvhDYs7MvDx1eLWR%2B1OLzaiHDvriZro4yebtgWF9c%2BXPaJxMwwsCXn"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
751c8f8e496c7157-YUL
expires
Thu, 28 Sep 2023 03:31:21 GMT
font-awesome.min.css
omg.blog/wp-content/themes/mh_newsdesk/includes/
30 KB
7 KB
Stylesheet
General
Full URL
https://omg.blog/wp-content/themes/mh_newsdesk/includes/font-awesome.min.css
Requested by
Host: omg.blog
URL: https://omg.blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 12:42:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
33082
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 23 Feb 2018 22:28:56 GMT
server
cloudflare
cross-origin-opener-policy
same-origin
etag
W/"7918-565e8af92ba00-gzip"
vary
X-Forwarded-Proto,Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nANk96Vhd3KZz4VRwoDWpzEz9D9d2iO%2ByLbb1BVvFluCSNk5098%2BwpM03vycruA4BR1tA6fFJe1Ajp7gvhFv6ZJEQMhLsa25jGlLka1RWb48xA3d6bGEDHuHfJ7M3EIzaPXD3i%2F1"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
751c8f8e496e7157-YUL
expires
Thu, 28 Sep 2023 03:31:21 GMT
video-js.min.css
omg.blog/wp-content/plugins/video-embed-thumbnail-generator/video-js/v5/
38 KB
13 KB
Stylesheet
General
Full URL
https://omg.blog/wp-content/plugins/video-embed-thumbnail-generator/video-js/v5/video-js.min.css?ver=5.20.5
Requested by
Host: omg.blog
URL: https://omg.blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b967a69371e3af4e63c91981001d84776d23811a57f5c9c6b3a96b6c2da9310

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 12:42:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
33082
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 26 Feb 2022 18:54:17 GMT
server
cloudflare
cross-origin-opener-policy
same-origin
etag
W/"99c8-5d8f0579f1fcb-gzip"
vary
X-Forwarded-Proto,Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NlyQsmwyql1h%2BF8xk0cMHZRGifErAd4X2TlfOP%2FGyfswmwTKI75syPQFf8SXQotz%2F25WhrjQmevm0ZtEAkA%2BW1okqv52iuaJGtbmLVmP%2FYYDr6sfEE5PHOykr8XXG1Rbr2UpCEm5"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
751c8f8e496f7157-YUL
expires
Thu, 28 Sep 2023 03:31:21 GMT
kg-video-js-skin.css
omg.blog/wp-content/plugins/video-embed-thumbnail-generator/video-js/v5/
1 KB
707 B
Stylesheet
General
Full URL
https://omg.blog/wp-content/plugins/video-embed-thumbnail-generator/video-js/v5/kg-video-js-skin.css?ver=4.7.4b
Requested by
Host: omg.blog
URL: https://omg.blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb748e759d5daf1c26b7ed8f789dee6acc62c7d9515c795160af5de8a2540811

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 12:42:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
33082
cf-polished
origSize=3776
referrer-policy
no-referrer-when-downgrade
cf-bgj
minify
last-modified
Sat, 26 Feb 2022 18:54:17 GMT
cross-origin-opener-policy
same-origin
server
cloudflare
etag
W/"ec0-5d8f0579f1fcb-gzip"
vary
X-Forwarded-Proto,Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UkfHgytvZzYQSXYvHrODh5S5sIFpVqEw54D8ycicb6lzb9xF1PursW%2FyGzJUanMlbChQpzn39PK4VSnKAdSoELZhixNEUgQnPEOeJsFlRIwb%2F5ld4dkjB3AXQURPWiPuIXBvXkHE"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
751c8f8e49707157-YUL
expires
Thu, 28 Sep 2023 03:31:21 GMT
kgvid_styles.css
omg.blog/wp-content/plugins/video-embed-thumbnail-generator/css/
16 KB
4 KB
Stylesheet
General
Full URL
https://omg.blog/wp-content/plugins/video-embed-thumbnail-generator/css/kgvid_styles.css?ver=4.7.4b
Requested by
Host: omg.blog
URL: https://omg.blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c22ed5414d1ca4d1421be7153eb44283645ddf78c2c14536379371a89260eb7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 12:42:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
33082
cf-polished
origSize=19417
referrer-policy
no-referrer-when-downgrade
cf-bgj
minify
last-modified
Sat, 26 Feb 2022 18:54:17 GMT
cross-origin-opener-policy
same-origin
server
cloudflare
etag
W/"4bd9-5d8f0579d9161-gzip"
vary
X-Forwarded-Proto,Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IaEDV8T%2FcD8waRxu27jScIYsPRXRlew%2BIA1yz4aM2hqszqxbX%2BS0N3A7FEbuXd6X%2FS5B2Y3Qr%2BhJ6iIfN35kz4Ki%2Frz2HE2Wx0MUdI2Ur58Xd621buUAUhiONlC9hxSns0XzPGIV"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
751c8f8e49717157-YUL
expires
Thu, 28 Sep 2023 03:31:21 GMT
style.css
omg.blog/wp-content/themes/mh_newsdesk/
29 KB
7 KB
Stylesheet
General
Full URL
https://omg.blog/wp-content/themes/mh_newsdesk/style.css?ver=6.0.2
Requested by
Host: omg.blog
URL: https://omg.blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d8af1e5471bc18ee4cad66847ea39ff7911dcffda1a1b99cc5ad1899208985f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 12:42:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
33082
cf-polished
origSize=36322
referrer-policy
no-referrer-when-downgrade
cf-bgj
minify
last-modified
Fri, 23 Feb 2018 22:28:29 GMT
cross-origin-opener-policy
same-origin
server
cloudflare
etag
W/"8de2-565e8adf6bd40-gzip"
vary
X-Forwarded-Proto,Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=REs31RhRLwJeMAzuVKT%2FTHq8ik0pY6BAMx4tjfOTnfWa%2F0ASnXza0U2SOw6w4nZmKqqSTFRysNhAQQMfyY4J0ZifatNlrIMFEQVcjSb%2FK8unXrB9033MQbcv0eSbpnfGihbu%2Bm5n"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
751c8f8e49727157-YUL
expires
Thu, 28 Sep 2023 03:31:21 GMT
style.css
omg.blog/wp-content/themes/omgblog/
11 KB
3 KB
Stylesheet
General
Full URL
https://omg.blog/wp-content/themes/omgblog/style.css?ver=1.3.7
Requested by
Host: omg.blog
URL: https://omg.blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
129a5ef94f84900d4a5cccef5ba19cd16b25151e5957b41905907a64f2fc44f5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 12:42:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
33082
cf-polished
origSize=14890
referrer-policy
no-referrer-when-downgrade
cf-bgj
minify
last-modified
Fri, 11 Jun 2021 12:37:53 GMT
cross-origin-opener-policy
same-origin
server
cloudflare
etag
W/"3a2a-5c47cc6c83ea0-gzip"
vary
X-Forwarded-Proto,Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EfWv2rMNhLnjbpRvu7SGuvFHlN2S0TQkZxCBrieUIqQz43V8NW13YeNq37WCsNPylYpFbQYOSgLUULV%2BUFpEU7VKMeIebDlbV74reEbMm7ImAGYeLBC5pges6KBZqVtebxFhUFM6"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
751c8f8e59817157-YUL
expires
Thu, 28 Sep 2023 03:31:21 GMT
cls.css
a.pub.network/core/pubfig/
2 KB
1 KB
Stylesheet
General
Full URL
https://a.pub.network/core/pubfig/cls.css
Requested by
Host: omg.blog
URL: https://omg.blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d510e16e6e569e573980fd67a55221795d539fd56688ecaca8d284255e86ee6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 12:42:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
440
x-guploader-uploadid
ADPycdtdc4ksRgjtC9EOsMCuNKuBBAYhEyFlSBEUVfPjPKu4EqnalCEYv_esSFOwRhqVmm_wpvlQZ7K06221Mk3Pocj7Ng
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
last-modified
Tue, 11 May 2021 20:31:48 GMT
server
cloudflare
etag
W/"2ad42c99ece77b46e5a42a85207a3750"
vary
Accept-Encoding
x-goog-hash
crc32c=kjwd8A==, md5=KtQsmezne0blpCqFIHo3UA==
x-goog-generation
1620765108454625
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kuHYLwHi3L62Ogx2e8ztIm74N6A9MrXZ2fgAYUP9hfLk8NmgdRrsfYKh5%2FN%2Bm1y8KEjDSnOI0DZCAo5os7aTgyS%2BoXP594rZB8uN%2FPmeiBdBhSOunCRr9M7fmVQzCPjanIxfkDMhE7IAqws%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
1752
cf-ray
751c8f8e8815ecfa-YUL
expires
Wed, 28 Sep 2022 13:35:24 GMT
wp-emoji-release.min.js
omg.blog/wp-includes/js/
18 KB
5 KB
Script
General
Full URL
https://omg.blog/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
Requested by
Host: omg.blog
URL: https://omg.blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 12:42:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
33082
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 26 May 2022 17:45:02 GMT
server
cloudflare
cross-origin-opener-policy
same-origin
etag
W/"48b9-5dfedbfd89cef-gzip"
vary
X-Forwarded-Proto,Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W1%2BuEuGbUtpVTApit%2Buu0rzqj2hPR6MKro4uG6suaooqkpt9%2BtxFYN0FgSe1u7smBAkG1%2BB9tNkgsmDOgfsazspihndIMyvTDYGev92mBFI4Q83tAGRkzOxwUEHcqUxy0%2FkA1xfZ"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=31536000
cf-ray
751c8f8ea9ef7157-YUL
expires
Thu, 28 Sep 2023 03:31:22 GMT
email-decode.min.js
omg.blog/cdn-cgi/scripts/5c5dd728/cloudflare-static/
1 KB
1 KB
Script
General
Full URL
https://omg.blog/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: omg.blog
URL: https://omg.blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 12:42:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 26 Sep 2022 11:11:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"633188f8-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fqaHqL39mtz4WILW%2B%2FODs0xEWO2eG70Ds0vH4lctJpAGle9gFPY2ojl6RrtxkB%2FKI2CnopPS4vmrHdjeJ8Rt2jkSMb7sbUccoQeBLkHaPlVqJ295P0MPWUAyrqn%2FUcJECi25X%2BRK"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
751c8f8ea9e67157-YUL
expires
Fri, 30 Sep 2022 12:42:44 GMT
jquery.min.js
omg.blog/wp-includes/js/jquery/
87 KB
32 KB
Script
General
Full URL
https://omg.blog/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: omg.blog
URL: https://omg.blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 12:42:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
33082
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 23 Jul 2021 05:15:05 GMT
server
cloudflare
cross-origin-opener-policy
same-origin
etag
W/"15db1-5c7c37c8ba9f4-gzip"
vary
X-Forwarded-Proto,Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K51YAYVvSQuqhmV%2FUuoRIfVHqu%2BJL9ZhX8OuiQZ3Y1VMRif5g9K23jb6Lzl14wYMRWiwbMi7SjhBvb84wLY0QGDI4GoqyUKRIp4h1dwqG7%2F2hQBLTTD0%2FojO5Fp0GAQmKFxBe%2BM%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=31536000
cf-ray
751c8f8ea9e77157-YUL
expires
Thu, 28 Sep 2023 03:31:21 GMT
jquery-migrate.min.js
omg.blog/wp-includes/js/jquery/
11 KB
4 KB
Script
General
Full URL
https://omg.blog/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: omg.blog
URL: https://omg.blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 12:42:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
33082
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 09 Dec 2020 16:41:46 GMT
server
cloudflare
cross-origin-opener-policy
same-origin
etag
W/"2bd8-5b60abc2ef88d-gzip"
vary
X-Forwarded-Proto,Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HkWct2sTbsG3wdcttyPC0yDOXaD8wUAKVRC7oMDVB0%2FEitfc6CmghebvNpGnmBJ5rwhxYll3JFkPqZvwQDUcgtTXhzs8CsrbDq%2FUNWZq%2Bn0YpM1AGvWc1bS%2BujlX%2FPnghGsOTlBE"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=31536000
cf-ray
751c8f8ea9e87157-YUL
expires
Thu, 28 Sep 2023 03:31:21 GMT
bootstrap-tooltip.js
omg.blog/wp-content/plugins/social-media-buttons-toolbar/inc/lib/bootstrap-tooltip/
12 KB
4 KB
Script
General
Full URL
https://omg.blog/wp-content/plugins/social-media-buttons-toolbar/inc/lib/bootstrap-tooltip/bootstrap-tooltip.js?ver=4.73
Requested by
Host: omg.blog
URL: https://omg.blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f41af81bae4a1e7a0227e3b5d6e9a449a6f981e1927a110ef0741c53e64c6ff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 12:42:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
33082
cf-polished
origSize=16719
referrer-policy
no-referrer-when-downgrade
cf-bgj
minify
last-modified
Mon, 06 Sep 2021 20:00:15 GMT
cross-origin-opener-policy
same-origin
server
cloudflare
etag
W/"414f-5cb591903e76c-gzip"
vary
X-Forwarded-Proto,Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BLLXrWApFx0l6UhLBKL9dwCz2qJA6fG6Xtv2Xx1p9Qo%2FCQOFp7M9wjfkSYNRTIM5YUV8ELvbSUbeUgyM%2BN8tkmnUkVYgIbfMtpmSSjbpz6vCiQpqaHZTjnhehet6OtWhXw3AFLLM"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=31536000
cf-ray
751c8f8ea9e97157-YUL
expires
Thu, 28 Sep 2023 03:31:21 GMT
scripts.js
omg.blog/wp-content/themes/mh_newsdesk/js/
14 KB
6 KB
Script
General
Full URL
https://omg.blog/wp-content/themes/mh_newsdesk/js/scripts.js?ver=6.0.2
Requested by
Host: omg.blog
URL: https://omg.blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e6463398e2aef19c756950f5ebfbda5493a164c35b9f8f0b9d568467f8fc82b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 12:42:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
33082
cf-polished
origSize=14885
referrer-policy
no-referrer-when-downgrade
cf-bgj
minify
last-modified
Fri, 23 Feb 2018 22:28:59 GMT
cross-origin-opener-policy
same-origin
server
cloudflare
etag
W/"3a25-565e8afc080c0-gzip"
vary
X-Forwarded-Proto,Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D9Gl3z%2BUVT3%2FomO5ZgRK%2Bb84%2B7gIeZvJ7f3FmmBlqG9wsgE9TEk9nJiwlbHUD0KBqJhCnau%2FNnM2yU158T8ybm5%2FqSbZ5kUx9TMCuRoTO3Y1YpocRkNwdGpKcPXbIcCP4QEqugrl"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=31536000
cf-ray
751c8f8ea9ea7157-YUL
expires
Thu, 28 Sep 2023 03:31:21 GMT
scripts.js
omg.blog/wp-content/themes/omgblog/js/
2 KB
1 KB
Script
General
Full URL
https://omg.blog/wp-content/themes/omgblog/js/scripts.js?ver=1.3.7
Requested by
Host: omg.blog
URL: https://omg.blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75cf6d2c1f06b9ac1a1e72a9424d3f27d8b13036f952e94508e91bef9610837a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 12:42:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
33082
cf-polished
origSize=3442
referrer-policy
no-referrer-when-downgrade
cf-bgj
minify
last-modified
Fri, 04 Feb 2022 19:34:20 GMT
cross-origin-opener-policy
same-origin
server
cloudflare
etag
W/"d72-5d736565a13c2-gzip"
vary
X-Forwarded-Proto,Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=opmAlcR5wV0oKrTI%2BFgCBQ5ZDIU9aS7zK6FmIlYbD%2FgVFPGwasgmUkA0IaCLsXiLpxr36mA7mW3F%2Fco0Q0S3Rb33VTLqJtnXjZLmLxG0E3cot10otYqywzwDBztQKKeBXRN0USXX"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=31536000
cf-ray
751c8f8ea9ec7157-YUL
expires
Thu, 28 Sep 2023 03:31:21 GMT
addthis_widget.js
s7.addthis.com/js/300/
353 KB
114 KB
Script
General
Full URL
https://s7.addthis.com/js/300/addthis_widget.js
Requested by
Host: omg.blog
URL: https://omg.blog/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.223.56.138 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-56-138.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
date
Wed, 28 Sep 2022 12:42:45 GMT
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
"5f971164-5834c"
vary
Accept-Encoding
x-distribution
99
content-type
application/javascript
cache-control
public, max-age=600
x-host
s7.addthis.com
content-length
116360
ibdEvFIE7B0Jqq1xzLAwE0EOTn2j_VOm35LsMpL2SVh-x3eNzNHjhIE1uNMhTs5EY10
causecherry.com/v2/0/
92 KB
28 KB
Script
General
Full URL
https://causecherry.com/v2/0/ibdEvFIE7B0Jqq1xzLAwE0EOTn2j_VOm35LsMpL2SVh-x3eNzNHjhIE1uNMhTs5EY10
Requested by
Host: omg.blog
URL: https://omg.blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:6665::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
5e8f3a756d589ccf364849cf9f90d2b4f2410669a61a494a55ab8723c72ddb1b
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
via
1.1 google
date
Wed, 28 Sep 2022 12:42:45 GMT
x-datacenter
gce-us-east1
etag
"98439194ccbccfc7e01a08c3156c13bd0921adfedb909bd03116abd978edf7cf"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-us-east1-spot-6724
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
x-buildnumber
632800667
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
gtm.js
www.googletagmanager.com/
159 KB
59 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NHGCD59
Requested by
Host: omg.blog
URL: https://omg.blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2008 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8424b5639175995590309eca1f9af43d10dff646d44c92ae6299f0a01d87af1c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 12:42:44 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
59923
x-xss-protection
0
last-modified
Wed, 28 Sep 2022 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 28 Sep 2022 12:42:44 GMT
truncated
/
67 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
703d478e3b70f4d94df050c62022203275d19bd17d5dedcb62513acd5b81e5d0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
64 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
01caf20e667c8e300960582162f912d9405e9895c32cff1a9ee95511fd509a2c

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
68 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d202eab777e0b1d47771966e196a7456c4ec209b5289c43a84ca203fc3297ef2

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
68 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
72ddf006df26d231eb0b80040376edd9390bb472dd1ca7eba56817b0c9d6e0a3

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
68 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
31873930855fe7c0caa18f6b841e0cf8a6955bd7900e468093bf6131641e1c89

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
70 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ffd127ad02c009a83075ff806fac72502c028ec3a8804d5297babf5befdb701c

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
omg-bg-new.jpg
omg.blog/wp-content/themes/omgblog/images/
11 KB
11 KB
Image
General
Full URL
https://omg.blog/wp-content/themes/omgblog/images/omg-bg-new.jpg
Requested by
Host: omg.blog
URL: https://omg.blog/wp-content/themes/omgblog/style.css?ver=1.3.7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d630e52aca130aa957fa7925afb15f64875eadc6cb2749edd156dc701915520

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/wp-content/themes/omgblog/style.css?ver=1.3.7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 12:42:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
33082
cf-polished
origSize=12298, status=vary_header_present
content-length
10928
referrer-policy
no-referrer-when-downgrade
cf-bgj
imgq:100,h2pri
last-modified
Fri, 14 May 2021 21:30:24 GMT
cross-origin-opener-policy
same-origin
server
cloudflare
etag
"300a-5c250f39edc00"
vary
X-Forwarded-Proto,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3YXP0ev9wHg0PosGq2wPt8iKPxl9hqTShKuJ5KcxT3EyjBvoxoGCSjzGkpXze86k76TAec6Vzvg3rlqIs%2FUTwMBABy%2FcOzit%2Fce0a6kHNCzqPMmGn%2BtzZ2Pe21gK1UgV1Ke9AuAX"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
751c8f8eca0c7157-YUL
expires
Thu, 28 Sep 2023 03:31:22 GMT
4GCVvY4NTIh0RJ3wu0ALzZ
open.spotify.com/embed-legacy/playlist/ Frame 228D
Redirect Chain
  • https://open.spotify.com/embed/playlist/4GCVvY4NTIh0RJ3wu0ALzZ?utm_source=generator
  • https://open.spotify.com/embed-legacy/playlist/4GCVvY4NTIh0RJ3wu0ALzZ?utm_source=generator
131 KB
28 KB
Document
General
Full URL
https://open.spotify.com/embed-legacy/playlist/4GCVvY4NTIh0RJ3wu0ALzZ?utm_source=generator
Requested by
Host: omg.blog
URL: https://omg.blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:1:c36:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
envoy /
Resource Hash
39ee7e995555be68f45ed3cadb7af1b883f700c44d934667148336fcfdbb32f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://omg.blog/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 28 Sep 2022 12:42:45 GMT
server
envoy
sp-trace-id
1ffb309267487067
strict-transport-security
max-age=31536000
vary
Accept-Encoding,Accept-Encoding
via
HTTP/2 edgeproxy, 1.1 google
x-content-type-options
nosniff

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 28 Sep 2022 12:42:45 GMT
location
/embed-legacy/playlist/4GCVvY4NTIh0RJ3wu0ALzZ?utm_source=generator
server
envoy
sp-trace-id
a06ef9b1d45d5776
strict-transport-security
max-age=31536000
vary
Accept-Encoding
via
HTTP/2 edgeproxy, 1.1 google
x-content-type-options
nosniff
truncated
/
68 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63081f898db4b72d9ec7c6a4c5b34cd1cf943ab18c102b783e24e818d48f3396

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
67 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cf45631c03c9bb508408305e395b735b5a181d5c75be1420c8e076282e11abef

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
1f50d.svg
s.w.org/images/core/emoji/14.0.0/svg/
460 B
694 B
Image
General
Full URL
https://s.w.org/images/core/emoji/14.0.0/svg/1f50d.svg
Requested by
Host: omg.blog
URL: https://omg.blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
s.w.org
Software
nginx /
Resource Hash
426d4db7bb4ca89f374e8c1b85807741e44b26a8d1691517f670256125624134
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-nc
HIT yyz 1
date
Wed, 28 Sep 2022 12:42:45 GMT
x-content-type-options
nosniff
last-modified
Tue, 12 Apr 2022 03:47:50 GMT
server
nginx
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
content-length
460
expires
Thu, 31 Dec 2037 23:55:55 GMT
1f36c.svg
s.w.org/images/core/emoji/14.0.0/svg/
1 KB
839 B
Image
General
Full URL
https://s.w.org/images/core/emoji/14.0.0/svg/1f36c.svg
Requested by
Host: omg.blog
URL: https://omg.blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
s.w.org
Software
nginx /
Resource Hash
f63e8881aa5a91bcbb208d40f8236dff8ed953f4a5254ac435fd61369b4be573
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-nc
HIT yyz 1
date
Wed, 28 Sep 2022 12:42:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 12 Apr 2022 03:47:26 GMT
server
nginx
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
omg-header-logo.jpg
omg.blog/wp-content/uploads/2016/12/
14 KB
15 KB
Image
General
Full URL
https://omg.blog/wp-content/uploads/2016/12/omg-header-logo.jpg
Requested by
Host: omg.blog
URL: https://omg.blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3395c4c64af7e2430203edaed24b39c0f08b5b4e65771d4a7cecbacdfefd2e84

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 12:42:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
33082
cf-polished
origSize=16038, status=vary_header_present
content-length
14492
referrer-policy
no-referrer-when-downgrade
cf-bgj
imgq:100,h2pri
last-modified
Tue, 13 Dec 2016 01:00:36 GMT
cross-origin-opener-policy
same-origin
server
cloudflare
etag
"3ea6-5437fbf7b7500"
vary
X-Forwarded-Proto,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2ju1vI36aL%2F5RixuYt2yb5Jw8tGLf6AW5fCtUFsWHh3DTZxnJ3TCAonaou38Ev6Zipk5z1lS%2BQRtEpNdFnw7xSLIYM43xyEuoPp5%2FlVtnbXwvHWjfXLd3BiRZ%2B5F4YYZKLB%2FRtGq"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
751c8f8f5ab47157-YUL
expires
Thu, 28 Sep 2023 03:31:22 GMT
facebook.png
omg.blog/wp-content/plugins/social-media-buttons-toolbar/inc/img/social-media-icons/
1 KB
1 KB
Image
General
Full URL
https://omg.blog/wp-content/plugins/social-media-buttons-toolbar/inc/img/social-media-icons/facebook.png
Requested by
Host: omg.blog
URL: https://omg.blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba56022925d545fe0bd7f2b81bbe48e19f57bc49de1ca18d7c9b5eca8c682f9b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 12:42:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
33082
cf-polished
status=not_needed
content-length
1066
referrer-policy
no-referrer-when-downgrade
cf-bgj
imgq:100,h2pri
last-modified
Mon, 06 Sep 2021 20:00:15 GMT
cross-origin-opener-policy
same-origin
server
cloudflare
etag
"42a-5cb5919036e56"
vary
X-Forwarded-Proto,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9qoqzB1VCRTpiCEiGvEDjPIHY9twWJfPr3YkK9fb2XIMOdSLQDEji6%2Fl42%2F4aRHR%2F1fO%2BOBL3YsoA3FFD0LtXEjhdXutuXZsETQvs6oKpHA4BmGLlhVeTtzIuoBQteRZQyXarlQT"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
751c8f8f5ab57157-YUL
expires
Thu, 28 Sep 2023 03:31:22 GMT
twitter.png
omg.blog/wp-content/plugins/social-media-buttons-toolbar/inc/img/social-media-icons/
2 KB
3 KB
Image
General
Full URL
https://omg.blog/wp-content/plugins/social-media-buttons-toolbar/inc/img/social-media-icons/twitter.png
Requested by
Host: omg.blog
URL: https://omg.blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14c34f76f68a0486c21d2efb95929f5a4e06e741c8bed226f0d4f9b00def8b48

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 12:42:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
33082
cf-polished
status=not_needed
content-length
2395
referrer-policy
no-referrer-when-downgrade
cf-bgj
imgq:100,h2pri
last-modified
Mon, 06 Sep 2021 20:00:15 GMT
cross-origin-opener-policy
same-origin
server
cloudflare
etag
"95b-5cb591903d3e5"
vary
X-Forwarded-Proto,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=96lxpTDoGxk5VXcmInTNneR8JqRol1%2B%2BW3XllVQwJaXfpTHZXH6XjSjy0goh8mtm7hSMWPbvQPcq5vn6S8EOujphPsjJkB%2B2%2FL%2FFkaCB8YX14HgMIFPWfGJ4a9653w3QYbGIEb9Q"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
751c8f8f5ab67157-YUL
expires
Thu, 28 Sep 2023 03:31:22 GMT
instagram.png
omg.blog/wp-content/plugins/social-media-buttons-toolbar/inc/img/social-media-icons/
4 KB
4 KB
Image
General
Full URL
https://omg.blog/wp-content/plugins/social-media-buttons-toolbar/inc/img/social-media-icons/instagram.png
Requested by
Host: omg.blog
URL: https://omg.blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abc60c07c766f2d2be1ea7284c847c72fe34488d02c109b09024d5fd2cefdac9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 12:42:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
33082
cf-polished
status=not_needed
content-length
3876
referrer-policy
no-referrer-when-downgrade
cf-bgj
imgq:100,h2pri
last-modified
Mon, 06 Sep 2021 20:00:15 GMT
cross-origin-opener-policy
same-origin
server
cloudflare
etag
"f24-5cb5919037626"
vary
X-Forwarded-Proto,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c2fb%2FMWe1ZDnBkeICvbHMqd1EZxQNsiF18Ap1jXhypyWuau8dV3k8YdsYyDbN75OxjX7FDwzq5sX9OaJz032mPI7gCWD3FeHl%2BmR521F0UoQvExDuLUlQjVoL%2BrblENygr363%2FUi"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
751c8f8f5aba7157-YUL
expires
Thu, 28 Sep 2023 03:31:23 GMT
reddit.png
omg.blog/wp-content/plugins/social-media-buttons-toolbar/inc/img/social-media-icons/
3 KB
3 KB
Image
General
Full URL
https://omg.blog/wp-content/plugins/social-media-buttons-toolbar/inc/img/social-media-icons/reddit.png
Requested by
Host: omg.blog
URL: https://omg.blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c59c4b0eadd9893c6813284c5d823c552b3bc17a72c7e0772cc9848584a9385

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 12:42:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
33083
cf-polished
status=not_needed
content-length
2959
referrer-policy
no-referrer-when-downgrade
cf-bgj
imgq:100,h2pri
last-modified
Mon, 06 Sep 2021 20:00:15 GMT
cross-origin-opener-policy
same-origin
server
cloudflare
etag
"b8f-5cb591903cc15"
vary
X-Forwarded-Proto,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hDvNRpacwQE9MruxezDFUvT%2BUr2FfmXU7ejQCtJo69aDhOs83n2ZR%2BjmsYDgFg0AWEsRoBe%2FSePFdYiZAPWV9LGQ%2F%2BF%2FKwcp5917k5UJ3BZKVpJkVMCw6edpaQUMFDCCXjTRyU3p"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
751c8f8f5abb7157-YUL
expires
Thu, 28 Sep 2023 03:31:22 GMT
pinterest.png
omg.blog/wp-content/plugins/social-media-buttons-toolbar/inc/img/social-media-icons/
2 KB
2 KB
Image
General
Full URL
https://omg.blog/wp-content/plugins/social-media-buttons-toolbar/inc/img/social-media-icons/pinterest.png
Requested by
Host: omg.blog
URL: https://omg.blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b9a478fe38db859ad9d24d09af9655474f65f1f93cd35ead7cdd04d5542dda7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 12:42:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
33082
cf-polished
status=not_needed
content-length
1936
referrer-policy
no-referrer-when-downgrade
cf-bgj
imgq:100,h2pri
last-modified
Mon, 06 Sep 2021 20:00:15 GMT
cross-origin-opener-policy
same-origin
server
cloudflare
etag
"790-5cb5919037df6"
vary
X-Forwarded-Proto,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XnkBegB%2BZpPkd3BaDMqGGt4j%2FbYhd1RU3B99dEjjRw2OFm00Mnfr2gozTskoJUDIEr67NVCzEjL9fkho5rC1mAybZDT09ULFJdOdi8OqZZju8GvxMSVHGfHZ0KvVqqZmSbI%2FwN5e"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
751c8f8f5abc7157-YUL
expires
Thu, 28 Sep 2023 03:31:23 GMT
snapchat.png
omg.blog/wp-content/plugins/social-media-buttons-toolbar/inc/img/social-media-icons/
2 KB
2 KB
Image
General
Full URL
https://omg.blog/wp-content/plugins/social-media-buttons-toolbar/inc/img/social-media-icons/snapchat.png
Requested by
Host: omg.blog
URL: https://omg.blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
301ffd3d5af33858d74ce79590fde43eda1d4aa66f56e2acaece2f9cea20b793

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 12:42:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
33082
cf-polished
status=not_needed
content-length
1961
referrer-policy
no-referrer-when-downgrade
cf-bgj
imgq:100,h2pri
last-modified
Mon, 06 Sep 2021 20:00:15 GMT
cross-origin-opener-policy
same-origin
server
cloudflare
etag
"7a9-5cb591903cffd"
vary
X-Forwarded-Proto,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0l7pQ7QK1gH9AMRwG4jrFCy5BVsUUK%2F4mnKebCekLy75x9vh4O8Flm7fWxpriFiRONhnr0TIhVwrzBTNYT1DTRcEfV%2F2HuJXLa%2FJsie4Fy9xMUGGCPbAKsVwuKBpgFVl8wab4NNk"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
751c8f8f5abd7157-YUL
expires
Thu, 28 Sep 2023 03:31:23 GMT
spotify.png
omg.blog/wp-content/plugins/social-media-buttons-toolbar/inc/img/social-media-icons/
2 KB
2 KB
Image
General
Full URL
https://omg.blog/wp-content/plugins/social-media-buttons-toolbar/inc/img/social-media-icons/spotify.png
Requested by
Host: omg.blog
URL: https://omg.blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dbf179d12fe531a65ba95bc98104fd71586811e0f6026fc704a51a836d18bf53

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 12:42:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
33082
cf-polished
status=not_needed
content-length
1762
referrer-policy
no-referrer-when-downgrade
cf-bgj
imgq:100,h2pri
last-modified
Mon, 06 Sep 2021 20:00:15 GMT
cross-origin-opener-policy
same-origin
server
cloudflare
etag
"6e2-5cb591903cffd"
vary
X-Forwarded-Proto,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5GZlxvVt%2B2YLp7%2Fx1Eg4d1uanmaHZsTCcLTuNcighgv5lpH%2BunmzDeS5wReXgZxbCMM%2B8sRrY9y98%2B7TWThE%2FLoIlZBCMdRlr3pnwGZXUCTe4Uki4OnEM5Rithd2c3rOnkYbU9i9"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
751c8f8f5abe7157-YUL
expires
Thu, 28 Sep 2023 03:31:23 GMT
flipboard.png
omg.blog/wp-content/plugins/social-media-buttons-toolbar/inc/img/social-media-icons/
850 B
1 KB
Image
General
Full URL
https://omg.blog/wp-content/plugins/social-media-buttons-toolbar/inc/img/social-media-icons/flipboard.png
Requested by
Host: omg.blog
URL: https://omg.blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
826d2b9d8bb0092c5381c66451ded8e2f54c486930f1d37d677cac688a92c002

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 12:42:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
33082
cf-polished
status=not_needed
content-length
850
referrer-policy
no-referrer-when-downgrade
cf-bgj
imgq:100,h2pri
last-modified
Mon, 06 Sep 2021 20:00:15 GMT
cross-origin-opener-policy
same-origin
server
cloudflare
etag
"352-5cb591903723e"
vary
X-Forwarded-Proto,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iLTTsLAHHPHi0%2BKJmT3153RLMUK6WJ7sH4UzpbNvOaCn4z85g8rPPKdkI5CHlD%2FCu04JDxLwb2qI%2BYGb4htbx0ceM9XguDdfojS9X%2BxO9EDxh7gfeua2NGSFjghvD2%2Fk5ThN7f1H"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
751c8f8f5abf7157-YUL
expires
Thu, 28 Sep 2023 03:31:23 GMT
omg-playlist-sept-2022.jpg
omg.blog/wp-content/uploads/2022/09/
61 KB
62 KB
Image
General
Full URL
https://omg.blog/wp-content/uploads/2022/09/omg-playlist-sept-2022.jpg
Requested by
Host: omg.blog
URL: https://omg.blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a1f3b0c6d17aac0fd7ef2aaaa85ddce44a3dce2e7de3c5496a3b2d6804f77c9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 12:42:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
33083
cf-polished
origSize=65558, status=vary_header_present
content-length
62900
referrer-policy
no-referrer-when-downgrade
cf-bgj
imgq:100,h2pri
last-modified
Mon, 26 Sep 2022 23:00:20 GMT
cross-origin-opener-policy
same-origin
server
cloudflare
etag
"10016-5e99c7df1ad36"
vary
X-Forwarded-Proto,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NHrB%2BGcyonfsfBPoLS4vtGeXFQ1Snw58F0H%2F9LCJAYBLw1QgmcwcwlWzRIb0%2Fm8DEV6gqGWG4H3pAj0GiIk1%2Fua522gx1qsulLVhWb2lQ5IpMmM8hII69Kp3ZqAl1E6tk0lAqbY5"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
751c8f8f6ac27157-YUL
expires
Thu, 28 Sep 2023 03:31:22 GMT
omg-playlist-sept-2022-120x67.jpg
omg.blog/wp-content/uploads/2022/09/
4 KB
4 KB
Image
General
Full URL
https://omg.blog/wp-content/uploads/2022/09/omg-playlist-sept-2022-120x67.jpg
Requested by
Host: omg.blog
URL: https://omg.blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ef5689cc674d35eb2d1895b56e670dff48e80454fe513b4f4da5b842898f06b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 12:42:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
33075
cf-polished
status=not_needed
content-length
3626
referrer-policy
no-referrer-when-downgrade
cf-bgj
imgq:100,h2pri
last-modified
Mon, 26 Sep 2022 23:00:21 GMT
cross-origin-opener-policy
same-origin
server
cloudflare
etag
"e2a-5e99c7e00bc76"
vary
X-Forwarded-Proto,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rojh2D34cIKlhmnQ8acU21Et%2BzZx590uykWEThxVGdd5fGYFGNdaSnZQcSeYqgsBZvuEh1xbMCvsun4IxLf3afz2QiUbPinqu5J3C3hcaXcebbST89s40hpVGs%2BDyf1b%2F0zwTLcw"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
751c8f8f6ac37157-YUL
expires
Thu, 28 Sep 2023 03:31:30 GMT
omg-playlist-aug-2022-120x67.jpg
omg.blog/wp-content/uploads/2022/08/
4 KB
5 KB
Image
General
Full URL
https://omg.blog/wp-content/uploads/2022/08/omg-playlist-aug-2022-120x67.jpg
Requested by
Host: omg.blog
URL: https://omg.blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38fab9383cf36eaedd0df98b3405c528e6651216a91e7256c1644122172d05bd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 12:42:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
30972
cf-polished
origSize=4314, status=vary_header_present
content-length
4278
referrer-policy
no-referrer-when-downgrade
cf-bgj
imgq:100,h2pri
last-modified
Fri, 26 Aug 2022 13:20:07 GMT
cross-origin-opener-policy
same-origin
server
cloudflare
etag
"10da-5e724c5d49e68"
vary
X-Forwarded-Proto,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iW2rW89h7XeFVqx7JQsXc1L%2BRPWLArMRGzKYBg6Wetx16PMAp9RF3V2aw5fo7YF8HFPxmJp3sOzAbbi0oW5ChYyu8ZUNfJatmeTmckgfE%2BgF1LRySohWVxtgcn4DTD3za%2BWyMVyd"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
751c8f8f6ac47157-YUL
expires
Thu, 28 Sep 2023 04:06:33 GMT
Screen-Shot-2022-09-22-at-3.05.46-PM-120x67.png
omg.blog/wp-content/uploads/2022/09/
7 KB
8 KB
Image
General
Full URL
https://omg.blog/wp-content/uploads/2022/09/Screen-Shot-2022-09-22-at-3.05.46-PM-120x67.png
Requested by
Host: omg.blog
URL: https://omg.blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef84ceb7c17ccbedce44458d12ba1295d23dfece293119e32ad194549841d9c1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 12:42:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
33082
cf-polished
origSize=8147, status=vary_header_present
content-length
7305
referrer-policy
no-referrer-when-downgrade
cf-bgj
imgq:100,h2pri
last-modified
Fri, 23 Sep 2022 16:25:45 GMT
cross-origin-opener-policy
same-origin
server
cloudflare
etag
"1fd3-5e95aa1428f38"
vary
X-Forwarded-Proto,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m3JDx1jZTWEM%2BseaFh%2FerOTbJobmA5%2BU9kRkMElv6maWehm8tnbTfBEw1CQspEMG2if5xdBI%2Bhhsc%2FQB%2F83Ltad0W8L77LKvJzywIhZ2EASJdkmvcdVfSNCNjUQEbII5ntAO%2FQUI"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
751c8f8f6ac57157-YUL
expires
Thu, 28 Sep 2023 03:31:23 GMT
Screen-Shot-2022-09-13-at-11.31.30-AM-120x67.png
omg.blog/wp-content/uploads/2022/09/
16 KB
17 KB
Image
General
Full URL
https://omg.blog/wp-content/uploads/2022/09/Screen-Shot-2022-09-13-at-11.31.30-AM-120x67.png
Requested by
Host: omg.blog
URL: https://omg.blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df4789427f966fac0cebdd437539bcd2ba40c42ffe59775e55ccdd4c2e24ac9d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 12:42:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
33082
cf-polished
origSize=19358, status=vary_header_present
content-length
16821
referrer-policy
no-referrer-when-downgrade
cf-bgj
imgq:100,h2pri
last-modified
Tue, 13 Sep 2022 18:10:52 GMT
cross-origin-opener-policy
same-origin
server
cloudflare
etag
"4b9e-5e892eec05a69"
vary
X-Forwarded-Proto,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XQ1pWi8jkLvF9VhueFjjKiZb5qREb8EDKve11oMW68RIXD197VOpMNtYYCRCkKsygvvGdNH6V6bOSZUm5PzJfQeDm4nujfezMfGnxBtIOJbHhpJdprZkgRN8757uBmFz0FDZNlRw"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
751c8f8f6ac67157-YUL
expires
Thu, 28 Sep 2023 03:31:23 GMT
skeleton.js
static.adsafeprotected.com/
17 B
467 B
Script
General
Full URL
https://static.adsafeprotected.com/skeleton.js
Requested by
Host: causecherry.com
URL: https://causecherry.com/v2/0/ibdEvFIE7B0Jqq1xzLAwE0EOTn2j_VOm35LsMpL2SVh-x3eNzNHjhIE1uNMhTs5EY10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sat, 06 Aug 2022 08:33:18 GMT
x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via
1.1 d1fe44bb64238a84cc5fc2e3dbc947c6.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
age
4594168
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
AmazonS3
etag
"53fab767ecbd3bf07990b10246befbd4"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
asihuqeCs8Z37yMFx6wzSpLJXeRpFKhKqXBCBh57cdW92zJFfOYPBw==
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NHGCD59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 28 Sep 2022 12:34:58 GMT
last-modified
Sun, 11 Sep 2022 13:50:09 GMT
server
Golfe2
age
467
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19826
expires
Wed, 28 Sep 2022 14:34:58 GMT
quant.js
secure.quantserve.com/
26 KB
10 KB
Script
General
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NHGCD59
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:f059:4f7e:28a9:1588 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
34686cba28b7d374710a0b8204ae2cbce77ced594bcac71bef4f5260a8d99745

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 12:42:45 GMT
content-encoding
gzip
etag
"eN3sxSgaav0x5wHLxGB1gQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Wed, 05 Oct 2022 12:42:45 GMT
loader.min.js
main.pubexchange.com/
18 KB
7 KB
Script
General
Full URL
https://main.pubexchange.com/loader.min.js
Requested by
Host: omg.blog
URL: https://omg.blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93bdfb8e737cfcc6f756b53b8893ddc1d47eacbb4519812b7727a163aaab46cf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 12:42:45 GMT
via
1.1 1a25e657bbdfbe4dde177fef28655f02.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
EWR52-C4
age
121
x-amz-meta-cb-modifiedtime
Mon, 03 Aug 2020 15:54:59 GMT
x-cache
Hit from cloudfront
last-modified
Mon, 03 Aug 2020 16:06:21 GMT
server
cloudflare
etag
W/"540449acb8c6aef7ee397ca8050b3341"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T65aT1HULoDB8abdrlpCKjOPTLY55qI8hdaZhgD9NchBtMaTm73WS19BuM%2FBIOUZ18lgvrKNT4EOSCOD7L%2BEF2BP8PbNphZKkVvSIitt%2FFw4AK7%2B146FeExjNFYUDb4p3p0%2B3Bd7FbjiZmB3fQwu%2B6dy"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=432000
cf-ray
751c8f902acd7142-YUL
x-amz-cf-id
hEw6oULrUNnwimG4LCIIKOjIWnckb6_fwuukuk4OwjNS3GpP9sh-8Q==
matomo.js
omg.blog/matomo/
63 KB
21 KB
Script
General
Full URL
https://omg.blog/matomo/matomo.js
Requested by
Host: omg.blog
URL: https://omg.blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9424a4be4e21ce5134bcfd62c9967cf7918052290899e43d99271703d7ed0836

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 12:42:45 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
33078
cf-polished
origSize=64478
referrer-policy
no-referrer-when-downgrade
cf-bgj
minify
last-modified
Fri, 05 Aug 2022 15:14:12 GMT
cross-origin-opener-policy
same-origin
server
cloudflare
etag
W/"fbde-5e57feb2dc941-gzip"
vary
X-Forwarded-Proto,Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e0MwvM7z0k2Chvxxu6GrNp9bEN9bENNgrOLBOVyeUdFgbK1M2r2eRbQusc%2B6nrCt3ikAZTZ2zyJ5FJoLO709kYXqd%2B4RokmLnY4Nle7Zu7YJ0DB07KU0dMU%2BN0ti2iI6t45gOvW2"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=31536000
cf-ray
751c8f8feb607157-YUL
expires
Thu, 28 Sep 2023 03:31:27 GMT
js
www.googletagmanager.com/gtag/
208 KB
73 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-E9W5XP51BD&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NHGCD59
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2008 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bcc0a2dfd3e9e3a73fd9486a4e9349f6a320ceafa8c767039b7a8cbfa441cd0d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 12:42:45 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
74873
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 28 Sep 2022 12:42:45 GMT
moatframe.js
z.moatads.com/addthismoatframe568911941483/
2 KB
1 KB
Script
General
Full URL
https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

unused62
8096267
date
Wed, 28 Sep 2022 12:42:45 GMT
content-encoding
gzip
last-modified
Fri, 08 Nov 2019 20:13:52 GMT
server
AmazonS3
x-amz-request-id
3BDAE1FAB05E52F4
etag
"f14b4e1f799b14f798a195f43cf58376"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=23751
accept-ranges
bytes
content-length
948
x-amz-id-2
JQEtOEyiFCqCP1YLI1OIPGBGUg/WHgpDv22+z5rvn/G8szLTqEelRVwbxuu0H6mk2GphOf1hSec=
embed-legacy.831fa035.css
open.spotifycdn.com/cdn/build/embed-legacy/ Frame 228D
23 KB
4 KB
Stylesheet
General
Full URL
https://open.spotifycdn.com/cdn/build/embed-legacy/embed-legacy.831fa035.css
Requested by
Host: open.spotify.com
URL: https://open.spotify.com/embed-legacy/playlist/4GCVvY4NTIh0RJ3wu0ALzZ?utm_source=generator
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:79::761 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
71b463edd4bbed141570ca3c12f571bc07e7cf8639a3e064ecca4411488af7f1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://open.spotify.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 12:42:45 GMT
Content-Encoding
gzip
Age
2516341
X-Cache
HIT, HIT
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
Connection
keep-alive
Content-Length
3509
X-Served-By
cache-chi-klot8100141-CHI, cache-iad-kcgs7200117-IAD
Last-Modified
Mon, 25 Jul 2022 10:32:22 GMT
ETag
"9d04a5c053836e9cdaaed792e0e6a744"
x-goog-generation
1658745142507438
Content-Type
text/css
Access-Control-Allow-Origin
https://open.spotify.com
Cache-Control
public, max-age=31536000
x-goog-stored-content-length
3509
Accept-Ranges
bytes
X-Cache-Hits
15975, 8896
embed-legacy.400d22a7.js
open.spotifycdn.com/cdn/build/embed-legacy/ Frame 228D
618 KB
126 KB
Script
General
Full URL
https://open.spotifycdn.com/cdn/build/embed-legacy/embed-legacy.400d22a7.js
Requested by
Host: open.spotify.com
URL: https://open.spotify.com/embed-legacy/playlist/4GCVvY4NTIh0RJ3wu0ALzZ?utm_source=generator
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:79::761 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
470dd4523c3200a7d908c30989b2877ddf8b0fe9dcefc087d15620fff31ad3fc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://open.spotify.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 12:42:45 GMT
Content-Encoding
gzip
Age
467
X-Cache
HIT, HIT
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
Connection
keep-alive
Content-Length
128577
X-Served-By
cache-chi-klot8100059-CHI, cache-iad-kcgs7200079-IAD
Last-Modified
Wed, 28 Sep 2022 12:30:37 GMT
ETag
"ad1d726f07f72e6544aada51f7bc0832"
x-goog-generation
1664368237726462
Content-Type
application/javascript
Access-Control-Allow-Origin
https://open.spotify.com
Cache-Control
public, max-age=31536000
x-goog-stored-content-length
128577
Accept-Ranges
bytes
X-Cache-Hits
1, 3
vendor~embed-legacy.5731c9dc.js
open.spotifycdn.com/cdn/build/embed-legacy/ Frame 228D
724 KB
212 KB
Script
General
Full URL
https://open.spotifycdn.com/cdn/build/embed-legacy/vendor~embed-legacy.5731c9dc.js
Requested by
Host: open.spotify.com
URL: https://open.spotify.com/embed-legacy/playlist/4GCVvY4NTIh0RJ3wu0ALzZ?utm_source=generator
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:79::761 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b566eb9e18f40e97326ff40241ad4db171b8183e57058abdb9fcb4f1f0b3bbe0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://open.spotify.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 12:42:45 GMT
Content-Encoding
gzip
Age
427193
X-Cache
HIT, HIT
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
Connection
keep-alive
Content-Length
216408
X-Served-By
cache-chi-klot8100021-CHI, cache-iad-kcgs7200030-IAD
Last-Modified
Fri, 23 Sep 2022 13:58:28 GMT
ETag
"6cfb055add86ca9eaec1ea804e296841"
x-goog-generation
1663941508891823
Content-Type
application/javascript
Access-Control-Allow-Origin
https://open.spotify.com
Cache-Control
public, max-age=31536000
x-goog-stored-content-length
216408
Accept-Ranges
bytes
X-Cache-Hits
1, 41
omgblog-rail_grid_1-prod
cdn2.pubexchange.com/module/
7 KB
2 KB
Script
General
Full URL
https://cdn2.pubexchange.com/module/omgblog-rail_grid_1-prod?callback=pubx_rail_grid_1
Requested by
Host: main.pubexchange.com
URL: https://main.pubexchange.com/loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a97701135de3c6784dd656d2769b98d259f3d0a710ee125bb112cfbbf62b209
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 12:42:45 GMT
via
1.1 vegur, 1.1 c5c79ef7442267e414f3389ffcc2f0fa.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
EWR53-C2
age
962
content-encoding
br
x-cache
Hit from cloudfront
last-modified
Wed, 28 Sep 2022 12:26:43 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jWOtJX%2F99CI3U5iGYpdH6tVnSf60LsNgJJOyIpJaz0uoeC5d%2B7oQuYTuau0NzIkTj5Nvp%2F9TElz7Vi%2Fkccoudm5wsMNO34wd1oau2YAk9McybJO%2FAx62ouyMc4tXzomEp3kagCMkvXA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript;charset=utf-8
cache-control
public, must-revalidate, max-age=1800
cf-ray
751c8f908b2d7142-YUL
x-amz-cf-id
7h06GBi_yDADtzRP1Q1puAjEHpXCZKRnroZzyo0M8Ne1jj2xjgsIoQ==
omgblog
cdn2.pubexchange.com/partners/
2 KB
2 KB
Script
General
Full URL
https://cdn2.pubexchange.com/partners/omgblog
Requested by
Host: main.pubexchange.com
URL: https://main.pubexchange.com/loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
458315e257eca8490d60f49da51ef4900a77891c298b751a6f69f62e78d6f548
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 12:42:45 GMT
via
1.1 vegur, 1.1 78cc4d359edf91a401bf5898aa1dacc6.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
EWR53-C2
age
90874
content-encoding
br
x-cache
Hit from cloudfront
last-modified
Tue, 27 Sep 2022 11:28:11 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ngQizxKVlWwci0YBwHofuMbViHNCr1fdxL3ErAUP%2Fz23kMrZt%2FReQgCHF88n58IFRGEmYZHwxHP3X%2FpbDkiXJsXARLA8QPr7fuHZFGIEE9Mi%2Bk425UDLlzxD565dLzzojrdMiDA5JLE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript;charset=utf-8
cache-control
public, must-revalidate, max-age=432000
cf-ray
751c8f907b2b7142-YUL
x-amz-cf-id
G29vQ2xICn8Qi1JGySw8w8o9OK6lFwod960UfQA_pgHLc_aP-_vV0g==
collect
www.google-analytics.com/j/
2 B
22 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j97&a=528046359&t=pageview&_s=1&dl=https%3A%2F%2Fomg.blog%2F&ul=en-us&de=UTF-8&dt=OMG.BLOG%20-%20The%20original%2C%20since%202003.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=511625669&gjid=1961868011&cid=2103452496.1664368965&tid=UA-255852-1&_gid=1775662787.1664368965&_r=1&gtm=2wg9q0NHGCD59&z=1153607117
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://omg.blog/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 12:42:45 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://omg.blog
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
matomo.php
omg.blog/matomo/
0
319 B
Ping
General
Full URL
https://omg.blog/matomo/matomo.php?action_name=OMG.BLOG%20-%20The%20original%2C%20since%202003.&idsite=1&rec=1&r=918446&h=12&m=42&s=45&url=https%3A%2F%2Fomg.blog%2F&_id=ef3facc9c268b226&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=BoOvRr&pf_net=41&pf_srv=388&pf_tfr=85&pf_dm1=162
Requested by
Host: omg.blog
URL: https://omg.blog/matomo/matomo.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.13
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://omg.blog/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

date
Wed, 28 Sep 2022 12:42:45 GMT
referrer-policy
no-referrer-when-downgrade
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cross-origin-opener-policy
same-origin
x-powered-by
PHP/7.4.13
vary
X-Forwarded-Proto,Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9psMj9Bu0AsA%2B2YGAAJsVqNh4OdZ6xdmcW%2Bh6bqr7OPs%2FkCyGhsMjNFTtGzOb9zPZTQwhBW37Lvcd42k0dAV2ePOQfy1YYKe1OS94AEmciuOMXM84XtSbfSM77gQBo8%2Fs4V3uEUn"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://omg.blog
access-control-allow-credentials
true
cf-ray
751c8f90ac3f7157-YUL
boy-harsher-HERO-1-Photo-Credit-Jordan-Hemmingway-1-120x67.jpg
omg.blog/wp-content/uploads/2022/09/
2 KB
2 KB
Image
General
Full URL
https://omg.blog/wp-content/uploads/2022/09/boy-harsher-HERO-1-Photo-Credit-Jordan-Hemmingway-1-120x67.jpg
Requested by
Host: omg.blog
URL: https://omg.blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8faceb2a19c7daffbc468c88edd7e19b2ff0c6792a9403ad340d5f262c39a48b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 12:42:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3191
cf-polished
origSize=2677, status=vary_header_present
content-length
1790
referrer-policy
no-referrer-when-downgrade
cf-bgj
imgq:100,h2pri
last-modified
Wed, 07 Sep 2022 16:16:46 GMT
cross-origin-opener-policy
same-origin
server
cloudflare
etag
"a75-5e818a3b31bb8"
vary
X-Forwarded-Proto,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6fY%2FHY7ma75UhmOY9xlRbSt9fbcAgxgWXN7dUS%2FzgFkXo9jLZPXaqwbh3JMYGmwVNSTzEtjM%2FSc3osBbPvqRM4isjeMHv1bwBzp498S2T9hBJGCCJNm%2B5jFK7g00YUOAW%2BDVj6fY"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
751c8f90ac427157-YUL
expires
Thu, 28 Sep 2023 11:49:33 GMT
Screen-Shot-2022-07-25-at-7.58.40-PM-120x67.png
omg.blog/wp-content/uploads/2022/08/
13 KB
13 KB
Image
General
Full URL
https://omg.blog/wp-content/uploads/2022/08/Screen-Shot-2022-07-25-at-7.58.40-PM-120x67.png
Requested by
Host: omg.blog
URL: https://omg.blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d88e19480afd719fd69c02036367374fb0707e6309e57e5f9f5490d3bbce3fae

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 12:42:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
33075
cf-polished
origSize=14875, status=vary_header_present
content-length
13214
referrer-policy
no-referrer-when-downgrade
cf-bgj
imgq:100,h2pri
last-modified
Thu, 04 Aug 2022 03:06:54 GMT
cross-origin-opener-policy
same-origin
server
cloudflare
etag
"3a1b-5e561a4472031"
vary
X-Forwarded-Proto,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aRcmBj9IUf6ST7u6HSnooV%2FDxXgWWy8bko0sIGeMrncAHRRtypTqGPHdRnBpmhalA8iBFasHO67uU5MjFS8qvfERJ1uq7drwzH8bWV%2ByLYhVe%2Bgt1bQcZ31qR1zlkEagyGJIDkcH"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
751c8f90ac437157-YUL
expires
Thu, 28 Sep 2023 03:31:30 GMT
collect
www.google-analytics.com/g/
0
17 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-E9W5XP51BD&gtm=2oe9q0&_p=528046359&cid=2103452496.1664368965&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_z=ccd.v9B&_s=1&sid=1664368965&sct=1&seg=0&dl=https%3A%2F%2Fomg.blog%2F&dt=OMG.BLOG%20-%20The%20original%2C%20since%202003.&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-E9W5XP51BD&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 12:42:45 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://omg.blog
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rules-p-89e5PRr9xUpng.js
rules.quantcount.com/
2 KB
1 KB
Script
General
Full URL
https://rules.quantcount.com/rules-p-89e5PRr9xUpng.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:6a00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5fbde5a08eb0daa31179ebd474c5bb9efb934e24b6b22411f6c112bdbf096d0f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 12:13:05 GMT
content-encoding
gzip
via
1.1 fadedfea448fa31cb8aba15ba1b05064.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
age
2268
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Sat, 27 Aug 2022 22:07:05 GMT
server
AmazonS3
etag
W/"cda594f7211dc0d3842cc0d89f75b49f"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-id
6s4ig_7pBMPENKcw4HI-W-UgffDHrp1KtfzAgzI-BpswAe4N_KnAJA==
Partners-in-Rhyme-1.jpg
i1.wp.com/www.renewcanceltv.com/wp-content/uploads/2022/09/
11 KB
11 KB
Image
General
Full URL
https://i1.wp.com/www.renewcanceltv.com/wp-content/uploads/2022/09/Partners-in-Rhyme-1.jpg?w=300&quality=80
Requested by
Host: omg.blog
URL: https://omg.blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
259d8ef929cf3bf47f46074576815a11499dffc5d48c1b1a3ba96e12656412a0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-nc
HIT yyz 3
date
Wed, 28 Sep 2022 12:42:45 GMT
x-content-type-options
nosniff
last-modified
Tue, 27 Sep 2022 23:11:32 GMT
server
nginx
etag
"93ea04296881806d"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://www.renewcanceltv.com/wp-content/uploads/2022/09/Partners-in-Rhyme-1.jpg>; rel="canonical"
content-length
10786
expires
Fri, 27 Sep 2024 11:11:32 GMT
coffin-nails-hero-mudc-021822.jpg
www.makeup.com/-/media/project/loreal/brand-sites/mdc/americas/us/articles/2022/february/18-coffin-nails/
57 KB
58 KB
Image
General
Full URL
https://www.makeup.com/-/media/project/loreal/brand-sites/mdc/americas/us/articles/2022/february/18-coffin-nails/coffin-nails-hero-mudc-021822.jpg
Requested by
Host: omg.blog
URL: https://omg.blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9a6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d2976a19c2d29fc2d6bea2b893056c8f9af03cdad5a0e6d62dbefb9aa6b423f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://mycolorcoach-cpd.e-loreal.com
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 12:42:45 GMT
content-security-policy
frame-ancestors 'self' https://mycolorcoach-cpd.e-loreal.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
cf-cache-status
HIT
age
16200
cf-polished
origSize=59084, status=webp_bigger
content-disposition
inline; filename="coffin-nails-Hero-mudc-021822.jpg"
content-length
58213
request-context
appId=cid-v1:33790812-e034-48ae-b0ec-d11940962a8a
x-ua-compatible
IE=edge,chrome=1
cf-bgj
imgq:85,h2pri
last-modified
Fri, 18 Feb 2022 15:26:16 GMT
server
cloudflare
wsf-optimized
by=TwicPics(quality=70), fmt=jpg, origSize=60.7KB, size=57.7KB, responseTime=3ms
etag
4163b58f1ad742c395f496197d55a097
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
751c8f916d487157-YUL
access-control-allow-headers
content-type
expires
Thu, 28 Sep 2023 12:42:45 GMT
collect
stats.g.doubleclick.net/j/
1 B
434 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-255852-1&cid=2103452496.1664368965&jid=511625669&gjid=1961868011&_gid=1775662787.1664368965&_u=YEBAAEAAAAAAAC~&z=916473272
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://omg.blog/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 28 Sep 2022 12:42:45 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://omg.blog
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
v2snrxD1UaFubFRZUO_Kh_QfRrn8D4IwplSyWwueqHmAQqNc1dqwRGWMRimncnGw_RBECiRhL
unusedstone.com/
183 B
680 B
Fetch
General
Full URL
https://unusedstone.com/v2snrxD1UaFubFRZUO_Kh_QfRrn8D4IwplSyWwueqHmAQqNc1dqwRGWMRimncnGw_RBECiRhL
Requested by
Host: causecherry.com
URL: https://causecherry.com/v2/0/ibdEvFIE7B0Jqq1xzLAwE0EOTn2j_VOm35LsMpL2SVh-x3eNzNHjhIE1uNMhTs5EY10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:f8d1::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
a9707de9fcc1b7314a9c17b2fe862ff7c677fa8c0b6a3af80fd254df5588b602
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://omg.blog/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Wed, 28 Sep 2022 12:42:45 GMT
via
1.1 google
x-buildnumber
632800667
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
183
x-datacenter
gce-us-east1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://omg.blog
x-hostname
fen-hoothoot-us-east1-spot-6724
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Wed, 28 Sep 2022 12:42:44 GMT
/
sentry.io/api/265628/envelope/ Frame 228D
2 B
406 B
Fetch
General
Full URL
https://sentry.io/api/265628/envelope/?sentry_key=db1eaaeafb9044828c39cd41f9805164&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.12.1
Requested by
Host: open.spotifycdn.com
URL: https://open.spotifycdn.com/cdn/build/embed-legacy/vendor~embed-legacy.5731c9dc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.42.15 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
15.42.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://open.spotify.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 28 Sep 2022 12:42:45 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Server
nginx
vary
Origin
Content-Type
application/json
access-control-allow-origin
https://open.spotify.com
access-control-expose-headers
x-sentry-error, x-sentry-rate-limits, retry-after
x-envoy-upstream-service-time
0
Connection
keep-alive
Content-Length
2
/
apresolve.spotify.com/ Frame 228D
273 B
267 B
Fetch
General
Full URL
https://apresolve.spotify.com/?type=dealer&type=spclient
Requested by
Host: open.spotifycdn.com
URL: https://open.spotifycdn.com/cdn/build/embed-legacy/vendor~embed-legacy.5731c9dc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:524d:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
a16a07896c1d5b4ac3615ffbc71f9e4b5ba3de671f5eecd59fe34d8e466b2adf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://open.spotify.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 12:42:45 GMT
content-encoding
gzip
via
1.1 google
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
107
ab67616d0000b27336fe2eab1e3029478c2a5b31ab67616d0000b273697fb8f8dbdb58434a6857c4ab67616d0000b2738f72150da1b3037245f3f8b7ab67616d0000b273a620fd20b220c4bf513b40e5
mosaic.scdn.co/640/ Frame 228D
64 KB
65 KB
Image
General
Full URL
https://mosaic.scdn.co/640/ab67616d0000b27336fe2eab1e3029478c2a5b31ab67616d0000b273697fb8f8dbdb58434a6857c4ab67616d0000b2738f72150da1b3037245f3f8b7ab67616d0000b273a620fd20b220c4bf513b40e5
Requested by
Host: open.spotify.com
URL: https://open.spotify.com/embed-legacy/playlist/4GCVvY4NTIh0RJ3wu0ALzZ?utm_source=generator
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:79::760 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cc3684242d1f9336442aaeadacdeaecd351108c0e559d3aebf45b7ae4dba668b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://open.spotify.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

X-Served-By
cache-chi-klot8100102-CHI, cache-iad-kcgs7200145-IAD
Date
Wed, 28 Sep 2022 12:42:45 GMT
Surrogate-Key
/image/ab67616d0000b27336fe2eab1e3029478c2a5b31 /image/ab67616d0000b273697fb8f8dbdb58434a6857c4 /image/ab67616d0000b2738f72150da1b3037245f3f8b7 /image/ab67616d0000b273a620fd20b220c4bf513b40e5
Age
34587
Etag
"Q5d9tbK2Tbt7UEmZXxML08zWkL25MpmS07Nj2OximFk"
X-Cache
HIT, HIT
Fastly-Io-Info
ifsz=0 idim=640x640 ifmt=jpeg ofsz=65558 odim=640x640 ofmt=jpeg
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000
Connection
keep-alive
Fastly-Stats
io=1
Accept-Ranges
bytes
Content-Length
65558
X-Cache-Hits
10, 1
CircularSp-Bold-fe1cfc14b7498b187c78fa72fb72d148.woff2
encore.scdn.co/fonts/ Frame 228D
87 KB
88 KB
Font
General
Full URL
https://encore.scdn.co/fonts/CircularSp-Bold-fe1cfc14b7498b187c78fa72fb72d148.woff2
Requested by
Host: open.spotifycdn.com
URL: https://open.spotifycdn.com/cdn/build/embed-legacy/embed-legacy.831fa035.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:77::760 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
039130d456855a745451bff40707bee5512bc4466373224b2258f67cc6c6d879

Request headers

Referer
https://open.spotifycdn.com/
Origin
https://open.spotify.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 12:42:45 GMT
Content-Encoding
gzip
Age
1447002
X-Cache
HIT, HIT
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
Connection
keep-alive
Content-Length
89529
X-Served-By
cache-chi-klot8100163-CHI, cache-iad-kiad7000176-IAD
Last-Modified
Fri, 13 May 2022 11:38:50 GMT
ETag
"216b12b5a9657850b1b324e158454f8e"
x-goog-generation
1652441930609707
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
x-goog-stored-content-length
89529
Accept-Ranges
bytes
X-Cache-Hits
1, 99549
CircularSp-Book-4eaffdf96f4c6f984686e93d5d9cb325.woff2
encore.scdn.co/fonts/ Frame 228D
82 KB
83 KB
Font
General
Full URL
https://encore.scdn.co/fonts/CircularSp-Book-4eaffdf96f4c6f984686e93d5d9cb325.woff2
Requested by
Host: open.spotifycdn.com
URL: https://open.spotifycdn.com/cdn/build/embed-legacy/embed-legacy.831fa035.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:77::760 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9b7413f945c8b8bb3f75eb10513c7ad79d386e98494d541e5f1fa9301ffbddd6

Request headers

Referer
https://open.spotifycdn.com/
Origin
https://open.spotify.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 12:42:45 GMT
Content-Encoding
gzip
Age
3201043
X-Cache
HIT, HIT
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
Connection
keep-alive
Content-Length
84027
X-Served-By
cache-chi-kigq8000113-CHI, cache-iad-kiad7000129-IAD
Last-Modified
Fri, 13 May 2022 11:38:51 GMT
ETag
"f7b12903dd7a2d536ceb2b7cd1dba2c1"
x-goog-generation
1652441931211351
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
x-goog-stored-content-length
84027
Accept-Ranges
bytes
X-Cache-Hits
30320, 90527
CircularSp-Cyrl-Book-cc791a2e69e25c0440792bd855600ca7.woff2
encore.scdn.co/fonts/ Frame 228D
21 KB
21 KB
Font
General
Full URL
https://encore.scdn.co/fonts/CircularSp-Cyrl-Book-cc791a2e69e25c0440792bd855600ca7.woff2
Requested by
Host: open.spotifycdn.com
URL: https://open.spotifycdn.com/cdn/build/embed-legacy/embed-legacy.831fa035.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:77::760 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
58baf1ce691339d72a2438bf5ba6dac7ddab9c4ff78bb65af309936b71b8d2d6

Request headers

Referer
https://open.spotifycdn.com/
Origin
https://open.spotify.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 12:42:45 GMT
Content-Encoding
gzip
Age
706780
X-Cache
HIT, HIT
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
Connection
keep-alive
Content-Length
21263
X-Served-By
cache-chi-kigq8000064-CHI, cache-iad-kiad7000029-IAD
Last-Modified
Fri, 13 May 2022 11:38:52 GMT
ETag
"26cb707b9e9aeafbc89b780c44e67f53"
x-goog-generation
1652441932447096
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
x-goog-stored-content-length
21263
Accept-Ranges
bytes
X-Cache-Hits
1, 146
pixel
pxl.qccerttest.com/
35 B
549 B
Image
General
Full URL
https://pxl.qccerttest.com/pixel?r=1054212563;fpan=1;fpa=P0-1450509662-1664368965651;pbc=;ns=0;ce=1;qjs=1;qv=d18171e5-20220913105912;ref=;cm=;gdpr=0;d=omg.blog;dst=0;et=1664368965651;tzo=0;url=https%3A%2F%2Fomg.blog%2F;ogl=locale.en_US%2Ctype.website%2Ctitle.OMG%252EBLOG%20%7C%20The%20original%252C%20since%202003%252E%2Cdescription.Entertainment%20from%20a%20Queer%20perspective%252E%20Visit%20daily%20for%20LOLz%252C%20kittehs%252C%20LGBTQ%20sto%2Curl.https%3A%2F%2Fomg%252Eblog%2F%2Csite_name.OMG%252EBLOG%2Cimage.https%3A%2F%2Fomg%252Eblog%2Fwp-content%2Fuploads%2F2018%2F05%2FOMG-logo-final-blk%252Ejpg%2Cimage%3Awidth.1280%2Cimage%3Aheight.800%2Cimage%3Atype.image%2Fjpeg
Requested by
Host: omg.blog
URL: https://omg.blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:2800:11:615:7240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 10:14:35 GMT
via
1.1 c8e0acf79809da404c9ef6a70cdd4fde.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
PHL50-C1
age
8891
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
35
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 04 Aug 2022 16:01:04 GMT
server
AmazonS3
etag
"55d25e9dc950d5db4d53a3b195c046c6"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
image/gif
accept-ranges
bytes
x-amz-cf-id
LfkIwm93yfwet5JjgGE_edBseV76b-KxyYr0_G2Hvlr8KKf36EHXjQ==
pixel;r=495001578;labels=title.OMG%20BLOG%20%7C%20The%20original%20%20since%202003;source=gtm;rf=0;a=p-89e5PRr9xUpng;url=https%3A%2F%2Fomg.blog%2F;uht=2;fpan=0;fpa=P0-1450509662-1664368965651;pbc=;...
pixel.quantserve.com/
35 B
372 B
Image
General
Full URL
https://pixel.quantserve.com/pixel;r=495001578;labels=title.OMG%20BLOG%20%7C%20The%20original%20%20since%202003;source=gtm;rf=0;a=p-89e5PRr9xUpng;url=https%3A%2F%2Fomg.blog%2F;uht=2;fpan=0;fpa=P0-1450509662-1664368965651;pbc=;ns=0;ce=1;qjs=1;qv=d18171e5-20220913105912;cm=;gdpr=0;ref=;d=omg.blog;dst=0;et=1664368965656;tzo=0;ogl=locale.en_US%2Ctype.website%2Ctitle.OMG%252EBLOG%20%7C%20The%20original%252C%20since%202003%252E%2Cdescription.Entertainment%20from%20a%20Queer%20perspective%252E%20Visit%20daily%20for%20LOLz%252C%20kittehs%252C%20LGBTQ%20sto%2Curl.https%3A%2F%2Fomg%252Eblog%2F%2Csite_name.OMG%252EBLOG%2Cimage.https%3A%2F%2Fomg%252Eblog%2Fwp-content%2Fuploads%2F2018%2F05%2FOMG-logo-final-blk%252Ejpg%2Cimage%3Awidth.1280%2Cimage%3Aheight.800%2Cimage%3Atype.image%2Fjpeg;ses=455cdd0c-65e6-4f2f-bee3-b41b3ca9b540
Requested by
Host: omg.blog
URL: https://omg.blog/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:f059:4f7e:28a9:1588 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 12:42:45 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pubfig.min.js
a.pub.network/omg-blog/
146 KB
55 KB
Script
General
Full URL
https://a.pub.network/omg-blog/pubfig.min.js
Requested by
Host: omg.blog
URL: https://omg.blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f23c221c52bf156f3482cc7e3290d322b53eb1818e77a147667474132fa7796

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 12:42:45 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
54730
x-guploader-uploadid
ADPycdut6ysqXkAtdcHAPtbKup1uIFQMClWi0nXasoygX9hU1qWMUg5NuoMsTk26sfTSAfl3J8y20vLWU8i5dL4hC0YzGHAEs8Qc
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
last-modified
Tue, 27 Sep 2022 21:14:13 GMT
server
cloudflare
etag
W/"2a827aab2d9ab18a9d6bb0ae47c397ba"
vary
Accept-Encoding
x-goog-generation
1664313253436762
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=YwQROQ==, md5=KoJ6qy2asYqda7CuR8OXug==
access-control-expose-headers
*
cache-control
public, max-age=1800
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0D9rk5IZ0lRrctdU0s96%2FizyIWPPmYFhDb8KZmHZPgrDXi90jOO9aP%2Brho2Y%2FJTcFQYzc4I4XCOBLhFzBa%2FoEoO52LkU5bxi9rZVi4eCLPlVcWMZPa1ayvV%2FHYkiqZW5H2kDolGbcPT8p2w%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
149732
cf-ray
751c8f936dd8ecfa-YUL
expires
Tue, 27 Sep 2022 21:31:35 GMT
v2ylcVD996pdJTtaZ5eI1xtlRZrg8z2cuSHJeBywnKIYaGNUldJXuKwpnlknjqo0iP2z1mT42
unusedstone.com/
2 KB
1013 B
Fetch
General
Full URL
https://unusedstone.com/v2ylcVD996pdJTtaZ5eI1xtlRZrg8z2cuSHJeBywnKIYaGNUldJXuKwpnlknjqo0iP2z1mT42
Requested by
Host: causecherry.com
URL: https://causecherry.com/v2/0/ibdEvFIE7B0Jqq1xzLAwE0EOTn2j_VOm35LsMpL2SVh-x3eNzNHjhIE1uNMhTs5EY10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:f8d1::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
5f356f0b0c23b23c706db9f102433759d622cdf885f739548d4d10149accb5b2
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://omg.blog/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
gzip
via
1.1 google
date
Wed, 28 Sep 2022 12:42:45 GMT
x-buildnumber
632800667
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
987
x-datacenter
gce-us-east1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://omg.blog
x-hostname
fen-hoothoot-us-east1-spot-6724
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
events
gue1-spclient.spotify.com/gabo-receiver-service/public/v3/ Frame 228D
13 B
58 B
Fetch
General
Full URL
https://gue1-spclient.spotify.com/gabo-receiver-service/public/v3/events
Requested by
Host: open.spotifycdn.com
URL: https://open.spotifycdn.com/cdn/build/embed-legacy/vendor~embed-legacy.5731c9dc.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:1:b99:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
envoy /
Resource Hash
debf84af8d66827e1cbc6791aa686504e3116d8cb20f4697fef23108333061f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://open.spotify.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
content-type
application/json

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 28 Sep 2022 12:42:45 GMT
via
HTTP/2 edgeproxy, 1.1 google
server
envoy
content-type
application/json
access-control-allow-origin
https://open.spotify.com
cache-control
private, max-age=0
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39
events
gue1-spclient.spotify.com/gabo-receiver-service/public/v3/ Frame 228D
13 B
58 B
Fetch
General
Full URL
https://gue1-spclient.spotify.com/gabo-receiver-service/public/v3/events
Requested by
Host: open.spotifycdn.com
URL: https://open.spotifycdn.com/cdn/build/embed-legacy/vendor~embed-legacy.5731c9dc.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:1:b99:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
envoy /
Resource Hash
debf84af8d66827e1cbc6791aa686504e3116d8cb20f4697fef23108333061f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://open.spotify.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
content-type
application/json

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 28 Sep 2022 12:42:45 GMT
via
HTTP/2 edgeproxy, 1.1 google
server
envoy
content-type
application/json
access-control-allow-origin
https://open.spotify.com
cache-control
private, max-age=0
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39
events
gue1-spclient.spotify.com/gabo-receiver-service/public/v3/ Frame
0
0
Preflight
General
Full URL
https://gue1-spclient.spotify.com/gabo-receiver-service/public/v3/events
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:1:b99:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://open.spotify.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Origin,Content-Type,Spotify-App-Version,App-Platform,X-Spotify-Connection-Id,X-Client-Id,X-Spotify-Quicksilver-Uri,client-token,content-access-token,x-cloud-trace-context
access-control-allow-methods
DELETE,GET,PATCH,POST,PUT,OPTIONS
access-control-allow-origin
https://open.spotify.com
access-control-max-age
604800
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Wed, 28 Sep 2022 12:42:45 GMT
server
envoy
vary
Accept-Encoding
via
HTTP/2 edgeproxy, 1.1 google
events
gue1-spclient.spotify.com/gabo-receiver-service/public/v3/ Frame
0
0
Preflight
General
Full URL
https://gue1-spclient.spotify.com/gabo-receiver-service/public/v3/events
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:1:b99:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://open.spotify.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Origin,Content-Type,Spotify-App-Version,App-Platform,X-Spotify-Connection-Id,X-Client-Id,X-Spotify-Quicksilver-Uri,client-token,content-access-token,x-cloud-trace-context
access-control-allow-methods
DELETE,GET,PATCH,POST,PUT,OPTIONS
access-control-allow-origin
https://open.spotify.com
access-control-max-age
604800
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Wed, 28 Sep 2022 12:42:45 GMT
server
envoy
vary
Accept-Encoding
via
HTTP/2 edgeproxy, 1.1 google
get_access_token
open.spotify.com/ Frame 228D
247 B
258 B
Fetch
General
Full URL
https://open.spotify.com/get_access_token?reason=transport&productType=embed
Requested by
Host: open.spotifycdn.com
URL: https://open.spotifycdn.com/cdn/build/embed-legacy/vendor~embed-legacy.5731c9dc.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:1:c36:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
envoy /
Resource Hash
b4e6f9c9ed1af005d8c34943f2e29d1b65f253cc9653ab8bd093ca7d08c5f8ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept
application/json
Referer
https://open.spotify.com/embed-legacy/playlist/4GCVvY4NTIh0RJ3wu0ALzZ?utm_source=generator
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

sp-trace-id
9e7633c2e36b51f5
date
Wed, 28 Sep 2022 12:42:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
via
HTTP/2 edgeproxy, 1.1 google
server
envoy
vary
Accept-Encoding,Accept-Encoding
content-type
application/json; charset=utf-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
init
d.pub.network/v2/
41 KB
6 KB
XHR
General
Full URL
https://d.pub.network/v2/init?siteId=2189&env=PROD
Requested by
Host: a.pub.network
URL: https://a.pub.network/omg-blog/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.71.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
192.71.201.35.bc.googleusercontent.com
Software
/
Resource Hash
2509b4214be230d2e982f8bd655c8a6dcd58bd79046ac9a009657bed99d5422e

Request headers

Accept
application/json, text/plain, */*
Referer
https://omg.blog/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 12:42:45 GMT
content-encoding
gzip
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
content-type
application/json
access-control-allow-origin
https://omg.blog
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
_ate.track.config_resp
v1.addthisedge.com/live/boost/omgblog/
4 KB
1 KB
Script
General
Full URL
https://v1.addthisedge.com/live/boost/omgblog/_ate.track.config_resp
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.223.56.138 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-56-138.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a56e6fbb23b901cc18cae5a86fb60d2026cad83b2841bf5aaf46459c87fb9559

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 12:42:45 GMT
content-encoding
gzip
etag
54317224--gzip
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
public, max-age=1, s-maxage=86400
content-disposition
attachment; filename=1.txt
content-length
1293
300lo.json
m.addthis.com/live/red_lojson/
127 B
1 KB
Script
General
Full URL
https://m.addthis.com/live/red_lojson/300lo.json?si=6334414555eb37c0&bkl=0&bl=1&pdt=516&sid=6334414555eb37c0&pub=omgblog&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=omg.blog&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1664368965785&jsl=4097&uvs=63344145415715ac000&skipb=1&callback=addthis.cbs.jsonp__51062952615052890
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.223.56.138 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-56-138.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6b3624184777d76d8b1d77d954781b182fc5f166a26092bf9e07d963979f8bfd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

p3p
policyref="/w3c/p3p.xml", CP="NON ADM OUR DEV IND COM STA"
pragma
no-cache
date
Wed, 28 Sep 2022 12:42:45 GMT
cache-control
max-age=0, no-cache, no-store, no-transform
content-disposition
attachment; filename=1.txt
content-length
127
content-type
application/javascript;charset=utf-8
sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 58CA
0
0

sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 21BE
71 KB
26 KB
Document
General
Full URL
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.223.56.138 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-56-138.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://omg.blog/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
public, max-age=86313600
content-encoding
gzip
content-length
26421
content-type
text/html
date
Wed, 28 Sep 2022 12:42:45 GMT
etag
W/"5f971164-11adc"
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
p3p
CP="NON ADM OUR DEV IND COM STA"
server
nginx/1.15.8
strict-transport-security
max-age=15724800; includeSubDomains
timing-allow-origin
*
vary
Accept-Encoding
x-host
s7.addthis.com
beacon.js
sb.scorecardresearch.com/
4 KB
2 KB
Script
General
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/omg-blog/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-16.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 08:54:18 GMT
content-encoding
gzip
via
1.1 80d115dafe1d45606330f418d944b1ec.cloudfront.net (CloudFront)
last-modified
Tue, 28 Jun 2022 13:19:23 GMT
server
AmazonS3
x-amz-cf-pop
PHL50-C1
age
13708
x-amz-server-side-encryption
AES256
etag
W/"eaf85c1c6758e84acfe134efd70e9373"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
u-eQmcwoP-zVt7r6X721ietM2S4O1qJcUk5e9ydddXCGqcV2GxNbdQ==
pubfig.engine.4.33.1.151f798ea80a87430a17d382215f149c28c263b9.js
a.pub.network/core/pubfig/
428 KB
129 KB
Script
General
Full URL
https://a.pub.network/core/pubfig/pubfig.engine.4.33.1.151f798ea80a87430a17d382215f149c28c263b9.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/omg-blog/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b53179c92c5774652d81e19c690f7cf4dd593bfec88fc001dd798207548ca84a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 12:42:45 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
54821
x-guploader-uploadid
ADPycdvAghDrWP9DeX5YLchcQFdHRihckz1RQUk4ZQrOj0IvK1kLdpvPpPB2nOIhC8gUDTuiRlkL0bpA6JPCQdDhvhocNw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
last-modified
Thu, 22 Sep 2022 16:42:57 GMT
server
cloudflare
etag
W/"e9515732f6e3ec71efd4d2e04bc9a8ca"
vary
Accept-Encoding
x-goog-generation
1663864977464675
content-language
en
content-type
application/javascript
x-goog-hash
crc32c=lpGxVg==, md5=6VFXMvbj7HHv1NLgS8moyg==
access-control-expose-headers
*
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CHtUN%2BJlk72znnBoodiUqi326IhgFFcKl2k8MHDYPvmnDfl%2FdatdplOhMH%2B37lPjGMY8qZL4ciAJ8O7e7C11OYVcw53tvGcXdn6IwjKXYefWEgx6sGHwUsJI6HK2oGul4ZHlKzzU1aZrQDE%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
437996
access-control-allow-origin
*
cf-ray
751c8f949f47ecfa-YUL
expires
Tue, 27 Sep 2022 21:59:36 GMT
custom-messages.5799ddf75a30812a3d49.js
s7.addthis.com/static/
114 KB
28 KB
Script
General
Full URL
https://s7.addthis.com/static/custom-messages.5799ddf75a30812a3d49.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.223.56.138 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-56-138.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
6e91e73fa61993cea2208718d670f5ed1161039b2c7c9fe38e21cdbd5d5ab181
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
date
Wed, 28 Sep 2022 12:42:45 GMT
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
W/"5f971164-1c9fc"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86313600
x-host
s7.addthis.com
timing-allow-origin
*
content-length
28546
layers.fa6cd1947ce26e890d3d.js
s7.addthis.com/static/
263 KB
76 KB
Script
General
Full URL
https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.223.56.138 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-56-138.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
date
Wed, 28 Sep 2022 12:42:45 GMT
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
W/"5f971164-41cf5"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86313600
x-host
s7.addthis.com
timing-allow-origin
*
content-length
77617
1f36c.svg
s.w.org/images/core/emoji/14.0.0/svg/
1 KB
800 B
Image
General
Full URL
https://s.w.org/images/core/emoji/14.0.0/svg/1f36c.svg
Requested by
Host: omg.blog
URL: https://omg.blog/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
s.w.org
Software
nginx /
Resource Hash
f63e8881aa5a91bcbb208d40f8236dff8ed953f4a5254ac435fd61369b4be573
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-nc
HIT yyz 1
date
Wed, 28 Sep 2022 12:42:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 12 Apr 2022 03:47:26 GMT
server
nginx
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
300vi.png
m.addthis.com/live/red_lojson/
0
110 B
Image
General
Full URL
https://m.addthis.com/live/red_lojson/300vi.png?cad=ecba%3Dcm66&positions=cm66%3Dtop&goals=cm66%3Demail&first=1&rv=0&uvs=63344145415715ac&pub=omgblog&dp=omg.blog&rev=v8.28.8-wp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.223.56.138 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-56-138.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 12:42:45 GMT
cache-control
max-age=0, no-cache, no-store
expires
Wed, 28 Sep 2022 12:42:45 GMT
config.js
confiant-integrations.global.ssl.fastly.net/qaKtxuL1KR_2Tfmz0NmPaAudsBc/gpt_and_prebid/
94 KB
23 KB
Script
General
Full URL
https://confiant-integrations.global.ssl.fastly.net/qaKtxuL1KR_2Tfmz0NmPaAudsBc/gpt_and_prebid/config.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.33.1.151f798ea80a87430a17d382215f149c28c263b9.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7b381bac39a627d9c9cfb5cc7c1cb175b9e2222db0a32aa10384652c5c521eee

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 12:42:46 GMT
Content-Encoding
gzip
Via
1.1 varnish
x-amz-request-id
P7X697YPCDQW1FNQ
Age
449
X-Cache
HIT
Connection
keep-alive
Content-Length
23019
x-amz-id-2
65jVINeRS6Z8gyzCI23ahoCOTBh1/NPfrSg0fcQ4kY/24+m/YuYhRdHajks4ItJanwNxDL0SrTo=
X-Served-By
cache-yul12832-YUL
Last-Modified
Wed, 28 Sep 2022 11:47:35 GMT
Server
AmazonS3
X-Timer
S1664368966.025480,VS0,VE0
ETag
"34a3890e3bf9eb8f23fdf83c78bd8c0c"
Content-Type
text/javascript
Cache-Control
public, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
X-Cache-Hits
139
gpt.js
www.googletagservices.com/tag/js/
80 KB
28 KB
Script
General
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.33.1.151f798ea80a87430a17d382215f149c28c263b9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2f0bd473759754b644e710675d5f28995f2b1f7bc36097dd583782cd14e979c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 12:42:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27714
x-xss-protection
0
server
sffe
etag
"1347 / 31 of 1000 / last-modified: 1664363254"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 28 Sep 2022 12:42:46 GMT
tag
btloader.com/
Redirect Chain
  • https://freestar-io.videoplayerhub.com/gallery.js
  • https://btloader.com/tag?h=freestar-io&upapi=true
861 KB
103 KB
Script
General
Full URL
https://btloader.com/tag?h=freestar-io&upapi=true
Protocol
H2
Server
2606:4700:20::681a:68b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5afe60d866d05de71ddfecf058a97f9ccce78c198c5bfde9a51494e3728407cb

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 12:42:46 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 28 Sep 2022 12:02:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2304
etag
W/"84c50228360d9c71f11dfa91f4993a7c"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SUzVdF%2BwMgQBpqYtgC5Sn9A8HQimlz8QH9h7%2B0QXa3mRAkWIXVRWYl7emsWaToFivrT49addb0PdsY5imrtEj5TCdXvTwpOa%2FZxjeA0VXWSbqtj2yQB7aIi62%2F4kLtgVDG5cBwkhAwirSw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=86400
cf-ray
751c8f961c7decee-YUL

Redirect headers

date
Wed, 28 Sep 2022 12:42:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W1I5hvhHJH2QNP7UKgWkJmP0GHQKhy3ha%2F8M5UNxRsK8rvifJN4VjxvGnA9wM%2F48ECiHIFBlu7X90YAHLwEodkEukqk3JHinNquhg%2BwPRpar%2FYsSt2k00AlbI%2B1f4QFFRlf0UbhcnZTSir5XkYUQagxdfi%2FRfe%2FQjJlLMg%3D%3D"}],"group":"cf-nel","max_age":604800}
location
https://btloader.com/tag?h=freestar-io&upapi=true
cache-control
max-age=3600
cf-ray
751c8f95bbec713e-YUL
expires
Wed, 28 Sep 2022 13:42:46 GMT
184310-82987131453484.js
js-sec.indexww.com/ht/p/
36 KB
13 KB
Script
General
Full URL
https://js-sec.indexww.com/ht/p/184310-82987131453484.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.33.1.151f798ea80a87430a17d382215f149c28c263b9.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
3c8a8f4d7fc689c26598752a7d8413962509ec55d6f906f49380c653c3a90e54

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 12:42:46 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Sep 2022 11:46:40 GMT
Server
Apache
ETag
"da3cdd-8ed4-5e9bb505da0a3"
Vary
Accept-Encoding
Content-Type
text/javascript
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=426
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12543
Expires
Wed, 28 Sep 2022 12:49:52 GMT
prebid-analytics-6.19.13.js
a.pub.network/core/
533 KB
150 KB
Script
General
Full URL
https://a.pub.network/core/prebid-analytics-6.19.13.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.33.1.151f798ea80a87430a17d382215f149c28c263b9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70fbc2bab5280ce8aa1b20c58a0df76cfaff01701e7f99f5216a986714955f5d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 12:42:46 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
54820
x-guploader-uploadid
ADPycduzTMglc3JHPDdz5re5KBX4h6y6FegChxkYEFHtGmstOu92YGhywsrdX8DTdtnfdNMphvRCZKhD7hhhemsKR7JM7csf5Qxx
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
last-modified
Tue, 28 Jun 2022 15:25:08 GMT
server
cloudflare
etag
W/"b8b371d9c59a412918c1649c4ab4fa8f"
vary
Accept-Encoding
x-goog-generation
1656429908313193
content-type
text/html
access-control-allow-origin
*
x-goog-hash
crc32c=xBWN/w==, md5=uLNx2cWaQSkYwWScSrT6jw==
content-language
en
access-control-expose-headers
*
cache-control
private, max-age=86400
x-goog-stored-content-length
545828
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g8JLlujXUftpQt5ZGnRmI3pTfKNF1lHPOPl%2BFJMoi2KFPq%2BznQnxL412paQVwt87FbjBY6%2FAgc2uHT2sPilfvEuAyb8JaDCL6OxW4Ps0seSLSNuPzuVGkPJ9uVSGNYQsIvfJzKvtP%2BvaSmE%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
751c8f95986eecfa-YUL
expires
Wed, 27 Sep 2023 21:29:06 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=23384447&cs_ucfr=&cs_it=b3&cv=3.8.0.210223&ns__t=1664368966025&ns_c=UTF-8&c7=https%3A%2F%2Fomg.blog%2F&c8=OMG.BLOG%20-%20The%20original%2C%20since%202003....
  • https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_ucfr=&cs_it=b3&cv=3.8.0.210223&ns__t=1664368966025&ns_c=UTF-8&c7=https%3A%2F%2Fomg.blog%2F&c8=OMG.BLOG%20-%20The%20original%2C%20since%202003...
0
190 B
Image
General
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_ucfr=&cs_it=b3&cv=3.8.0.210223&ns__t=1664368966025&ns_c=UTF-8&c7=https%3A%2F%2Fomg.blog%2F&c8=OMG.BLOG%20-%20The%20original%2C%20since%202003.&c9=
Protocol
H2
Server
13.224.214.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-16.phl50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 12:42:46 GMT
via
1.1 80d115dafe1d45606330f418d944b1ec.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
x-amz-cf-id
STTIRJdzuNJGd4L7JFNzNYNzuWL0gSl-OMuQB110UI6ojxn0MVorsg==
x-cache
Miss from cloudfront

Redirect headers

location
/b2?c1=2&c2=23384447&cs_ucfr=&cs_it=b3&cv=3.8.0.210223&ns__t=1664368966025&ns_c=UTF-8&c7=https%3A%2F%2Fomg.blog%2F&c8=OMG.BLOG%20-%20The%20original%2C%20since%202003.&c9=
date
Wed, 28 Sep 2022 12:42:46 GMT
via
1.1 80d115dafe1d45606330f418d944b1ec.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
content-length
0
x-amz-cf-id
dXRRkkI1WXNLacHRs9dSwnv-ewcyiBBPWfFDm_xLtCLGVXGzq2ePcg==
x-cache
Miss from cloudfront
wrap.js
confiant-integrations.global.ssl.fastly.net/gptprebidnative/202209061116/
202 KB
65 KB
Script
General
Full URL
https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202209061116/wrap.js
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/qaKtxuL1KR_2Tfmz0NmPaAudsBc/gpt_and_prebid/config.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4dd9a0a89a6f744f971d703a692ba46ac458994d236cff82a8f79a0d1980d4d6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 12:42:46 GMT
Content-Encoding
gzip
Via
1.1 varnish
x-amz-request-id
6YAM0F6YY433SV0Y
Age
156325
X-Cache
HIT
Connection
keep-alive
Content-Length
65932
x-amz-id-2
V/KsZeUml9OPtn8DD0LGMUba2pK1GX3V3q+t55b+Hb7VGylg+mTtICNrkG4dWAZ2HsqsYs+quZI=
X-Served-By
cache-yul12832-YUL
Last-Modified
Tue, 06 Sep 2022 17:14:03 GMT
Server
AmazonS3
X-Timer
S1664368966.046490,VS0,VE0
ETag
"ff03fa033abd214ac10b94ea9d102f86"
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=864000
Accept-Ranges
bytes
X-Cache-Hits
259822
headerstats
as-sec.casalemedia.com/
0
502 B
XHR
General
Full URL
https://as-sec.casalemedia.com/headerstats?s=222024&u=https%3A%2F%2Fomg.blog%2F&v=3
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184310-82987131453484.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://omg.blog/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 12:42:46 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TF9x%2FIKjULIRXcy%2FYzClPMGyLIZbNMu6bNKE13X2GV%2Fa3jVe7srgvXhoCcOjuVVjKtVQp4MQqAkjFugLpHwrYFA8RKKYA2s21Dj%2FGl0J2l%2Bm7KEmsfQL2kNolXco%2BUDGid%2F1Tjtr3GA%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://omg.blog
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
751c8f96897fa22c-YYZ
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
pubads_impl_2022092201.js
securepubads.g.doubleclick.net/gpt/
379 KB
129 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b326a1469c739c2ef2e5ff8b87f3824156131ed264eddbe1049410de4696426c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 07:07:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20136
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131358
x-xss-protection
0
last-modified
Thu, 22 Sep 2022 08:36:30 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 28 Sep 2023 07:07:10 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
172 B
742 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=omg.blog
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fa7ac2f1a68a039b6fd1e774c0c7d76bc1f9de3c5e78c7977bec02d73f0445b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 12:42:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
106
x-xss-protection
0
expires
Wed, 28 Sep 2022 12:42:46 GMT
px.gif
ad-delivery.net/
43 B
874 B
Image
General
Full URL
https://ad-delivery.net/px.gif?ch=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 12:42:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1345811
x-guploader-uploadid
ADPycdupfa7KCtOe0TVtQ1XEXjEqBcYS55h5xltmciWkwyT05QVbX3hl2G6BY1wwXXVxP-9l4WeFTPgHVnUrgCoq0nDtipi3Jg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J%2FHzgMXWW4g8Pq5Egs%2FsG%2BVu%2B8tG0SyO3MvnyvY1rd0EwLP6YhStQGn9N%2FFmjU05YANgKkfSm2RnFNPbEywshdjeKmuA%2FZjTXNXxxVRg10DX%2BjCTMp8J7QFbNlrw%2BWk9uv1w3TA9Hb3jpK2zVA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
751c8f96f8fc714b-YUL
expires
Mon, 12 Sep 2022 23:41:40 GMT
favicon.ico
ad.doubleclick.net/
1 KB
664 B
Image
General
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 18:50:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
64364
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 28 Sep 2022 18:50:02 GMT
px.gif
ad-delivery.net/
43 B
338 B
Image
General
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.29719290563168266
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 12:42:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1345811
x-guploader-uploadid
ADPycdupfa7KCtOe0TVtQ1XEXjEqBcYS55h5xltmciWkwyT05QVbX3hl2G6BY1wwXXVxP-9l4WeFTPgHVnUrgCoq0nDtipi3Jg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=khNxluT10OMlNi8ndDdpw%2B4JOJOx6uaUXm71ogx5OK5dKid6xp3iSDE46YGR%2BTaCMKHELuffcMBWLyWXeEIDXjLdqlX6sCDK54oDi3ihkeO3TVtflWKssVQHNIDgsrcHn88PsgqKm0PUh%2FwYVA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
751c8f9708ff714b-YUL
expires
Mon, 12 Sep 2022 23:41:40 GMT
1f36c.svg
s.w.org/images/core/emoji/14.0.0/svg/
1 KB
823 B
Image
General
Full URL
https://s.w.org/images/core/emoji/14.0.0/svg/1f36c.svg
Requested by
Host: omg.blog
URL: https://omg.blog/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
s.w.org
Software
nginx /
Resource Hash
f63e8881aa5a91bcbb208d40f8236dff8ed953f4a5254ac435fd61369b4be573
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-nc
HIT yyz 1
date
Wed, 28 Sep 2022 12:42:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 12 Apr 2022 03:47:26 GMT
server
nginx
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
floors
api.floors.dev/sgw/v1/ Frame
0
0
Preflight
General
Full URL
https://api.floors.dev/sgw/v1/floors
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.238.208 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
208.238.227.35.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-api-key
Access-Control-Request-Method
POST
Origin
https://omg.blog
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key
access-control-allow-methods
ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
access-control-allow-origin
https://omg.blog
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
date
Wed, 28 Sep 2022 12:42:46 GMT
expires
0
pragma
no-cache
strict-transport-security
max-age=31536000;includeSubDomains;preload;
via
1.1 google
floors
api.floors.dev/sgw/v1/
2 KB
2 KB
Fetch
General
Full URL
https://api.floors.dev/sgw/v1/floors
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.33.1.151f798ea80a87430a17d382215f149c28c263b9.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.238.208 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
208.238.227.35.bc.googleusercontent.com
Software
/
Resource Hash
8ae31769cc172a31c7fd9dff9b3cc7ea0e7aa51858538a4ee600744a877b6b52
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload;

Request headers

Referer
https://omg.blog/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
x-api-key
4e799501-b8b6-4ef1-bad5-225b3dd1aa8d
Content-Type
application/json

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 12:42:46 GMT
strict-transport-security
max-age=31536000;includeSubDomains;preload;
via
1.1 google
access-control-max-age
3600
access-control-allow-methods
ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
content-type
application/json
access-control-allow-origin
https://omg.blog
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
pv
api.btloader.com/
0
128 B
XHR
General
Full URL
https://api.btloader.com/pv?tid=VLypLjtqMH&w=5711396166696960&o=5714937848528896&cv=2.0.10-11-g48983ca&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fomg.blog%2F&upapi=true
Requested by
Host: freestar-io.videoplayerhub.com
URL: https://freestar-io.videoplayerhub.com/gallery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 28 Sep 2022 12:42:46 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
apstag.js
c.amazon-adsystem.com/aax2/
167 KB
43 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.33.1.151f798ea80a87430a17d382215f149c28c263b9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.205.195 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-205-195.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
45877403f3c1932bbdbf87c7f02f250b9ddd3d5ed4dc59b30ac9c4f876d83d4b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 11:44:13 GMT
content-encoding
gzip
via
1.1 8348c06ca24c7faf1ae00ad6facc20b2.cloudfront.net (CloudFront), 1.1 a3553fd14d7dc73d33a5426ee64abf1c.cloudfront.net (CloudFront)
last-modified
Thu, 15 Sep 2022 20:15:37 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-P2, PHL50-C1
age
3513
x-amz-server-side-encryption
AES256
etag
W/"0b4d277527066dd35dd7c0288cb596b4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
wu1WaFhmsPSQailYcXuxyGyHZmSVMj_ZAFViP2bVNtEW7Rd10sxyAw==
fslogo-green.svg
a.pub.network/core/imgs/
1 KB
1 KB
Image
General
Full URL
https://a.pub.network/core/imgs/fslogo-green.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecc20ed3c5dedbe5bbe73d1e7b14270c65a85f7d0ec4c94c4f0c9f0071e471a2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 12:42:46 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
754
x-guploader-uploadid
ADPycdso0vt8SEftSY135Y-5SHww9N6ubBhJiYbqw1AtWtN-AR_8f7cGPcyb00YHTm-iABzPyeQ6aPHmyf_ALT0W3GyPPg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
last-modified
Tue, 08 Sep 2020 17:04:37 GMT
server
cloudflare
etag
W/"326d6cbd977657e1205bd616d1f2faca"
vary
Accept-Encoding
x-goog-hash
crc32c=Jh+rSg==, md5=Mm1svZd2V+EgW9YW0fL6yg==
x-goog-generation
1599584677716817
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AlVEu%2Fnq9oxcD%2BoJbBI%2FTr4cu4c%2BPsZmdPqSFbYYE6PepifWqMEIfeQf9EZgdtt1cauEHSuNtEROScWErNWpnM23p0uD5H%2BqGDkM3C%2BUTvoq056M5W92idmw8eZ1jse8KxKCEVyM3oJ8mgg%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
1193
cf-ray
751c8f99ad9aecfa-YUL
expires
Wed, 28 Sep 2022 13:30:12 GMT
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b60f65161ce3517c2794eecab25981c51ffbcbc951a781270403e2f3572d0290

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
liveView.php
live.primis.tech/live/
45 KB
17 KB
Script
General
Full URL
https://live.primis.tech/live/liveView.php?s=108645&cbuster=1664368967&pubUrl=https://omg.blog/&x=700&y=476&playerApiId=freestarPrimisPlayer&schain=1.0,1!freestar.com,974,1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.33.1.151f798ea80a87430a17d382215f149c28c263b9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:3e00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
3eddc363f526ebce3c6991cf515ad5d3dc4af39ba44a8c9381a0514a7e4afc99

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 12:42:46 GMT
content-encoding
gzip
via
1.1 53e905605490f05641e5a7bb370e4b1a.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
PHL50-C1
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
x-amz-cf-id
OIznHh_oTrtnIKS6mfi77jRvmdMZ6wHXgFF94uyIzNEMNCFozg3TRA==
quant.js
secure.quantserve.com/
26 KB
10 KB
Script
General
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.33.1.151f798ea80a87430a17d382215f149c28c263b9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:f059:4f7e:28a9:1588 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
34686cba28b7d374710a0b8204ae2cbce77ced594bcac71bef4f5260a8d99745

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 12:42:46 GMT
content-encoding
gzip
etag
"eN3sxSgaav0x5wHLxGB1gQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Wed, 05 Oct 2022 12:42:46 GMT
config
c.amazon-adsystem.com/cdn/prod/
736 B
1 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fomg.blog&pubid=0ab198dd-b265-462a-ae36-74e163ad6159
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.205.195 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-205-195.phl50.r.cloudfront.net
Software
Server /
Resource Hash
9cd0c52130a2ac95e21959817ca0ad8a7f85c72995e9ecd98e069ff5e01e2135

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 08:30:36 GMT
via
1.1 a3553fd14d7dc73d33a5426ee64abf1c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
PHL50-C1
age
15130
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://omg.blog
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
736
x-amz-cf-id
clXpYukMCWriumD5M9dPQT5vxExvq2AXJqVCazBAIN3yKRQqby0edQ==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.205.195 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-205-195.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-amz-version-id
I95TjGhhrR3O7F99m0mjPLrSrnJRj9o4
content-encoding
gzip
via
1.1 4ddb123c20d2dccf25d1f2d151f23b02.cloudfront.net (CloudFront)
date
Wed, 28 Sep 2022 06:06:11 GMT
x-amz-cf-pop
PHL50-C1
age
23796
x-cache
Hit from cloudfront
last-modified
Mon, 19 Sep 2022 09:37:07 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
8KFJwOzOTB2-G9L5sySaLHh61IK4zMb-NGPXuCcPTbl5pCLAVx_NpA==
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/
194 B
629 B
XHR
General
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fomg.blog%2F&pid=1JlVY62x3q04k&cb=0&ws=1600x1200&v=22.9.81452&t=1000&slots=%5B%7B%22sd%22%3A%22omgblog_adhesion%22%2C%22s%22%3A%5B%221x1%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F15184186%2C1020612%2Fomgblog_adhesion%22%7D%5D&schain=1.0%2C1!freestar.com%2C974%2C1%2C%2C%2C&pubid=0ab198dd-b265-462a-ae36-74e163ad6159&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.202.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-202-36.phl50.r.cloudfront.net
Software
Server /
Resource Hash
bc1ca07dd78c65c9ac66cd9dcbb0e0c421b0723f8d4d81e21dcedcf6dfc15924
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 12:42:47 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 39a169e5169cc741a7c793f95d144134.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
PHL50-C1
x-amz-rid
XYR1HATD2B70ESJYVNY9
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://omg.blog
access-control-allow-credentials
true
timing-allow-origin
*
content-length
194
x-amz-cf-id
9ebirWLM3eU5hL-ykeJRpsiLruuRuEI_iP4Odz4bi0M_mrrDb0oUbw==
cookie_sync
s2s.t13.io/
2 KB
745 B
XHR
General
Full URL
https://s2s.t13.io/cookie_sync
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-6.19.13.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.140.113 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
58bdc2e63366e9cb79fd6e94a0ece064d27b5c277366ba13bc65454b6bce4e5c

Request headers

Referer
https://omg.blog/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 12:42:46 GMT
content-encoding
gzip
via
1.1 google
content-type
application/json
access-control-allow-origin
https://omg.blog
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
527
expires
0
auction
s2s.t13.io/openrtb2/
475 B
396 B
XHR
General
Full URL
https://s2s.t13.io/openrtb2/auction
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-6.19.13.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.140.113 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
bc27e74be72b93d378bcb12603491b71e6650fa4d12adc3e5befb8f7046d4c4f

Request headers

Referer
https://omg.blog/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 12:42:46 GMT
content-encoding
gzip
via
1.1 google
x-prebid
pbs-java/1.94.0
content-type
application/json
access-control-allow-origin
https://omg.blog
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
309
expires
0
auction
tlx.3lift.com/header/
19 B
518 B
XHR
General
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.19.0&referrer=https%3A%2F%2Fomg.blog%2F&tmax=1200
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-6.19.13.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.153.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-153-18.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://omg.blog/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 12:42:46 GMT
accept-ch
sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink
x-auction-status
12
content-type
application/json; charset=utf-8
access-control-allow-origin
https://omg.blog
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
bidRequest
c2shb.ssp.yahoo.com/
62 B
458 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96941201747444131946df35500551&pos=8a9694120174744413194708f0170a00&cmd=bid&req=https%3A%2F%2Fomg.blog%2F&secure=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-6.19.13.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
fa6de599b363d36d766475724769cc3f9ff22e547bb1ae84e7a5d06490d0a6e2

Request headers

Referer
https://omg.blog/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 28 Sep 2022 12:42:46 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://omg.blog
access-control-allow-credentials
true
content-length
62
fastlane.json
fastlane.rubiconproject.com/a/api/
493 B
1 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=2117812&size_id=2&alt_size_ids=221&rp_schain=1.0,1!freestar.com,974,1,,,&eid_pubcid.org=d500c64f-8f86-46aa-b190-4ac074facbbd%5E1&rf=https%3A%2F%2Fomg.blog%2F&tg_i.name=omg-blog&tg_i.domain=omg.blog&tg_i.cat=IAB1%2CIAB1-2&tg_i.sectioncat=IAB1%2CIAB1-2&tg_i.pagecat=IAB1%2CIAB1-2&tg_i.page=https%3A%2F%2Fomg.blog%2F&tg_i.fs_ad_product=stickyFooter&tg_i.pbadslot=%2F15184186%2Fomgblog_adhesion%2Fomgblog_adhesion&tk_flint=pbjs_lite_v6.19.0&x_source.tid=8005b57b-da46-4aa8-9110-b6e6878b0b8b&l_pb_bid_id=893044d25bc14&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F15184186%2Fomgblog_adhesion%2Fomgblog_adhesion&slots=1&rand=0.3649448825224748
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-6.19.13.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::42 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
dadb9818726b3952d1f2af97c27db3a1b1d7029006880125dc62c2f7a7177318

Request headers

Referer
https://omg.blog/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 12:42:47 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://omg.blog
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
493
expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/
0
111 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-6.19.13.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://omg.blog/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://omg.blog
date
Wed, 28 Sep 2022 12:42:46 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ads.yieldmo.com/exchange/
0
220 B
XHR
General
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=6.19.0&p=%5B%7B%22placement_id%22%3A%22omgblog_adhesion%22%2C%22callback_id%22%3A%22126d7f31abdd9f2%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%2C%5B1%2C1%5D%5D%2C%22ym_placement_id%22%3A%222662464007037722661%22%2C%22gpid%22%3A%22%2F15184186%2Fomgblog_adhesion%2Fomgblog_adhesion%22%7D%5D&page_url=https%3A%2F%2Fomg.blog%2F&bust=1664368966818&dnt=false&description=Entertainment%20from%20a%20Queer%20perspective.%20Visit%20daily%20for%20LOLz%2C%20kittehs%2C%20LGBTQ%20stories%2C%20new%20music%2C%20man%20candy%2C%20and%20more.&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&pr=&scrd=1&title=OMG.BLOG%20-%20The%20original%2C%20since%202003.&w=1600&h=1200&pubcid=d500c64f-8f86-46aa-b190-4ac074facbbd&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.com%22%2C%22sid%22%3A%22974%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22d500c64f-8f86-46aa-b190-4ac074facbbd%22%2C%22atype%22%3A1%7D%5D%7D%5D
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-6.19.13.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.236.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-236-203.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://omg.blog/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://omg.blog
pragma
no-cache
date
Wed, 28 Sep 2022 12:42:46 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
cdb
bidder.criteo.com/
18 B
306 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.19.0&cb=93431730280
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-6.19.13.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://omg.blog/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 28 Sep 2022 12:42:46 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://omg.blog
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
v1
btlr.sharethrough.com/universal/
0
226 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-6.19.13.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.86.215.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-86-215-116.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://omg.blog/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://omg.blog
date
Wed, 28 Sep 2022 12:42:46 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
imp
g2.gumgum.com/hbid/
1 KB
1 KB
XHR
General
Full URL
https://g2.gumgum.com/hbid/imp?lt=1664368966822&to=0&aun=omgblog_adhesion&pubcid=d500c64f-8f86-46aa-b190-4ac074facbbd&gpid=%2F15184186%2Fomgblog_adhesion%2Fomgblog_adhesion&maxw=728&maxh=90&si=14287&pi=3&bf=728x90%2C1x1&schain=1.0%2C1!freestar.com%2C974%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fomg.blog%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.19.0%22%7D&ogu=https%3A%2F%2Fomg.blog%2F&ns=10240
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-6.19.13.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.196.50.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-196-50-31.compute-1.amazonaws.com
Software
nginx /
Resource Hash
12e65339d4c575c65f00de427e757f4ecdb0bdbffb7af11e5e452c51cb6f3053

Request headers

Referer
https://omg.blog/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 12:42:46 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://omg.blog
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/
1 KB
1 KB
XHR
General
Full URL
https://g2.gumgum.com/hbid/imp?lt=1664368966823&to=0&aun=omgblog_adhesion&pubcid=d500c64f-8f86-46aa-b190-4ac074facbbd&gpid=%2F15184186%2Fomgblog_adhesion%2Fomgblog_adhesion&t=ikg7mqd8&pi=2&schain=1.0%2C1!freestar.com%2C974%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fomg.blog%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.19.0%22%7D&ogu=https%3A%2F%2Fomg.blog%2F&ns=10240
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-6.19.13.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.196.50.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-196-50-31.compute-1.amazonaws.com
Software
nginx /
Resource Hash
7a03bef9859a124f2e5a6c2bee1a757bcfc70c97c8150294c4ea212fa4b9982b

Request headers

Referer
https://omg.blog/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 12:42:46 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://omg.blog
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
cygnus
htlb.casalemedia.com/
37 B
564 B
XHR
General
Full URL
https://htlb.casalemedia.com/cygnus?s=692001&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%222073cd92a5d7f5b%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fomg.blog%2F%22%2C%22name%22%3A%22omg-blog%22%2C%22domain%22%3A%22omg.blog%22%2C%22cat%22%3A%5B%22IAB1%22%2C%22IAB1-2%22%5D%2C%22sectioncat%22%3A%5B%22IAB1%22%2C%22IAB1-2%22%5D%2C%22pagecat%22%3A%5B%22IAB1%22%2C%22IAB1-2%22%5D%2C%22ref%22%3A%22%22%2C%22content%22%3A%7B%22data%22%3A%5B%7B%22name%22%3A%22www.freestar.com%22%2C%22ext%22%3A%7B%22taxonomyname%22%3A%22iab_content_taxonomy%22%7D%2C%22segment%22%3A%5B%5D%7D%5D%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.19.0%22%2C%22userIds%22%3A%5B%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2221aaaaa59fc4539%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A1%2C%22h%22%3A1%2C%22ext%22%3A%7B%22siteID%22%3A%22692001%22%2C%22sid%22%3A%221x1%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22692001%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F15184186%2Fomgblog_adhesion%22%2C%22gpid%22%3A%22%2F15184186%2Fomgblog_adhesion%2Fomgblog_adhesion%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.com%22%2C%22sid%22%3A%22974%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22d500c64f-8f86-46aa-b190-4ac074facbbd%22%7D%5D%7D%5D%7D%7D
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-6.19.13.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
997df7e9eb86e09fc303c5ac22a38cd16172b326039c71fbbad469fbe5bf6c5e

Request headers

Referer
https://omg.blog/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 12:42:46 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VYhdyE5e%2BdM5NkZ9472CIN9qG9%2BQWOdgxoppapJNZY3OjMgs1qabPNXdS%2BayjdE3%2Bt9e6YsgD%2BOtEnHq23cdm1h7gzUTaXyKfln35GuM4q6y%2FJIY1ElQ6WHkOhufe3geKqcwHp4u"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://omg.blog
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
751c8f9b19b7a1de-YYZ
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
prebid
ib.adnxs.com/ut/v3/
19 B
704 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-6.19.13.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.181.211 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://omg.blog/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 28 Sep 2022 12:42:46 GMT
AN-X-Request-Uuid
41bbc560-b461-4ce2-a299-f76c481c5d7c
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://omg.blog
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
149.56.153.181; 149.56.153.181; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
hb.emxdgt.com/
0
154 B
XHR
General
Full URL
https://hb.emxdgt.com/?t=1200&ts=1664368966830&src=pbjs
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-6.19.13.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.211.245.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-211-245-94.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://omg.blog/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://omg.blog
date
Wed, 28 Sep 2022 12:42:47 GMT
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
bidRequest
c2shb.pubgw.yahoo.com/
66 B
269 B
XHR
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-6.19.13.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
ef10b703755fde2a088572247ac40e477d452030c967403e720dbd985489fdcc

Request headers

Referer
https://omg.blog/
x-openrtb-version
2.5
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 28 Sep 2022 12:42:46 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://omg.blog
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://omg.blog
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://omg.blog
access-control-max-age
600
age
0
content-length
0
date
Wed, 28 Sep 2022 12:42:46 GMT
server
ATS/9.1.10.25
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/
54 KB
17 KB
Script
General
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: omg.blog
URL: https://omg.blog/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.217.43.215 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-217-43-215.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d80b9ba4d9ed354519644fd9d90aa446ec818d52a9b98395c80a43159dc0e887

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 12:42:46 GMT
content-encoding
gzip
last-modified
Thu, 08 Sep 2022 20:10:31 GMT
server
Apache
etag
"d71e-5e830058020dd-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17404
expires
Wed, 28 Sep 2022 12:57:46 GMT
id5-api.js
cdn.id5-sync.com/api/1.0/
56 KB
16 KB
Script
General
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: omg.blog
URL: https://omg.blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f0507591c49aa88fab2433451c6c3154c5d4450636b43b749afa1ae2521fe2f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 12:42:46 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 22 Sep 2022 13:13:44 GMT
server
cloudflare
x-amz-request-id
N4C64YTZ6VT36DXM
age
1359
etag
W/"68154020ef14b5881614607902c7c21b"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
751c8f9b0826ece2-YUL
x-amz-id-2
pIEXmwFUTML0DvmhD3QgoGhJIRt4zw2WqPN4tMxXZH71eq5d1TvEFmM6dL5o35EIFJBt8Ufie+5x2phF9ZyayQ==
liveView.php
live.primis.tech/live/ Frame C4EF
4 KB
2 KB
Script
General
Full URL
https://live.primis.tech/live/liveView.php?s=108645&cbuster=1664368967&pubUrl=https://omg.blog/&x=700&y=476&playerApiId=freestarPrimisPlayer&schain=1.0,1!freestar.com,974,1&cbuster=1664368966&pubUrlAuto=https%3A%2F%2Fomg.blog%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=108645&cbuster=1664368967&pubUrl=https://omg.blog/&x=700&y=476&playerApiId=freestarPrimisPlayer&schain=1.0,1!freestar.com,974,1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:3e00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b31aac70700609fcd23be2ea46aaffab114036e309fcf34c71d771b3bb6b5dd3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 12:42:46 GMT
content-encoding
gzip
via
1.1 53e905605490f05641e5a7bb370e4b1a.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
PHL50-C1
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
x-amz-cf-id
_xvJV2geLR8uAyQtdix0l63BY3Syw6oGaep7UMulVIvUR-cAJHAr7w==
/
onetag-sys.com/usync/ Frame C63A
2 KB
865 B
Document
General
Full URL
https://onetag-sys.com/usync/?redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-6.19.13.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.184 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip184.ip-51-222-39.net
Software
/
Resource Hash
2c8e6548c109376632da1a33dc7758a8c6347a18196012f617528295aee6d941
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://omg.blog/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
781
content-type
text/html
strict-transport-security
max-age=15552000
hls.0.12.4_3.min.js
live.primis.tech/content/video/hls/ Frame C4EF
258 KB
119 KB
Script
General
Full URL
https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=108645&cbuster=1664368967&pubUrl=https://omg.blog/&x=700&y=476&playerApiId=freestarPrimisPlayer&schain=1.0,1!freestar.com,974,1&cbuster=1664368966&pubUrlAuto=https%3A%2F%2Fomg.blog%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:3e00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
a20010b26bce05ea3cfc83cf3a162b7c16b5d2fa2bcf2253b0394b0eb322347a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 12:42:46 GMT
content-encoding
gzip
via
1.1 53e905605490f05641e5a7bb370e4b1a.cloudfront.net (CloudFront)
last-modified
Wed, 23 Mar 2022 12:48:35 GMT
server
nginx
x-amz-cf-pop
PHL50-C1
etag
W/"623b1723-409bc"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
x-amz-cf-id
_3npFH0jMNxIyk8eFcl7GjS07y0e6GbFE71NsT94Xe_jwOuedBc1UQ==
expires
Thu, 28 Sep 2023 12:42:46 GMT
prebidVid.7.16.0_1.min.js
live.primis.tech/content/prebid/ Frame C4EF
503 KB
256 KB
Script
General
Full URL
https://live.primis.tech/content/prebid/prebidVid.7.16.0_1.min.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=108645&cbuster=1664368967&pubUrl=https://omg.blog/&x=700&y=476&playerApiId=freestarPrimisPlayer&schain=1.0,1!freestar.com,974,1&cbuster=1664368966&pubUrlAuto=https%3A%2F%2Fomg.blog%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:3e00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
ed5d398635d1613a3b1bb2eee5a821b6f476747531af67fe37822079ecc6c3cf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 12:42:46 GMT
content-encoding
gzip
via
1.1 53e905605490f05641e5a7bb370e4b1a.cloudfront.net (CloudFront)
last-modified
Wed, 28 Sep 2022 08:26:20 GMT
server
nginx
x-amz-cf-pop
PHL50-C1
etag
W/"6334052c-7dc03"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
x-amz-cf-id
kRudGiUDC-yc7c-OHGafR2U7FLzbFYdh8S4uAXF9NsuicC75vhWUjw==
expires
Thu, 28 Sep 2023 12:42:46 GMT
liveVideo.php
live.primis.tech/live/ Frame C4EF
592 KB
239 KB
Script
General
Full URL
https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30392D32385F31357D7B7331363735373534337D7B4333317D7B536232316E4C6D4A736232633D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583730307D7B593437367D7B66317D7B7251554A554943386763484A6C596D6C6B546D5633566D5679494338674D6941764947356C64773D3D7D7B4C373734387DFEFE&userIpAddr=2607%3A5300%3A60%3A7867%3A%3A4&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F106.0.5249.61+Safari%2F537.36&debugInformation=ABT+%2F+prebidNewVer+%2F+2+%2F+new&isWePassGdpr=1&schain=1.0%2C1%21freestar.com%2C974%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&csuuid=63344146bfc14&debugInfo=16757543_ABT+%2F+prebidNewVer+%2F+2+%2F+new&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16757543&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2aaagrsuhioy&secondaryContent=&x=700&y=476&pubUrl=https%3A%2F%2Fomg.blog%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=0&gdprConsent=&contentFeedId=&geoLati=45.5178&geoLong=-73.6046&vpTemplate=7748&flowMode=below&isRealPreroll=0&playerApiId=freestarPrimisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=omg.blog
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=108645&cbuster=1664368967&pubUrl=https://omg.blog/&x=700&y=476&playerApiId=freestarPrimisPlayer&schain=1.0,1!freestar.com,974,1&cbuster=1664368966&pubUrlAuto=https%3A%2F%2Fomg.blog%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:3e00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
4456a9b952784b4c297f72a9f513a77247e31829c1d62bc1dbedea8fe8ae16f0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 12:42:46 GMT
content-encoding
gzip
via
1.1 53e905605490f05641e5a7bb370e4b1a.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
PHL50-C1
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
x-amz-cf-id
79ToFYoFMIzPmf1vnYf4bpJ--50kVbL9UjGxN8myYrhWbofQ4_xCfQ==
v1
lb.eu-1-id5-sync.com/lb/
33 B
322 B
XHR
General
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
8680d55c76951f58350157a289014d62aa65f9835f9efb5d20337b4a32c2766e

Request headers

Referer
https://omg.blog/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://omg.blog
date
Wed, 28 Sep 2022 12:42:46 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
v1
lbs.eu-1-id5-sync.com/lbs/
54 B
223 B
XHR
General
Full URL
https://lbs.eu-1-id5-sync.com/lbs/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2001:41d0:701:1000::96f , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
40a7c93dbb3d7aae527b04178537b93829cba062dbb336f5a6fc705e6d30fc79

Request headers

Referer
https://omg.blog/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://omg.blog
date
Wed, 28 Sep 2022 12:42:47 GMT
content-length
54
vary
Origin
content-type
application/json
setuid
s2s.t13.io/ Frame C63A
0
14 B
Image
General
Full URL
https://s2s.t13.io/setuid?bidder=onetag&gdpr=&gdpr_consent=&us_privacy=&f=b&uid=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.140.113 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 12:42:47 GMT
via
1.1 google
content-type
text/html
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0
pubfig.messaging.2.33.1.151f798ea80a87430a17d382215f149c28c263b9.js
a.pub.network/core/pubfig/
211 KB
68 KB
Script
General
Full URL
https://a.pub.network/core/pubfig/pubfig.messaging.2.33.1.151f798ea80a87430a17d382215f149c28c263b9.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.33.1.151f798ea80a87430a17d382215f149c28c263b9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afbb45574013867319967bfd48c437cb91ccd127cf70e96b7494d8f1907da7be

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 12:42:47 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
54822
x-guploader-uploadid
ADPycdvk-bZmG3nUQhaddS-k78eV6xEJu7mTlSOT7BsLL_nGCF_Mg7kXFiQpvuKBVQpGkB6qDvTSrfnq-mtKeKHxZF_75g
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
last-modified
Thu, 22 Sep 2022 16:43:01 GMT
server
cloudflare
etag
W/"f28bbf2786be7ea8f63761e368cc94d1"
vary
Accept-Encoding
x-goog-generation
1663864981564010
content-language
en
content-type
application/javascript
x-goog-hash
crc32c=d/KhbA==, md5=8ou/J4a+fqj2N2HjaMyU0Q==
access-control-expose-headers
*
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=COarPvwkUCHi6%2Fn9oRU8kL0VWq%2BDY%2Bt9YLS9bUBJrjuqHW7NUUIoqXXehrsxVMmlxwrpMs%2Fe0l6S1fbmqdANxnoEvB3U1JQeaOt36cz5fhD95%2FChPTnZmSXAZneck53VaRFH%2BLy53%2FusjCo%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
216515
access-control-allow-origin
*
cf-ray
751c8f9bf861ecfa-YUL
expires
Tue, 27 Sep 2022 21:59:37 GMT
primisslate.css
live.primis.tech/content/video/css/
18 KB
7 KB
Stylesheet
General
Full URL
https://live.primis.tech/content/video/css/primisslate.css
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30392D32385F31357D7B7331363735373534337D7B4333317D7B536232316E4C6D4A736232633D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583730307D7B593437367D7B66317D7B7251554A554943386763484A6C596D6C6B546D5633566D5679494338674D6941764947356C64773D3D7D7B4C373734387DFEFE&userIpAddr=2607%3A5300%3A60%3A7867%3A%3A4&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F106.0.5249.61+Safari%2F537.36&debugInformation=ABT+%2F+prebidNewVer+%2F+2+%2F+new&isWePassGdpr=1&schain=1.0%2C1%21freestar.com%2C974%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&csuuid=63344146bfc14&debugInfo=16757543_ABT+%2F+prebidNewVer+%2F+2+%2F+new&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16757543&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2aaagrsuhioy&secondaryContent=&x=700&y=476&pubUrl=https%3A%2F%2Fomg.blog%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=0&gdprConsent=&contentFeedId=&geoLati=45.5178&geoLong=-73.6046&vpTemplate=7748&flowMode=below&isRealPreroll=0&playerApiId=freestarPrimisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=omg.blog
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:3e00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
616f41fbbcf44ba72bb9c97132871526164c81d78f56a15e04ece1a44eb5606a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 12:42:47 GMT
content-encoding
gzip
via
1.1 53e905605490f05641e5a7bb370e4b1a.cloudfront.net (CloudFront)
last-modified
Wed, 09 Feb 2022 07:06:30 GMT
server
nginx
x-amz-cf-pop
PHL50-C1
etag
W/"620367f6-465a"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css
accept-ranges
bytes
x-amz-cf-id
eiEdJoaUWEF40uA5DQSUg2QC_CAeyyyB0SgL-SqwrZB2z2A1wnsrZA==
apstag.js
c.amazon-adsystem.com/aax2/ Frame C4EF
167 KB
43 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30392D32385F31357D7B7331363735373534337D7B4333317D7B536232316E4C6D4A736232633D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583730307D7B593437367D7B66317D7B7251554A554943386763484A6C596D6C6B546D5633566D5679494338674D6941764947356C64773D3D7D7B4C373734387DFEFE&userIpAddr=2607%3A5300%3A60%3A7867%3A%3A4&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F106.0.5249.61+Safari%2F537.36&debugInformation=ABT+%2F+prebidNewVer+%2F+2+%2F+new&isWePassGdpr=1&schain=1.0%2C1%21freestar.com%2C974%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&csuuid=63344146bfc14&debugInfo=16757543_ABT+%2F+prebidNewVer+%2F+2+%2F+new&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16757543&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2aaagrsuhioy&secondaryContent=&x=700&y=476&pubUrl=https%3A%2F%2Fomg.blog%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=0&gdprConsent=&contentFeedId=&geoLati=45.5178&geoLong=-73.6046&vpTemplate=7748&flowMode=below&isRealPreroll=0&playerApiId=freestarPrimisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=omg.blog
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.205.195 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-205-195.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
45877403f3c1932bbdbf87c7f02f250b9ddd3d5ed4dc59b30ac9c4f876d83d4b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 11:44:13 GMT
content-encoding
gzip
via
1.1 8348c06ca24c7faf1ae00ad6facc20b2.cloudfront.net (CloudFront), 1.1 a3553fd14d7dc73d33a5426ee64abf1c.cloudfront.net (CloudFront)
last-modified
Thu, 15 Sep 2022 20:15:37 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-P2, PHL50-C1
age
3514
x-amz-server-side-encryption
AES256
etag
W/"0b4d277527066dd35dd7c0288cb596b4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
eWyms1Me3DvC4luFlhqaVS9XIG-R_r_bKdjkjvy8WtaXVDgn7IqNiA==
ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame C4EF
91 B
898 B
XHR
General
Full URL
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=793790479&pt=17&dpn=1&jsver=5.09&iiqidtype=2&iiqpcid=9407f0ac-defd-463c-86ce-f6f71c191d08&iiqpciddate=1664368967053&iiqcallcount=0&iiqfailcount=0&iiqnodata=false&iiqlocalstorageenabled=true&tsrnd=61_1664368967057&cttl=43200000&rrtt=0&dud=0&abtg=A&iiqppcc=0&vrref=https%3A%2F%2Fomg.blog%2F&ref=omg.blog
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30392D32385F31357D7B7331363735373534337D7B4333317D7B536232316E4C6D4A736232633D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583730307D7B593437367D7B66317D7B7251554A554943386763484A6C596D6C6B546D5633566D5679494338674D6941764947356C64773D3D7D7B4C373734387DFEFE&userIpAddr=2607%3A5300%3A60%3A7867%3A%3A4&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F106.0.5249.61+Safari%2F537.36&debugInformation=ABT+%2F+prebidNewVer+%2F+2+%2F+new&isWePassGdpr=1&schain=1.0%2C1%21freestar.com%2C974%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&csuuid=63344146bfc14&debugInfo=16757543_ABT+%2F+prebidNewVer+%2F+2+%2F+new&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16757543&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2aaagrsuhioy&secondaryContent=&x=700&y=476&pubUrl=https%3A%2F%2Fomg.blog%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=0&gdprConsent=&contentFeedId=&geoLati=45.5178&geoLong=-73.6046&vpTemplate=7748&flowMode=below&isRealPreroll=0&playerApiId=freestarPrimisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=omg.blog
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-92.phl50.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
4f4673f71a15a153e0e3a25d79f694c762ce4697bc16488a94814048be59b37e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 12:42:47 GMT
via
1.1 4e2a7874b5959279490dd3b94b18a312.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
patent
https://www.almondnet.com/ip
pragma
no-cache
server
Apache-Coyote/1.1
vary
Origin
access-control-allow-methods
POST, GET
content-type
text/html
access-control-allow-origin
https://omg.blog
access-control-max-age
3600
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type, Accept, X-Requested-With, remember-me
x-amz-cf-id
2pWmiW5ORxfENy5JNkb77kkzNmXkQKOparfFlT0yZXnqmoGAdu9kBQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame C4EF
Redirect Chain
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=793790479&rnd=970528&iiqidtype=2&iiqpcid=9407f0ac-defd-463c-86ce-f6f71c191d08&iiqpciddate=1664368967053&tsrn...
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=793790479&rnd=970528&iiqidtype=2&iiqpcid=9407f0ac-defd-463c-86ce-f6f71c191d08&iiqpciddate=1664368967053&tsr...
  • https://pixel.rubiconproject.com/tap.php?v=12218&nid=2528&put=8Ci9HzX4HH&expires=1825&rnd=-647762211
42 B
690 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=12218&nid=2528&put=8Ci9HzX4HH&expires=1825&rnd=-647762211
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
9a0c641c0479142b55591fdf2031b15f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Wed, 28 Sep 2022 12:42:47 GMT
via
1.1 18235244f92adbfef142c197cb3eac0c.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
PHL50-C1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://pixel.rubiconproject.com/tap.php?v=12218&nid=2528&put=8Ci9HzX4HH&expires=1825&rnd=-647762211
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
patent
https://www.almondnet.com/ip
content-length
43
x-amz-cf-id
82TptXKnWvkc367CQ1ylWdIu_cbn6VylWm7EdRC0--8QBHG4tuBBJA==
expires
Thu, 01 Jan 1970 00:00:00 GMT
integrator.js
adservice.google.ca/adsid/
107 B
792 B
Script
General
Full URL
https://adservice.google.ca/adsid/integrator.js?domain=omg.blog
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 12:42:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
549 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=omg.blog
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 12:42:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
44 KB
18 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2360150523016300&correlator=2170658968972606&eid=44761478%2C31069103%2C44752585&output=ldjh&gdfp_req=1&vrg=2022092201&ptt=17&impl=fifs&iu_parts=15184186%3A1020612%2Comgblog_adhesion&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1%7C728x90&ifi=1&adks=85219409&sfv=1-0-38&fsapi=false&prev_scp=fsrefresh%3D0%26fsrebid%3D0%26floors_id%3Dfcc894%26floors_hour%3D12%26floors_user%3D1%26fs_placementName%3Domgblog_adhesion%26fs_ad_product%3DstickyFooter%26amznbid%3D2%26amznp%3D2%26fsbid%3D0&eri=1&cust_params=user-agent%3DChrome&sc=1&cookie_enabled=1&abxe=1&dt=1664368967105&lmt=1664368967&dlt=1664368964835&idt=1444&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fomg.blog%2F&frm=20&vis=1&psz=1600x-1&msz=1600x-1&fws=512&ohw=0&ga_vid=2103452496.1664368965&ga_sid=1664368967&ga_hid=528046359&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b7f718bb91fe5664639f129b2c07ed5a180883ec7ac8cf1b1e2dc230abff29d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 12:42:47 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18260
x-xss-protection
0
google-lineitem-id
5821154099
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138368960871
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://omg.blog
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/
15 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022092201&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dc50652b34905a6cbeb9ea2f7f7ce23014a8c0a1e05a94ab465886e5ff6ce82b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 12:42:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11274
x-xss-protection
0
container.html
1647f23214414d860cd291a591032202.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 594A
6 KB
4 KB
Document
General
Full URL
https://1647f23214414d860cd291a591032202.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://omg.blog/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 28 Sep 2022 12:42:47 GMT
expires
Thu, 28 Sep 2023 12:42:47 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
iu3
s.amazon-adsystem.com/ Frame 92F3
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-mediagrid_n-index_n-LoopMe_n-inmobi_cnv_pm-db5_n-simpli.fi_ym_rbd_ppt_n-nativo_an-db5_sovrn_3lift
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-mediagrid_n-index_n-LoopMe_n-inmobi_cnv_pm-db5_n-simpli.fi_ym_rbd_ppt_n-nativo_an-db5_sovrn_3lift&dcc=t
364 B
1 KB
Document
General
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-mediagrid_n-index_n-LoopMe_n-inmobi_cnv_pm-db5_n-simpli.fi_ym_rbd_ppt_n-nativo_an-db5_sovrn_3lift&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
9b9f51fabe5f4e043b1d2ead7f6d472b2ed1c8ce6569cc07d0d455d7232a91e2
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://omg.blog/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
364
Content-Type
text/html;charset=ISO-8859-1
Date
Wed, 28 Sep 2022 12:42:47 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
EBJT93R3KEMKNKM4EEQ7

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Wed, 28 Sep 2022 12:42:47 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-mediagrid_n-index_n-LoopMe_n-inmobi_cnv_pm-db5_n-simpli.fi_ym_rbd_ppt_n-nativo_an-db5_sovrn_3lift&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
9YX0K95W49ZTPZWPAGMN
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame C4EF
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.205.195 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-205-195.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-amz-version-id
I95TjGhhrR3O7F99m0mjPLrSrnJRj9o4
content-encoding
gzip
via
1.1 4ddb123c20d2dccf25d1f2d151f23b02.cloudfront.net (CloudFront)
date
Wed, 28 Sep 2022 06:06:11 GMT
x-amz-cf-pop
PHL50-C1
age
23797
x-cache
Hit from cloudfront
last-modified
Mon, 19 Sep 2022 09:37:07 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
syxMdDthtDGQwyCDOfmC9suSALzdlBdmN7bLPodOkeU9uqcXB6V4lQ==
c
c.pub.network/
36 B
350 B
XHR
General
Full URL
https://c.pub.network/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.messaging.2.33.1.151f798ea80a87430a17d382215f149c28c263b9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.71.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
192.71.201.35.bc.googleusercontent.com
Software
/
Resource Hash
b710ede2187af6ec0c482dfea4c5330cf150b2d5b8583b8356288eded3e32a32

Request headers

Referer
https://omg.blog/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 28 Sep 2022 12:42:47 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://omg.blog
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
setuid
s2s.t13.io/
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-N04C2m09Yy8f8.gif?idmatch=0
  • https://s2s.t13.io/setuid?bidder=quantcastfsx&gdpr=0&uid=rsSUj6zGk461lpHYqZGKiKiTlt21xZGP-sFMWI_o
55 B
55 B
Image
General
Full URL
https://s2s.t13.io/setuid?bidder=quantcastfsx&gdpr=0&uid=rsSUj6zGk461lpHYqZGKiKiTlt21xZGP-sFMWI_o
Protocol
H3
Server
34.107.140.113 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
08237e17f42b3142379a1a8eec5490b1eca14de55c1eb8d0883238a7935f83b3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 12:42:47 GMT
content-encoding
gzip
via
1.1 google
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
76
expires
0

Redirect headers

pragma
no-cache
date
Wed, 28 Sep 2022 12:42:47 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://s2s.t13.io/setuid?bidder=quantcastfsx&gdpr=0&uid=rsSUj6zGk461lpHYqZGKiKiTlt21xZGP-sFMWI_o
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
css
fonts.googleapis.com/
2 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto&display=swap
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30392D32385F31357D7B7331363735373534337D7B4333317D7B536232316E4C6D4A736232633D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583730307D7B593437367D7B66317D7B7251554A554943386763484A6C596D6C6B546D5633566D5679494338674D6941764947356C64773D3D7D7B4C373734387DFEFE&userIpAddr=2607%3A5300%3A60%3A7867%3A%3A4&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F106.0.5249.61+Safari%2F537.36&debugInformation=ABT+%2F+prebidNewVer+%2F+2+%2F+new&isWePassGdpr=1&schain=1.0%2C1%21freestar.com%2C974%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&csuuid=63344146bfc14&debugInfo=16757543_ABT+%2F+prebidNewVer+%2F+2+%2F+new&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16757543&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2aaagrsuhioy&secondaryContent=&x=700&y=476&pubUrl=https%3A%2F%2Fomg.blog%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=0&gdprConsent=&contentFeedId=&geoLati=45.5178&geoLong=-73.6046&vpTemplate=7748&flowMode=below&isRealPreroll=0&playerApiId=freestarPrimisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=omg.blog
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200a Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
df3ba57c1234e50c05735a0dedc033f43d5e638a97d5c51583cac8411d2ea34f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 28 Sep 2022 12:42:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 28 Sep 2022 11:10:16 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 28 Sep 2022 12:42:47 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame DF3E
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D63344146bfc14%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D0%26gdpr_consent%3D
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30392D32385F31357D7B7331363735373534337D7B4333317D7B536232316E4C6D4A736232633D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583730307D7B593437367D7B66317D7B7251554A554943386763484A6C596D6C6B546D5633566D5679494338674D6941764947356C64773D3D7D7B4C373734387DFEFE&userIpAddr=2607%3A5300%3A60%3A7867%3A%3A4&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F106.0.5249.61+Safari%2F537.36&debugInformation=ABT+%2F+prebidNewVer+%2F+2+%2F+new&isWePassGdpr=1&schain=1.0%2C1%21freestar.com%2C974%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&csuuid=63344146bfc14&debugInfo=16757543_ABT+%2F+prebidNewVer+%2F+2+%2F+new&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16757543&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2aaagrsuhioy&secondaryContent=&x=700&y=476&pubUrl=https%3A%2F%2Fomg.blog%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=0&gdprConsent=&contentFeedId=&geoLati=45.5178&geoLong=-73.6046&vpTemplate=7748&flowMode=below&isRealPreroll=0&playerApiId=freestarPrimisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=omg.blog
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.161.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-161-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://omg.blog/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=110192
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Wed, 28 Sep 2022 12:42:47 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Thu, 29 Sep 2022 19:19:19 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
liveCS.php
live.primis.tech/live/ Frame 7B22
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D63344146bfc14%26pixel%3D%26advId%3D94%26advUuid%3D%24...
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D63344146bfc14%26pixel%3D%26advId%3D94%26advUuid%3D%24...
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=63344146bfc14&pixel=&advId=94&advUuid=0e42515f-3f2b-11ed-b9dc-14caa66b0403
0
397 B
Document
General
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=63344146bfc14&pixel=&advId=94&advUuid=0e42515f-3f2b-11ed-b9dc-14caa66b0403
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30392D32385F31357D7B7331363735373534337D7B4333317D7B536232316E4C6D4A736232633D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583730307D7B593437367D7B66317D7B7251554A554943386763484A6C596D6C6B546D5633566D5679494338674D6941764947356C64773D3D7D7B4C373734387DFEFE&userIpAddr=2607%3A5300%3A60%3A7867%3A%3A4&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F106.0.5249.61+Safari%2F537.36&debugInformation=ABT+%2F+prebidNewVer+%2F+2+%2F+new&isWePassGdpr=1&schain=1.0%2C1%21freestar.com%2C974%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&csuuid=63344146bfc14&debugInfo=16757543_ABT+%2F+prebidNewVer+%2F+2+%2F+new&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16757543&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2aaagrsuhioy&secondaryContent=&x=700&y=476&pubUrl=https%3A%2F%2Fomg.blog%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=0&gdprConsent=&contentFeedId=&geoLati=45.5178&geoLong=-73.6046&vpTemplate=7748&flowMode=below&isRealPreroll=0&playerApiId=freestarPrimisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=omg.blog
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:3e00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://omg.blog/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
0
cache-control
no-store
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 28 Sep 2022 12:42:47 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
pragma
no-cache
server
nginx
vary
Accept-Encoding
via
1.1 53e905605490f05641e5a7bb370e4b1a.cloudfront.net (CloudFront)
x-amz-cf-id
wZM7hvuBDJle8FnDlGRAQgdCtg9sxolhYFBa0EDreIynVxk2ShavSw==
x-amz-cf-pop
PHL50-C1
x-cache
Miss from cloudfront

Redirect headers

access-control-allow-credentials
false
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length
0
content-type
text/plain
date
Wed, 28 Sep 2022 12:42:47 GMT
location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=63344146bfc14&pixel=&advId=94&advUuid=0e42515f-3f2b-11ed-b9dc-14caa66b0403
x-fe
412
liveCS.php
live.primis.tech/live/ Frame D0EE
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D63344146bfc14%26pixel%3D%26advId%3D98%26advU...
  • https://u.openx.net/w/1.0/cm?cc=1&id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D63344146bfc14%26pixel%3D%26advId%3D98%2...
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=63344146bfc14&pixel=&advId=98&advUuid=e164636c-d41d-4a8b-b73d-6b9b61f56845
0
399 B
Document
General
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=63344146bfc14&pixel=&advId=98&advUuid=e164636c-d41d-4a8b-b73d-6b9b61f56845
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30392D32385F31357D7B7331363735373534337D7B4333317D7B536232316E4C6D4A736232633D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583730307D7B593437367D7B66317D7B7251554A554943386763484A6C596D6C6B546D5633566D5679494338674D6941764947356C64773D3D7D7B4C373734387DFEFE&userIpAddr=2607%3A5300%3A60%3A7867%3A%3A4&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F106.0.5249.61+Safari%2F537.36&debugInformation=ABT+%2F+prebidNewVer+%2F+2+%2F+new&isWePassGdpr=1&schain=1.0%2C1%21freestar.com%2C974%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&csuuid=63344146bfc14&debugInfo=16757543_ABT+%2F+prebidNewVer+%2F+2+%2F+new&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16757543&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2aaagrsuhioy&secondaryContent=&x=700&y=476&pubUrl=https%3A%2F%2Fomg.blog%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=0&gdprConsent=&contentFeedId=&geoLati=45.5178&geoLong=-73.6046&vpTemplate=7748&flowMode=below&isRealPreroll=0&playerApiId=freestarPrimisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=omg.blog
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:3e00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://omg.blog/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
0
cache-control
no-store
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 28 Sep 2022 12:42:47 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
pragma
no-cache
server
nginx
vary
Accept-Encoding
via
1.1 53e905605490f05641e5a7bb370e4b1a.cloudfront.net (CloudFront)
x-amz-cf-id
GKc5LZHYFFFmNfCpRP3uLglYNG88fA6-nwDN5zylF5H4HKxpyRUqXA==
x-amz-cf-pop
PHL50-C1
x-cache
Miss from cloudfront

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
0
content-type
text/html
date
Wed, 28 Sep 2022 12:42:47 GMT
location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=63344146bfc14&pixel=&advId=98&advUuid=e164636c-d41d-4a8b-b73d-6b9b61f56845
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
liveView.php
live.primis.tech/live/ Frame C4EF
18 KB
5 KB
XHR
General
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0jJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMTtyMxZ2nWRyolUlRaVmZXJmJTJGY29hqzVlqGVxJTJGMwt1MmAyMxZ2nWRyo181ZDVvOWVyZzEmZzM3MwA1NDUjNwA3JTJGqzyxNwMmNDI3MTZxYTxlZwIlNmp4MmE3MS5gpDQyM0Z0o2fyM0Ryq29aSUNBZ0ygRaNnrUx2SUNKSVV6STFOnUymQ2yBZ0yDQWyxSGk3SWciZ0yepFuWQ0yLZyEhZXqiZ0yDQWqJoWk6Y3yJNxyDSyFwoWk0YVuNnUkBo2qJQ0FaSW5OMVycSTZJQ0y2ZFuCp2IlRzgwrTydYzcFNEjmWaBnR1Z2TDNWrycYSacMMx52Yz5noGNhUzknQmu5T0RVrx1DOTJuV1JfYwE4MVcEVzyPV1ZfWz1FrycgTTNNnxEkTxRVq05dQTNMM1cjWxRZrx16UXyOrxUlWxqFNU1gWXyNnzMmT0RNrE56RXVvWEEjSWy3S0yDQWqJQ0c1WW1ZnU9cQXuOnyxjTXcFrU5EQXqMQW9aSUNBZ0ygVwRwQ0x2SURFMx5dUTBNnxV6TURBS2ZRLyA3qGJBUVyYnDJ1oGNlNTF1NWylQVxmTHqLrGFUq2j2rDJwRFNwVyFzQW8zqzyxX2NioaRyoaRsnWQ9MwU0NmtkMvZ2nWRsY29hqGVhqF9xZXNwPVRbZSgSo3yuoCgGYW1coHxyRTIyODAyOTymK3NiY2yuoCggZWRcYSguY2NiqW50plgbYXZyK2JyZW4eqXBxYXRyZCg0olggYXJeK3RbZSgyozQeo2YeqGuyK29zZzywnWFfK21iqXJhnW5aK3BypzyiZCgzo3IeUXVyZW4eRWkcrzFvZXRbJaZcZF9wo250ZW50X3RcqGkyPVRbZSgSo3yuoCgGYW1coHxyRTIyODAyOTymK3NiY2yuoCggZWRcYSguY2NiqW50plgbYXZyK2JyZW4eqXBxYXRyZCg0olggYXJeK3RbZSgyozQeo2YeqGuyK29zZzywnWFfK21iqXJhnW5aK3BypzyiZCgzo3IeUXVyZW4eRWkcrzFvZXRbJaZcZF9wo250ZW50X2R1pzF0nW9hPTYkJzRyYaVaSW5zo3JgYXRco249QUJUKlUlRvgjpzVvnWROZXqWZXIeJTJGKmIeJTJGK25yqlZ4PTpjMCZ5PTQ3NvZjqWJVpzj9nHR0pHMyM0EyMxYyMxZioWphYzkiZlUlRvZlnT02QmY5NmY2NTUmNmQ2MTp0NmM3QmpmNxImMTqCNTQmMDqEN0I2NDMlMmAmMwMlMxQmMDM5MxQmMwM4NUYmMTM1N0Q3QwpmMmEmNwM3MmUmNmM1MmQmMmqEN0I0MmMmMmE3RDqCNTM2MwMlMmE2RTRDNxQ0QTpmNwImMwYmM0Q3RDqCNwI2MmY4NmI2RwZENwU3RDqCNmE2NDY1NmM2Qwp0NxY3MDqEN0I2Rwp3Nwx2RTY0NxY3NmpmN0Q3QwU4MmpmMDMjN0Q3QwU5MmQmNmM2N0Q3QwY2MmE3RDqCNmI1MTU1NEE1NTQ5NDMmODY3NwM0ODRBNxM1OTZENxM2QwU0NxQ1NwMmNTY2RDU2Nmx0OTQmMmt2NmRENwx0MTp2NDx0NmM1NxM2NDp3M0QmRDqEN0I0QmM3MmpmNDM4N0RGRUZFJzymQXBjPTAzp2Reqw0zZ2ViTGF0nT00NS41MTp4Jzqyo0kiozp9LTpmLwYjNDYzqXNypxyjQWRxpw0lNwA3JTNBNTMjMCUmQTYjJTNBNmt2NlUmQSUmQTQzqXNypyVBPU1irzyfoGEyMxY1LwAeJTI4V2yhZG93plgOVCfkMC4jJTNCK1qcowY0JTNCK3t2NCUlOSgBpHBfZVqyYxgcqCUlRwUmNl4mNvfyMwuLSFRNTCUlQlgfnWgyK0qyY2giJTI5K0Nbpz9gZSUlRwEjNv4jLwUlNDxhNwEeU2FzYXJcJTJGNTM3LwM2JaNwnGFcow0kLwAyMxMkJTIkZaJyZXN0YXIhY29gJTJDOTp0JTJDMSZjoGF5ZXJBpGyJZD1zpzVyp3RupyBlnW1cp1BfYXyypvZwp3V1nWQ9NwMmNDQkNDZvZzMkNCZwYaVmqGVlPTE2NwQmNwt5NwplNTx=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30392D32385F31357D7B7331363735373534337D7B4333317D7B536232316E4C6D4A736232633D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583730307D7B593437367D7B66317D7B7251554A554943386763484A6C596D6C6B546D5633566D5679494338674D6941764947356C64773D3D7D7B4C373734387DFEFE&userIpAddr=2607%3A5300%3A60%3A7867%3A%3A4&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F106.0.5249.61+Safari%2F537.36&debugInformation=ABT+%2F+prebidNewVer+%2F+2+%2F+new&isWePassGdpr=1&schain=1.0%2C1%21freestar.com%2C974%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&csuuid=63344146bfc14&debugInfo=16757543_ABT+%2F+prebidNewVer+%2F+2+%2F+new&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16757543&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2aaagrsuhioy&secondaryContent=&x=700&y=476&pubUrl=https%3A%2F%2Fomg.blog%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=0&gdprConsent=&contentFeedId=&geoLati=45.5178&geoLong=-73.6046&vpTemplate=7748&flowMode=below&isRealPreroll=0&playerApiId=freestarPrimisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=omg.blog
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:3e00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
2fefbbd9ab1e134e9156300c17f75fbf275390fc93364e4da7657ad535d8cbf2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 12:42:47 GMT
content-encoding
gzip
via
1.1 53e905605490f05641e5a7bb370e4b1a.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
PHL50-C1
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://omg.blog
content-type
application/json; charset=utf-8
cache-control
no-store
access-control-allow-credentials
true
content-length
4609
x-amz-cf-id
vZeHMenFpAIBRkXWg6c43PnJsjNXjva3ZQjAZ76ZhklHptiL9QtqXg==
liveView.php
live.primis.tech/live/
0
421 B
Image
General
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTUjJaNypaZypyRcoWU9MTY2NDM2ODx2NvZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTA4NwQ1JaN0YT0jJat9NmAjJax9NDp2JaZcZF9jYXNmRG9gYWyhPW9gZl5voG9aJaN1YxyxPW9gZl5voG9aJzRyYaVaSW5zo3JgYXRco249QUJUJTIjJTJGJTIjpHJyYzyxTzV3VzVlJTIjJTJGJTIjMvUlMCUlRvUlMG5yqlZcp0FjpD0jJaNxn3Y9JaJcPTZDNwx3NwY1NTM3NDYkNmQ3MmqDNmM2QwMkN0I1NDMjN0Q3QwY0MmImMDMlMmIlRDMjMmxlRDMlMmt1RwMkMmU3RDqCNmMmMTM2MmpmNTM3MmUmNDMmN0Q3QwQmMmMmMTqEN0I1MmYlMmImMTZFNEM2RDRBNmM2MwMlNwMmRDqEN0I2MwYmNwt3MwZGNxQ2NTqEN0I3MTY0NwU3MmZCNmQ2RwpjN0Q3QwZGNmp2OTZFNwQ2Rwp3NmM3RDqCNTtmNmMjMmA3RDqCNTxmNDM3MmY3RDqCNwYmMTqEN0I3MwUkNTU0QTU1NDx0MmM4Nwp2MmQ4NEE2QmU5NxQ2QmZCNTQ2RDU2MmM1NwZENTY3OTQ5NDMmODY3NEQ2OTQkNmY0OTQ3MmU2QmY0NmpmRDNEN0Q3QwRDMmpmNmM0Mmt3REZFRxUzZGyunWQ9JaVmZXJJpEFxZHI9MwYjNlUmQTUmMDAyM0E2MCUmQTp4NwpyM0EyM0E0JaVmZXJVQT1No3ccoGkuJTJGNS4jJTIjJTI4V2yhZG93plUlME5UJTIjMTAhMCUmQvUlMFqcowY0JTNCJTIjrDY0JTI5JTIjQXBjoGVXZWJLnXQyMxY1MmphMmYyMwAyMwuLSFRNTCUlQlUlMGkcn2UyMwBHZWNeolUlOSUlMENbpz9gZSUlRwEjNv4jLwUlNDxhNwEyMwBTYWZupzxyMxY1MmphMmYzY3N1qWyxPTYmMmQ0MTQ2YzZwMTQzY29hqGVhqEZcoGVJZD0jJz1yZGyuUGkurUkcp3RJZD0jJz1yZGyuTGymqEyxPTAzZ2Rjpw0jJzqxpHJDo25mZW50PSZcp1qyUGFmp0qxpHI9MSZwY3BuPTAzY2NjYUNioaNyoaQ9JzNvqXN0ZXI9MTY2NDM2ODx2NmI0NSZ1nWQ9U2VenW5xo1NQoGF5ZXI2MmM0NDE0NzVvMDBuJaB1YyVloD1bqHRjplUmQSUlRvUlRz9gZl5voG9aJTJGJzZfo2F0U3RuqHVmPWZuoHNyJzVcZHNjPWycpQ==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:3e00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 12:42:47 GMT
content-encoding
gzip
via
1.1 53e905605490f05641e5a7bb370e4b1a.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
PHL50-C1
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
x-amz-cf-id
zXcPhu1Ruo8qDULLtsmSm-ZwXlDNyCxDTI8HZf7kgeJ8m3fkRUoQ5A==
p-1ZHFxK2kGG5Cz.gif
pixel.quantserve.com/pixel/ Frame C4EF
35 B
210 B
Image
General
Full URL
https://pixel.quantserve.com/pixel/p-1ZHFxK2kGG5Cz.gif?labels=publisher.27975.space.108645,adsize.700x476
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:f059:4f7e:28a9:1588 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 28 Sep 2022 12:42:47 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame C4EF
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=sekindo&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=sekindo&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=c889e140-9c07-4ae9-92f9-0642e63aa07d&ssp=sekindo&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10594366284727598666&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.vi...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10594366284727598666&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26...
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=5c0fbc42-26a5-4a7e-82c4-c0b888aa62b0&ssp=sekindo&gdpr_consent=&gdpr=0
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10594366284727598666&ssp=sekindo&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=213860604288006275697&ssp=sekindo&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10594366284727598666&ssp=sekindo&gdpr=0&gdpr_consent=
  • https://live.primis.tech/live/liveCS.php?source=external&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D1267919208%26pcid%3Dc889e140-9c0...
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1267919208&pcid=c889e140-9c07-4ae9-92f9-0642e63aa07d&csh=
43 B
970 B
Image
General
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1267919208&pcid=c889e140-9c07-4ae9-92f9-0642e63aa07d&csh=
Protocol
H2
Server
13.224.214.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-95.phl50.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 12:42:48 GMT
via
1.1 18235244f92adbfef142c197cb3eac0c.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
PHL50-C1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
content-length
43
x-amz-cf-id
L570t8S2Qwbj6LS7kjkntCPhQCC59zjuSEaQ__uVjsKF8S1zzu4VgA==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 28 Sep 2022 12:42:48 GMT
via
1.1 53e905605490f05641e5a7bb370e4b1a.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
PHL50-C1
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1267919208&pcid=c889e140-9c07-4ae9-92f9-0642e63aa07d&csh=
content-type
text/html; charset=utf-8
cache-control
no-store
x-amz-cf-id
dk3c6rI7ERfiNA9PVVXBsIr2SAN2qbajERBHHoIcsGjEARxePwng6Q==
/
csync.loopme.me/ Frame C4EF
0
131 B
Image
General
Full URL
https://csync.loopme.me/?redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D63344146bfc14%26pixel%3D%26advId%3D93%26advUuid%3D%7Bdevice_id%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:ad6c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 12:42:47 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
751c8f9dab58714b-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
liveCS.php
live.primis.tech/live/ Frame C4EF
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=192962&cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D63344146bfc14%26pixel%3D%26advId%3D99%26advUuid%3D
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D63344146bfc14%26pixel%3D%26advId%3D99%26advUuid%3D&s=192962&C=1
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=63344146bfc14&pixel=&advId=99&advUuid=YzRBR-N0Fdi2CjE8Ei5dxQAAAc8AAAAB
0
398 B
Image
General
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=63344146bfc14&pixel=&advId=99&advUuid=YzRBR-N0Fdi2CjE8Ei5dxQAAAc8AAAAB
Protocol
H2
Server
2600:9000:20ed:3e00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 12:42:47 GMT
content-encoding
gzip
via
1.1 53e905605490f05641e5a7bb370e4b1a.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
PHL50-C1
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=utf-8
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
x-amz-cf-id
DbNMHjnzIfbk_zhLcwQaUoURyLyT4gXtsxKsYXL4pUTDR36zHNKKqg==

Redirect headers

pragma
no-cache
date
Wed, 28 Sep 2022 12:42:47 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k7jdU1IUAciKLexVRGtpVGudTWMXrOL%2FULjW8D%2FSFo8SLk9QbL3SNNBaLdfu%2F38B9VqlNA5ofDZsTYtLE5%2Br4Kv34Jxv68vNaW9z1Defcz1lOA7CEqggE6Y3t0QdxlcF%2F4NI%2FAe970%2FRXg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=63344146bfc14&pixel=&advId=99&advUuid=YzRBR-N0Fdi2CjE8Ei5dxQAAAc8AAAAB
cache-control
no-cache
cf-ray
751c8f9e89d5a222-YYZ
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
tap.php
pixel.rubiconproject.com/ Frame C4EF
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofiles_engine%252FProfilesEngineServl...
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofile...
  • https://live.primis.tech/live/liveCS.php?source=external&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D259151345%26pcid%3D4718842991840...
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=259151345&pcid=4718842991840813561514
  • https://pixel.rubiconproject.com/tap.php?v=12218&nid=2528&put=8Ci9HzX4HH&expires=1825&rnd=-1863933107
42 B
690 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=12218&nid=2528&put=8Ci9HzX4HH&expires=1825&rnd=-1863933107
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
78008fe701b681dce86a72fc23cacc40
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Wed, 28 Sep 2022 12:42:47 GMT
via
1.1 18235244f92adbfef142c197cb3eac0c.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
PHL50-C1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://pixel.rubiconproject.com/tap.php?v=12218&nid=2528&put=8Ci9HzX4HH&expires=1825&rnd=-1863933107
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
patent
https://www.almondnet.com/ip
content-length
43
x-amz-cf-id
X-KRepyMHEhxda6I0G5vjXPtRSzAlp_6xqcq5ERXIJJd_jkrSRDwPA==
expires
Thu, 01 Jan 1970 00:00:00 GMT
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame C4EF
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=618110e63fc8f&advId=100&advUuid=L8LMB5ZU-Q-6LA8&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%...
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1725065545&pcid=L8LMB5ZU-Q-6LA8
  • https://x.bidswitch.net/sync?ssp=sekindo&r=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1267919208%26mi%3D10%26csh%3D54%3B1725065545%26rnd%3D-19571951...
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=c889e140-9c07-4ae9-92f9-0642e63aa07d&ssp=sekindo&gdpr=&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10594366284727598666&gdpr=&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.vis...
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=5c0fbc42-26a5-4a7e-82c4-c0b888aa62b0&ssp=sekindo&gdpr_consent=&gdpr=
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10594366284727598666&ssp=sekindo&gdpr=&gdpr_consent=
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=213580604288006270609&ssp=sekindo&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10594366284727598666&ssp=sekindo&gdpr=&gdpr_consent=
  • https://live.primis.tech/live/liveCS.php?source=external&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D1267919208%26pcid%3Dc889e140-9c0...
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1267919208&pcid=c889e140-9c07-4ae9-92f9-0642e63aa07d&csh=
43 B
971 B
Image
General
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1267919208&pcid=c889e140-9c07-4ae9-92f9-0642e63aa07d&csh=
Protocol
H2
Server
13.224.214.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-95.phl50.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 12:42:48 GMT
via
1.1 18235244f92adbfef142c197cb3eac0c.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
PHL50-C1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
content-length
43
x-amz-cf-id
RqxmA58AY0ZqlZrbH3F8HQQ68p3ve_jC-LM-K3OLVJfkYzflIPF9ug==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 28 Sep 2022 12:42:48 GMT
via
1.1 53e905605490f05641e5a7bb370e4b1a.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
PHL50-C1
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1267919208&pcid=c889e140-9c07-4ae9-92f9-0642e63aa07d&csh=
content-type
text/html; charset=utf-8
cache-control
no-store
x-amz-cf-id
1maJyj5PtTnlvLN0vLA4slHcxsHLSYYdSWioNSzZBdAYEktif1I65w==
tap.php
pixel.rubiconproject.com/ Frame C4EF
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58627/occ
  • https://live.primis.tech/live/liveCS.php?source=external&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D1028935272%26pcid%3Dy-GZVnOcxE2u...
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1028935272&pcid=y-GZVnOcxE2uEcX6WJum3QgqeMoIGiujw80xne240-~A
  • https://pixel.rubiconproject.com/tap.php?v=12218&nid=2528&put=8Ci9HzX4HH&expires=1825&rnd=-1284791469
42 B
690 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=12218&nid=2528&put=8Ci9HzX4HH&expires=1825&rnd=-1284791469
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
8eb2d9eeed9b9c468975d0ba24565e5b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Wed, 28 Sep 2022 12:42:47 GMT
via
1.1 18235244f92adbfef142c197cb3eac0c.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
PHL50-C1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://pixel.rubiconproject.com/tap.php?v=12218&nid=2528&put=8Ci9HzX4HH&expires=1825&rnd=-1284791469
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
patent
https://www.almondnet.com/ip
content-length
43
x-amz-cf-id
0KTjJuAGzsYv3Etw9LRsuRFw52hOeh7xEWhutEzFdM3zwao8K8kpgw==
expires
Thu, 01 Jan 1970 00:00:00 GMT
liveCS.php
live.primis.tech/live/ Frame C4EF
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D63344146bfc14%26pixel%3D%26advId%3D105%26advUuid%3D%24UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Flive.primis.tech%252Flive%252FliveCS.php%253Fsource%253Dexternal%2526csuuid%253D63344146bfc14%2526pixel%253D%2526advId%253D105%2526ad...
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=63344146bfc14&pixel=&advId=105&advUuid=3672728183819967796
0
398 B
Image
General
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=63344146bfc14&pixel=&advId=105&advUuid=3672728183819967796
Protocol
H2
Server
2600:9000:20ed:3e00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 12:42:47 GMT
content-encoding
gzip
via
1.1 53e905605490f05641e5a7bb370e4b1a.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
PHL50-C1
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=utf-8
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
x-amz-cf-id
QjeUelXxwrIXdYkeuw3JmYMNWZoSedVUMpjA6XFrR2c3iVQywHPkgg==

Redirect headers

Pragma
no-cache
Date
Wed, 28 Sep 2022 12:42:47 GMT
AN-X-Request-Uuid
360189dc-3f04-429b-93ad-c451d1d70e16
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=63344146bfc14&pixel=&advId=105&advUuid=3672728183819967796
Connection
keep-alive
X-Proxy-Origin
149.56.153.181; 149.56.153.181; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame C4EF
Redirect Chain
  • https://mb9eo.publishers.tremorhub.com/pubsync?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D63344146bfc14%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%...
  • https://mb9eo.publishers.tremorhub.com/pubsync/verify?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D63344146bfc14%26pixel%3Dhttps%253A%252F%252Fsync.intent...
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=63344146bfc14&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D584182936%2...
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=584182936&pcid=e63a547d2fb44dc4b05efb776ca8b478
  • https://pixel.rubiconproject.com/tap.php?v=12218&nid=2528&put=8Ci9HzX4HH&expires=1825&rnd=489002009
42 B
690 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=12218&nid=2528&put=8Ci9HzX4HH&expires=1825&rnd=489002009
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
20e8391fc78a9019eb67dba4b22f0ac2
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Wed, 28 Sep 2022 12:42:47 GMT
via
1.1 18235244f92adbfef142c197cb3eac0c.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
PHL50-C1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://pixel.rubiconproject.com/tap.php?v=12218&nid=2528&put=8Ci9HzX4HH&expires=1825&rnd=489002009
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
patent
https://www.almondnet.com/ip
content-length
43
x-amz-cf-id
rMcTX__aj1zz1IyYg_iEnJOq9zBxDzUfb-ShEzRHkGFSvzPyDldmpQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame C4EF
Redirect Chain
  • https://cs.media.net/cksync?cs=34&type=pri&ovsid=63344146bfc14&redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D63344146bfc14%26pixel%3Dhttps%253A%252F%252...
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=63344146bfc14&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D1723987475%...
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1723987475&pcid=3073705671454982000V10
  • https://pixel.rubiconproject.com/tap.php?v=12218&nid=2528&put=8Ci9HzX4HH&expires=1825&rnd=1570214265
42 B
690 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=12218&nid=2528&put=8Ci9HzX4HH&expires=1825&rnd=1570214265
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
e1bddfc34a927e97bda010c0d8a62b62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Wed, 28 Sep 2022 12:42:47 GMT
via
1.1 18235244f92adbfef142c197cb3eac0c.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
PHL50-C1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://pixel.rubiconproject.com/tap.php?v=12218&nid=2528&put=8Ci9HzX4HH&expires=1825&rnd=1570214265
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
patent
https://www.almondnet.com/ip
content-length
43
x-amz-cf-id
XKJQdyAFnBaFmqqJnt2s3bH91TywpuqGz7KKpuZmvD9QJUWZVIbZDw==
expires
Thu, 01 Jan 1970 00:00:00 GMT
liveCS.php
live.primis.tech/live/ Frame C4EF
Redirect Chain
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D63344146bfc14%26pixel%3D%26advId%3D130%26advUuid%3D%24UID
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D63344146bfc14%26pixel%3D%26advId%3D130%26advUuid%3D%24UID&sov...
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=63344146bfc14&pixel=&advId=130&advUuid=FZEadLZHN15ZqvYISY2gzKHr
0
397 B
Image
General
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=63344146bfc14&pixel=&advId=130&advUuid=FZEadLZHN15ZqvYISY2gzKHr
Protocol
H2
Server
2600:9000:20ed:3e00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 12:42:47 GMT
content-encoding
gzip
via
1.1 53e905605490f05641e5a7bb370e4b1a.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
PHL50-C1
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=utf-8
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
x-amz-cf-id
e3vvozj4BiPv4DrES5m7bSCE4PSAme0-wnAZqGaQ5MijN18qDg_z7w==

Redirect headers

Date
Wed, 28 Sep 2022 12:42:47 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=63344146bfc14&pixel=&advId=130&advUuid=FZEadLZHN15ZqvYISY2gzKHr
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap5ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
tap.php
pixel.rubiconproject.com/ Frame C4EF
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3586&gdpr=0&gdpr_consent=
  • https://live.primis.tech/live/liveCS.php?source=external&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D793790479%263rddpi%3D484859127%2...
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=484859127&3rdpcid=51a2f777231ac03cfdd08d3549c1db29
  • https://pixel.rubiconproject.com/tap.php?v=12218&nid=2528&put=8Ci9HzX4HH&expires=1825&rnd=-2078623590
42 B
690 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=12218&nid=2528&put=8Ci9HzX4HH&expires=1825&rnd=-2078623590
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
9a0c641c0479142b55591fdf2031b15f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Wed, 28 Sep 2022 12:42:47 GMT
via
1.1 18235244f92adbfef142c197cb3eac0c.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
PHL50-C1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://pixel.rubiconproject.com/tap.php?v=12218&nid=2528&put=8Ci9HzX4HH&expires=1825&rnd=-2078623590
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
patent
https://www.almondnet.com/ip
content-length
43
x-amz-cf-id
K51SwpCNdK5Ve36igJSyiQt1XrRIy4SaNFgbG1pvWG2qVpplO_zGyg==
expires
Thu, 01 Jan 1970 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame C4EF
Redirect Chain
  • https://cs.admanmedia.com/3613a31b6329d1c17d5663d05b080db1.gif?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofi...
  • https://live.primis.tech/live/liveCS.php?source=external&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D793790479%263rddpi%3D2136778551%...
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=2136778551&3rdpcid=a631ccb5-4729-43ca-932d-108eb2489421
  • https://pixel.rubiconproject.com/tap.php?v=12218&nid=2528&put=8Ci9HzX4HH&expires=1825&rnd=1738185511
42 B
690 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=12218&nid=2528&put=8Ci9HzX4HH&expires=1825&rnd=1738185511
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
83041abbe8494cb29eff3083edd6dff6
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Wed, 28 Sep 2022 12:42:47 GMT
via
1.1 18235244f92adbfef142c197cb3eac0c.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
PHL50-C1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://pixel.rubiconproject.com/tap.php?v=12218&nid=2528&put=8Ci9HzX4HH&expires=1825&rnd=1738185511
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
patent
https://www.almondnet.com/ip
content-length
43
x-amz-cf-id
OUqSkzXNv2JY7mzO2wFxhdbM_wTa9Na1kXRZOi_6H0rmjmEfcJYpdQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
ssbsync.smartadserver.com/api/ Frame C4EF
0
0
Image
General
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=21&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.202 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

vid63342716da92f227783171.jpg
video.primis.tech/uploads/cn18/video/users/converted/28530/video_5d5b9eefa3fc7205450607/
20 KB
21 KB
Image
General
Full URL
https://video.primis.tech/uploads/cn18/video/users/converted/28530/video_5d5b9eefa3fc7205450607/vid63342716da92f227783171.jpg?cbuster=1664362268
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-129.phl50.r.cloudfront.net
Software
nginx /
Resource Hash
7854e432a9fde0078779f6c85806a3d9b586043dc65ea5c9a072dd0c54b962da

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 12:38:54 GMT
via
1.1 fe2c65104051140806cad998f531e478.cloudfront.net (CloudFront), 1.1 29c5489c5e1405c3b5e0ac847cbfad6e.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C2, PHL50-C1
age
232
x-cache
Hit from cloudfront
content-length
20863
last-modified
Wed, 28 Sep 2022 10:51:19 GMT
server
nginx
etag
"91a59730ff6f9ff59cdba0e9970f0afc"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
pmyEsa0zU9WckcTDipk5eJo2rOlWYO3nSMpL7JW2EsmEPj90xgcxEw==
expires
Thu, 29 Sep 2022 12:38:54 GMT
liveView.php
live.primis.tech/live/ Frame C4EF
138 KB
12 KB
XHR
General
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMTtyMxZ2nWRyolUlRaVmZXJmJTJGY29hqzVlqGVxJTJGMwt1MmAyMxZ2nWRyo181ZDVvOWVyZzEmZzM3MwA1NDUjNwA3JTJGqzyxNwMmNDI3MTZxYTxlZwIlNmp4MmE3MS5gpDQyM0Z0o2fyM0Ryq29aSUNBZ0ygRaNnrUx2SUNKSVV6STFOnUymQ2yBZ0yDQWyxSGk3SWciZ0yepFuWQ0yLZyEhZXqiZ0yDQWqJoWk6Y3yJNxyDSyFwoWk0YVuNnUkBo2qJQ0FaSW5OMVycSTZJQ0y2ZFuCp2IlRzgwrTydYzcFNEjmWaBnR1Z2TDNWrycYSacMMx52Yz5noGNhUzknQmu5T0RVrx1DOTJuV1JfYwE4MVcEVzyPV1ZfWz1FrycgTTNNnxEkTxRVq05dQTNMM1cjWxRZrx16UXyOrxUlWxqFNU1gWXyNnzMmT0RNrE56RXVvWEEjSWy3S0yDQWqJQ0c1WW1ZnU9cQXuOnyxjTXcFrU5EQXqMQW9aSUNBZ0ygVwRwQ0x2SURFMx5dUTBNnxV6TURBS2ZRLyA3qGJBUVyYnDJ1oGNlNTF1NWylQVxmTHqLrGFUq2j2rDJwRFNwVyFzQW8zqzyxX2NioaRyoaRsnWQ9MwU0NmtkMvZ2nWRsY29hqGVhqF9xZXNwPVRbZSgSo3yuoCgGYW1coHxyRTIyODAyOTymK3NiY2yuoCggZWRcYSguY2NiqW50plgbYXZyK2JyZW4eqXBxYXRyZCg0olggYXJeK3RbZSgyozQeo2YeqGuyK29zZzywnWFfK21iqXJhnW5aK3BypzyiZCgzo3IeUXVyZW4eRWkcrzFvZXRbJaZcZF9wo250ZW50X3RcqGkyPVRbZSgSo3yuoCgGYW1coHxyRTIyODAyOTymK3NiY2yuoCggZWRcYSguY2NiqW50plgbYXZyK2JyZW4eqXBxYXRyZCg0olggYXJeK3RbZSgyozQeo2YeqGuyK29zZzywnWFfK21iqXJhnW5aK3BypzyiZCgzo3IeUXVyZW4eRWkcrzFvZXRbJaZcZF9wo250ZW50X2R1pzF0nW9hPTYkJzRyYaVaSW5zo3JgYXRco249QUJUKlUlRvgjpzVvnWROZXqWZXIeJTJGKmIeJTJGK25yqlZ4PTp5MCZ5PTQ0NCZjqWJVpzj9nHR0pHMyM0EyMxYyMxZioWphYzkiZlUlRvZlnT02QmY5NmY2NTUmNmQ2MTp0NmM3QmpmNxImMTqCNTQmMDqEN0I2NDMlMmAmMwMlMxQmMDM5MxQmMwM4NUYmMTM1N0Q3QwpmMmEmNwM3MmUmNmM1MmQmMmqEN0I0MmMmMmE3RDqCNTM2MwMlMmE2RTRDNxQ0QTpmNwImMwYmM0Q3RDqCNwI2MmY4NmI2RwZENwU3RDqCNmE2NDY1NmM2Qwp0NxY3MDqEN0I2Rwp3Nwx2RTY0NxY3NmpmN0Q3QwU4MmpmMDMjN0Q3QwU5MmQmNmM2N0Q3QwY2MmE3RDqCNmI1MTU1NEE1NTQ5NDMmODY3NwM0ODRBNxM1OTZENxM2QwU0NxQ1NwMmNTY2RDU2Nmx0OTQmMmt2NmRENwx0MTp2NDx0NmM1NxM2NDp3M0QmRDqEN0I0QmM3MmpmNDM4N0RGRUZFJzymQXBjPTAzp2Reqw0zZ2ViTGF0nT00NS41MTp4Jzqyo0kiozp9LTpmLwYjNDYzqXNypxyjQWRxpw0lNwA3JTNBNTMjMCUmQTYjJTNBNmt2NlUmQSUmQTQzqXNypyVBPU1irzyfoGEyMxY1LwAeJTI4V2yhZG93plgOVCfkMC4jJTNCK1qcowY0JTNCK3t2NCUlOSgBpHBfZVqyYxgcqCUlRwUmNl4mNvfyMwuLSFRNTCUlQlgfnWgyK0qyY2giJTI5K0Nbpz9gZSUlRwEjNv4jLwUlNDxhNwEeU2FzYXJcJTJGNTM3LwM2JaNwnGFcow0kLwAyMxMkJTIkZaJyZXN0YXIhY29gJTJDOTp0JTJDMSZjoGF5ZXJBpGyJZD1zpzVyp3RupyBlnW1cp1BfYXyypvZwp3V1nWQ9NwMmNDQkNDZvZzMkNCZwYaVmqGVlPTE2NwQmNwt5NwplOTA=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30392D32385F31357D7B7331363735373534337D7B4333317D7B536232316E4C6D4A736232633D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583730307D7B593437367D7B66317D7B7251554A554943386763484A6C596D6C6B546D5633566D5679494338674D6941764947356C64773D3D7D7B4C373734387DFEFE&userIpAddr=2607%3A5300%3A60%3A7867%3A%3A4&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F106.0.5249.61+Safari%2F537.36&debugInformation=ABT+%2F+prebidNewVer+%2F+2+%2F+new&isWePassGdpr=1&schain=1.0%2C1%21freestar.com%2C974%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&csuuid=63344146bfc14&debugInfo=16757543_ABT+%2F+prebidNewVer+%2F+2+%2F+new&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16757543&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2aaagrsuhioy&secondaryContent=&x=700&y=476&pubUrl=https%3A%2F%2Fomg.blog%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=0&gdprConsent=&contentFeedId=&geoLati=45.5178&geoLong=-73.6046&vpTemplate=7748&flowMode=below&isRealPreroll=0&playerApiId=freestarPrimisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=omg.blog
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:3e00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1e1498f04dfb2c55c06ea027d0daee766a819fc70e1ca8fdb140938ce813b054

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 12:42:47 GMT
content-encoding
gzip
via
1.1 53e905605490f05641e5a7bb370e4b1a.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
PHL50-C1
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://omg.blog
content-type
application/json; charset=utf-8
cache-control
no-store
access-control-allow-credentials
true
content-length
12247
x-amz-cf-id
5nkxQmvNc1aYxWb9UXDQwpxkD_lVG1jnoEnGMQN2s4Mq2Dd9IZuTGg==
liveView.php
live.primis.tech/live/ Frame C4EF
138 KB
12 KB
XHR
General
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMTtyMxZ2nWRyolUlRaVmZXJmJTJGY29hqzVlqGVxJTJGMwt1MmAyMxZ2nWRyo181ZDVvOWVyZzEmZzM3MwA1NDUjNwA3JTJGqzyxNwMmNDI3MTZxYTxlZwIlNmp4MmE3MS5gpDQyM0Z0o2fyM0Ryq29aSUNBZ0ygRaNnrUx2SUNKSVV6STFOnUymQ2yBZ0yDQWyxSGk3SWciZ0yepFuWQ0yLZyEhZXqiZ0yDQWqJoWk6Y3yJNxyDSyFwoWk0YVuNnUkBo2qJQ0FaSW5OMVycSTZJQ0y2ZFuCp2IlRzgwrTydYzcFNEjmWaBnR1Z2TDNWrycYSacMMx52Yz5noGNhUzknQmu5T0RVrx1DOTJuV1JfYwE4MVcEVzyPV1ZfWz1FrycgTTNNnxEkTxRVq05dQTNMM1cjWxRZrx16UXyOrxUlWxqFNU1gWXyNnzMmT0RNrE56RXVvWEEjSWy3S0yDQWqJQ0c1WW1ZnU9cQXuOnyxjTXcFrU5EQXqMQW9aSUNBZ0ygVwRwQ0x2SURFMx5dUTBNnxV6TURBS2ZRLyA3qGJBUVyYnDJ1oGNlNTF1NWylQVxmTHqLrGFUq2j2rDJwRFNwVyFzQW8zqzyxX2NioaRyoaRsnWQ9MwU0NmtkMvZ2nWRsY29hqGVhqF9xZXNwPVRbZSgSo3yuoCgGYW1coHxyRTIyODAyOTymK3NiY2yuoCggZWRcYSguY2NiqW50plgbYXZyK2JyZW4eqXBxYXRyZCg0olggYXJeK3RbZSgyozQeo2YeqGuyK29zZzywnWFfK21iqXJhnW5aK3BypzyiZCgzo3IeUXVyZW4eRWkcrzFvZXRbJaZcZF9wo250ZW50X3RcqGkyPVRbZSgSo3yuoCgGYW1coHxyRTIyODAyOTymK3NiY2yuoCggZWRcYSguY2NiqW50plgbYXZyK2JyZW4eqXBxYXRyZCg0olggYXJeK3RbZSgyozQeo2YeqGuyK29zZzywnWFfK21iqXJhnW5aK3BypzyiZCgzo3IeUXVyZW4eRWkcrzFvZXRbJaZcZF9wo250ZW50X2R1pzF0nW9hPTYkJzRyYaVaSW5zo3JgYXRco249QUJUKlUlRvgjpzVvnWROZXqWZXIeJTJGKmIeJTJGK25yqlZ4PTQjMCZ5PTIlNSZjqWJVpzj9nHR0pHMyM0EyMxYyMxZioWphYzkiZlUlRvZlnT02QmY5NmY2NTUmNmQ2MTp0NmM3QmpmNxImMTqCNTQmMDqEN0I2NDMlMmAmMwMlMxQmMDM5MxQmMwM4NUYmMTM1N0Q3QwpmMmEmNwM3MmUmNmM1MmQmMmqEN0I0MmMmMmE3RDqCNTM2MwMlMmE2RTRDNxQ0QTpmNwImMwYmM0Q3RDqCNwI2MmY4NmI2RwZENwU3RDqCNmE2NDY1NmM2Qwp0NxY3MDqEN0I2Rwp3Nwx2RTY0NxY3NmpmN0Q3QwU4MmpmMDMjN0Q3QwU5MmQmNmM2N0Q3QwY2MmE3RDqCNmI1MTU1NEE1NTQ5NDMmODY3NwM0ODRBNxM1OTZENxM2QwU0NxQ1NwMmNTY2RDU2Nmx0OTQmMmt2NmRENwx0MTp2NDx0NmM1NxM2NDp3M0QmRDqEN0I0QmM3MmpmNDM4N0RGRUZFJzymQXBjPTAzp2Reqw0zZ2ViTGF0nT00NS41MTp4Jzqyo0kiozp9LTpmLwYjNDYzqXNypxyjQWRxpw0lNwA3JTNBNTMjMCUmQTYjJTNBNmt2NlUmQSUmQTQzqXNypyVBPU1irzyfoGEyMxY1LwAeJTI4V2yhZG93plgOVCfkMC4jJTNCK1qcowY0JTNCK3t2NCUlOSgBpHBfZVqyYxgcqCUlRwUmNl4mNvfyMwuLSFRNTCUlQlgfnWgyK0qyY2giJTI5K0Nbpz9gZSUlRwEjNv4jLwUlNDxhNwEeU2FzYXJcJTJGNTM3LwM2JaNwnGFcow0kLwAyMxMkJTIkZaJyZXN0YXIhY29gJTJDOTp0JTJDMSZjoGF5ZXJBpGyJZD1zpzVyp3RupyBlnW1cp1BfYXyypvZwp3V1nWQ9NwMmNDQkNDZvZzMkNCZwYaVmqGVlPTE2NwQmNwt5NwplOTA=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30392D32385F31357D7B7331363735373534337D7B4333317D7B536232316E4C6D4A736232633D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583730307D7B593437367D7B66317D7B7251554A554943386763484A6C596D6C6B546D5633566D5679494338674D6941764947356C64773D3D7D7B4C373734387DFEFE&userIpAddr=2607%3A5300%3A60%3A7867%3A%3A4&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F106.0.5249.61+Safari%2F537.36&debugInformation=ABT+%2F+prebidNewVer+%2F+2+%2F+new&isWePassGdpr=1&schain=1.0%2C1%21freestar.com%2C974%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&csuuid=63344146bfc14&debugInfo=16757543_ABT+%2F+prebidNewVer+%2F+2+%2F+new&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16757543&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2aaagrsuhioy&secondaryContent=&x=700&y=476&pubUrl=https%3A%2F%2Fomg.blog%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=0&gdprConsent=&contentFeedId=&geoLati=45.5178&geoLong=-73.6046&vpTemplate=7748&flowMode=below&isRealPreroll=0&playerApiId=freestarPrimisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=omg.blog
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:3e00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
adb24d3ae2e1bcd63c15e355be777452fe2771153be44b92b47baa8b25a402b9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 12:42:47 GMT
content-encoding
gzip
via
1.1 53e905605490f05641e5a7bb370e4b1a.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
PHL50-C1
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://omg.blog
content-type
application/json; charset=utf-8
cache-control
no-store
access-control-allow-credentials
true
content-length
12244
x-amz-cf-id
ZwgxHg2iWyKqiijVXa-0QFECWPsgnJ5EKzRnbf84VJo9vMI2hihXiA==
liveView.php
live.primis.tech/live/ Frame C4EF
10 KB
4 KB
XHR
General
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0jJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMTtyMxZ2nWRyolUlRaVmZXJmJTJGY29hqzVlqGVxJTJGMwt1MmAyMxZ2nWRyo181ZDVvOWVyZzEmZzM3MwA1NDUjNwA3JTJGqzyxNwMmNDI3MTZxYTxlZwIlNmp4MmE3MS5gpDQyM0Z0o2fyM0Ryq29aSUNBZ0ygRaNnrUx2SUNKSVV6STFOnUymQ2yBZ0yDQWyxSGk3SWciZ0yepFuWQ0yLZyEhZXqiZ0yDQWqJoWk6Y3yJNxyDSyFwoWk0YVuNnUkBo2qJQ0FaSW5OMVycSTZJQ0y2ZFuCp2IlRzgwrTydYzcFNEjmWaBnR1Z2TDNWrycYSacMMx52Yz5noGNhUzknQmu5T0RVrx1DOTJuV1JfYwE4MVcEVzyPV1ZfWz1FrycgTTNNnxEkTxRVq05dQTNMM1cjWxRZrx16UXyOrxUlWxqFNU1gWXyNnzMmT0RNrE56RXVvWEEjSWy3S0yDQWqJQ0c1WW1ZnU9cQXuOnyxjTXcFrU5EQXqMQW9aSUNBZ0ygVwRwQ0x2SURFMx5dUTBNnxV6TURBS2ZRLyA3qGJBUVyYnDJ1oGNlNTF1NWylQVxmTHqLrGFUq2j2rDJwRFNwVyFzQW8zqzyxX2NioaRyoaRsnWQ9MwU0NmtkMvZ2nWRsY29hqGVhqF9xZXNwPVRbZSgSo3yuoCgGYW1coHxyRTIyODAyOTymK3NiY2yuoCggZWRcYSguY2NiqW50plgbYXZyK2JyZW4eqXBxYXRyZCg0olggYXJeK3RbZSgyozQeo2YeqGuyK29zZzywnWFfK21iqXJhnW5aK3BypzyiZCgzo3IeUXVyZW4eRWkcrzFvZXRbJaZcZF9wo250ZW50X3RcqGkyPVRbZSgSo3yuoCgGYW1coHxyRTIyODAyOTymK3NiY2yuoCggZWRcYSguY2NiqW50plgbYXZyK2JyZW4eqXBxYXRyZCg0olggYXJeK3RbZSgyozQeo2YeqGuyK29zZzywnWFfK21iqXJhnW5aK3BypzyiZCgzo3IeUXVyZW4eRWkcrzFvZXRbJaZcZF9wo250ZW50X2R1pzF0nW9hPTYkJzRyYaVaSW5zo3JgYXRco249QUJUKlUlRvgjpzVvnWROZXqWZXIeJTJGKmIeJTJGK25yqlZ4PTp5MCZ5PTQ0NCZjqWJVpzj9nHR0pHMyM0EyMxYyMxZioWphYzkiZlUlRvZlnT02QmY5NmY2NTUmNmQ2MTp0NmM3QmpmNxImMTqCNTQmMDqEN0I2NDMlMmAmMwMlMxQmMDM5MxQmMwM4NUYmMTM1N0Q3QwpmMmEmNwM3MmUmNmM1MmQmMmqEN0I0MmMmMmE3RDqCNTM2MwMlMmE2RTRDNxQ0QTpmNwImMwYmM0Q3RDqCNwI2MmY4NmI2RwZENwU3RDqCNmE2NDY1NmM2Qwp0NxY3MDqEN0I2Rwp3Nwx2RTY0NxY3NmpmN0Q3QwU4MmpmMDMjN0Q3QwU5MmQmNmM2N0Q3QwY2MmE3RDqCNmI1MTU1NEE1NTQ5NDMmODY3NwM0ODRBNxM1OTZENxM2QwU0NxQ1NwMmNTY2RDU2Nmx0OTQmMmt2NmRENwx0MTp2NDx0NmM1NxM2NDp3M0QmRDqEN0I0QmM3MmpmNDM4N0RGRUZFJzymQXBjPTAzp2Reqw0zZ2ViTGF0nT00NS41MTp4Jzqyo0kiozp9LTpmLwYjNDYzqXNypxyjQWRxpw0lNwA3JTNBNTMjMCUmQTYjJTNBNmt2NlUmQSUmQTQzqXNypyVBPU1irzyfoGEyMxY1LwAeJTI4V2yhZG93plgOVCfkMC4jJTNCK1qcowY0JTNCK3t2NCUlOSgBpHBfZVqyYxgcqCUlRwUmNl4mNvfyMwuLSFRNTCUlQlgfnWgyK0qyY2giJTI5K0Nbpz9gZSUlRwEjNv4jLwUlNDxhNwEeU2FzYXJcJTJGNTM3LwM2JaNwnGFcow0kLwAyMxMkJTIkZaJyZXN0YXIhY29gJTJDOTp0JTJDMSZjoGF5ZXJBpGyJZD1zpzVyp3RupyBlnW1cp1BfYXyypvZwp3V1nWQ9NwMmNDQkNDZvZzMkNCZwYaVmqGVlPTE2NwQmNwt5NwplOTE=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30392D32385F31357D7B7331363735373534337D7B4333317D7B536232316E4C6D4A736232633D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583730307D7B593437367D7B66317D7B7251554A554943386763484A6C596D6C6B546D5633566D5679494338674D6941764947356C64773D3D7D7B4C373734387DFEFE&userIpAddr=2607%3A5300%3A60%3A7867%3A%3A4&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F106.0.5249.61+Safari%2F537.36&debugInformation=ABT+%2F+prebidNewVer+%2F+2+%2F+new&isWePassGdpr=1&schain=1.0%2C1%21freestar.com%2C974%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&csuuid=63344146bfc14&debugInfo=16757543_ABT+%2F+prebidNewVer+%2F+2+%2F+new&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16757543&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2aaagrsuhioy&secondaryContent=&x=700&y=476&pubUrl=https%3A%2F%2Fomg.blog%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=0&gdprConsent=&contentFeedId=&geoLati=45.5178&geoLong=-73.6046&vpTemplate=7748&flowMode=below&isRealPreroll=0&playerApiId=freestarPrimisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=omg.blog
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:3e00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
4b31d7ab5f55479d6e6d236a971642d937dfc9093e9c945c1963cae9cd1a6735

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 12:42:47 GMT
content-encoding
gzip
via
1.1 53e905605490f05641e5a7bb370e4b1a.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
PHL50-C1
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://omg.blog
content-type
application/json; charset=utf-8
cache-control
no-store
access-control-allow-credentials
true
content-length
3517
x-amz-cf-id
SBZF_1jqwkYNS0nBaofp79zSIMsQra50ERUQIpJwWryG6PL7v0VMfw==
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 12:42:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 28 Sep 2022 12:42:47 GMT
882.json
id5-sync.com/g/v2/
457 B
1 KB
XHR
General
Full URL
https://id5-sync.com/g/v2/882.json
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
91974f427dd2662711b18fd5ce81af11472eea36b44d5d214b92ad510320cb19
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://omg.blog/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 28 Sep 2022 12:42:47 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://omg.blog
p3p
CP="CAO PSA OUR"
access-control-allow-credentials
true
pr
s.amazon-adsystem.com/v3/ Frame 6C08
3 KB
4 KB
Document
General
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_n-inmobi_cnv_pm-db5_n-simpli.fi_ym_rbd_ppt_n-nativo_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-mediagrid_n-index_n-LoopMe_n-inmobi_cnv_pm-db5_n-simpli.fi_ym_rbd_ppt_n-nativo_an-db5_sovrn_3lift&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
8177822e00d8d86d171eb3aa22e972d5433734c2780872bff47a8d695d0088a8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-mediagrid_n-index_n-LoopMe_n-inmobi_cnv_pm-db5_n-simpli.fi_ym_rbd_ppt_n-nativo_an-db5_sovrn_3lift&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
3216
Content-Type
text/html;charset=ISO-8859-1
Date
Wed, 28 Sep 2022 12:42:47 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
JRKN3C0475C66B97ZNB6
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2003 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://omg.blog
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 16:53:36 GMT
x-content-type-options
nosniff
age
589751
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 21 Sep 2023 16:53:36 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ Frame C4EF
2 KB
2 KB
XHR
General
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220928
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2aaded58dac73e34620e86b5cfdd6e7e20bb38e2ebe5af7d777bc82822bfdb5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://omg.blog/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 28 Sep 2022 12:42:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
34911
x-jsd-version
1.0.1475
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19153-FRA, cache-yyz4563-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"66c-9lsaB8TCWeAdVdoa0IOXXG7dpP0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AYuIroHH2ZtJ6A%2FyVKwkZ0mMYCRMIKSJpb6Oj8S4ZDeEaVlOGcI6r7eRP1GT14cVWDZRu1ysunDXced67UNzQtBa%2BxRLmU5d2fz9XmeFtlLcntfLBLn%2Ft8305c5kL4TfZB9VoF3kN6wM%2BlMh2N4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
751c8f9e6dfa7151-YUL
translator
hbopenbid.pubmatic.com/ Frame C4EF
0
55 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://omg.blog/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://omg.blog
date
Wed, 28 Sep 2022 12:42:46 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
setuid
s2s.t13.io/
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-triple13&gdpr=&gdpr_consent=&us_privacy=
  • https://s2s.t13.io/setuid?bidder=rubicon&uid=L8LMB5ZU-Q-6LA8
86 B
115 B
Image
General
Full URL
https://s2s.t13.io/setuid?bidder=rubicon&uid=L8LMB5ZU-Q-6LA8
Protocol
H3
Server
34.107.140.113 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 12:42:47 GMT
content-encoding
gzip
via
1.1 google
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s2s.t13.io/setuid?bidder=rubicon&uid=L8LMB5ZU-Q-6LA8
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
9e7742894a018a40b59a2ed2117c85b5
Expires
0
PugMaster
image6.pubmatic.com/AdServer/ Frame DF3E
5 KB
6 KB
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=97392926&p=159196&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D63344146bfc14%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D0%26gdpr_consent%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
422cddb9fb86a7948dc8dcf559a9fee04d919672d2753f62a09aea886b6138a7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Wed, 28 Sep 2022 12:42:46 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
ecm3
s.amazon-adsystem.com/ Frame 6C08
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D
  • https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=c889e140-9c07-4ae9-92f9-0642e63aa07d
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=c889e140-9c07-4ae9-92f9-0642e63aa07d
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_n-inmobi_cnv_pm-db5_n-simpli.fi_ym_rbd_ppt_n-nativo_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Sep 2022 12:42:47 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
B4TNZ8MP16JXNBANEQ0V
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=c889e140-9c07-4ae9-92f9-0642e63aa07d
Date
Wed, 28 Sep 2022 12:42:47 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
ecm3
s.amazon-adsystem.com/ Frame 6C08
Redirect Chain
  • https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D
  • https://s.amazon-adsystem.com/ecm3?id=60A5D0A496404844AA3941651D548860&ex=simpli.fi&status=ok
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?id=60A5D0A496404844AA3941651D548860&ex=simpli.fi&status=ok
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_n-inmobi_cnv_pm-db5_n-simpli.fi_ym_rbd_ppt_n-nativo_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Sep 2022 12:42:47 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
WN1S37V2XBZ1YR353PCD
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Wed, 28 Sep 2022 12:42:47 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://s.amazon-adsystem.com/ecm3?id=60A5D0A496404844AA3941651D548860&ex=simpli.fi&status=ok
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Tue, 27 Sep 2022 12:42:47 GMT
ecm3
s.amazon-adsystem.com/ Frame 6C08
Redirect Chain
  • https://jadserve.postrelease.com/suid/101959?ntv_r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dnativo.com%26id%3DNTV_USER_ID
  • https://s.amazon-adsystem.com/ecm3?ex=nativo.com&id=9be7de40-14dc-4759-93a5-f3f1800bbe8e
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=nativo.com&id=9be7de40-14dc-4759-93a5-f3f1800bbe8e
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_n-inmobi_cnv_pm-db5_n-simpli.fi_ym_rbd_ppt_n-nativo_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Sep 2022 12:42:47 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
FRBBHQH7E8X3D48V5STP
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 28 Sep 2022 12:42:47 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://s.amazon-adsystem.com/ecm3?ex=nativo.com&id=9be7de40-14dc-4759-93a5-f3f1800bbe8e
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
expires
Mon, 1 Jan 1990 12:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 5983
2 KB
1 KB
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_n-inmobi_cnv_pm-db5_n-simpli.fi_ym_rbd_ppt_n-nativo_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be416c5cd4e277ec21f8703b3c36f8aa65552fdf3a6fd30516835b27814eea56

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
751c8f9eca2ea222-YYZ
content-encoding
br
content-type
text/html
date
Wed, 28 Sep 2022 12:42:47 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DlzutkmHAC%2BIEpikCyTl1r4iWNfNiGAFkoyTEbqMfhGZsdLNim41UgSy0GX6T8J7rUBX%2BgZbUM7yTWgdQcIgwu3%2FzxPer%2FS7rH4eCtcQrk3aNz%2B7eOCUCD3V38Hk%2BkY81drCe8LvBZxLYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
ecm3
s.amazon-adsystem.com/ Frame ECE3
Redirect Chain
  • https://sync.inmobi.com/TAM?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D
  • https://s.amazon-adsystem.com/ecm3?ex=inmobi.com&id=ID5-ZHMOapxn1QF9gThSrEx8U-ZaCCidJkGgMrs621BeOQ
43 B
479 B
Document
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=inmobi.com&id=ID5-ZHMOapxn1QF9gThSrEx8U-ZaCCidJkGgMrs621BeOQ
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_n-inmobi_cnv_pm-db5_n-simpli.fi_ym_rbd_ppt_n-nativo_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 28 Sep 2022 12:42:47 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
YV0S0XRNK2DK34D9S1J3

Redirect headers

date
Wed, 28 Sep 2022 12:42:47 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=inmobi.com&id=ID5-ZHMOapxn1QF9gThSrEx8U-ZaCCidJkGgMrs621BeOQ
p3p
CP="CAO PSA OUR"
strict-transport-security
max-age=63072000; includeSubDomains; preload
transfer-encoding
chunked
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
ecm3
s.amazon-adsystem.com/ Frame 42C5
Redirect Chain
  • https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
  • https://amazon-tam-match.dotomi.com/match/bounce/current?DotomiTest=6b4d2d1638e5160e&is_secure=true&networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
  • https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAHz9iswJe84QMN-W_MAAAAAAA&expiration=1664455367&is_secure=true
43 B
479 B
Document
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAHz9iswJe84QMN-W_MAAAAAAA&expiration=1664455367&is_secure=true
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_n-inmobi_cnv_pm-db5_n-simpli.fi_ym_rbd_ppt_n-nativo_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 28 Sep 2022 12:42:47 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
E2Y8HBPNM3W4VHGTM6W2

Redirect headers

cache-control
no-cache, private, max-age=0, no-store
content-length
0
date
Wed, 28 Sep 2022 12:42:47 GMT
expires
0
location
https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAHz9iswJe84QMN-W_MAAAAAAA&expiration=1664455367&is_secure=true
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
pragma
no-cache
server
nginx
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame CDD3
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_n-inmobi_cnv_pm-db5_n-simpli.fi_ym_rbd_ppt_n-nativo_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.161.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-161-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=110192
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Wed, 28 Sep 2022 12:42:47 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Thu, 29 Sep 2022 19:19:19 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
tamptsync
sync-amz.ads.yieldmo.com/ Frame DB50
1 KB
848 B
Document
General
Full URL
https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_n-inmobi_cnv_pm-db5_n-simpli.fi_ym_rbd_ppt_n-nativo_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.20.145.50 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-20-145-50.compute-1.amazonaws.com
Software
/
Resource Hash
4ca50bfd038846f65ecffcdddcd9b9307bfb3898c0a11149a84ec78e11012647

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Wed, 28 Sep 2022 12:42:47 GMT
pragma
no-cache
vary
accept-encoding
usync.html
eus.rubiconproject.com/ Frame A230
281 B
573 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_n-inmobi_cnv_pm-db5_n-simpli.fi_ym_rbd_ppt_n-nativo_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.1.200.83 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-1-200-83.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 28 Sep 2022 12:42:47 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Unused62
8096267
Vary
Accept-Encoding
visitormatch
bh.contextweb.com/ Frame ED19
Redirect Chain
  • https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint
  • https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
828 B
1 KB
Document
General
Full URL
https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_n-inmobi_cnv_pm-db5_n-simpli.fi_ym_rbd_ppt_n-nativo_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
ac3d2989b2e2142cdb3616120078d644e9c21726c120a1d349b47c983bf5787d
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private, max-age=0, no-cache, no-store
content-language
en-CA
content-length
828
content-type
text/html;charset=iso-8859-1
cw-server
bh-deployment-5d5cf8576-2zvw4
expires
-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server
Jetty(9.4.14.v20181114)
strict-transport-security
max-age=15768000

Redirect headers

cache-control
private, max-age=0, no-cache, no-store
content-language
en-CA
cw-server
bh-deployment-5d5cf8576-2zvw4
expires
-1
location
/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server
Jetty(9.4.14.v20181114)
strict-transport-security
max-age=15768000
ecm3
s.amazon-adsystem.com/ Frame 4A7F
Redirect Chain
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
  • https://s.amazon-adsystem.com/ecm3?id=3672728183819967796&ex=appnexus.com
43 B
479 B
Document
General
Full URL
https://s.amazon-adsystem.com/ecm3?id=3672728183819967796&ex=appnexus.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_n-inmobi_cnv_pm-db5_n-simpli.fi_ym_rbd_ppt_n-nativo_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 28 Sep 2022 12:42:47 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
DWYK6RNHNRA7MWB0V254

Redirect headers

AN-X-Request-Uuid
ee76a5a6-581d-4df6-8a0b-1ba8539f7718
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Wed, 28 Sep 2022 12:42:47 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://s.amazon-adsystem.com/ecm3?id=3672728183819967796&ex=appnexus.com
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
149.56.153.181; 149.56.153.181; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
amazon
ap.lijit.com/beacon/ Frame AED5
1 KB
2 KB
Document
General
Full URL
https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_n-inmobi_cnv_pm-db5_n-simpli.fi_ym_rbd_ppt_n-nativo_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.114.136 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
8a6139131f047677c01c7d952ac1ec910d9a0a8fcd46b33961924059193aaf9b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
1109
Content-Type
text/html
Date
Wed, 28 Sep 2022 12:42:47 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap5ewr1
ecm3
s.amazon-adsystem.com/ Frame 68A0
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=4718842991840813561514
43 B
479 B
Document
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=4718842991840813561514
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-LoopMe_n-inmobi_cnv_pm-db5_n-simpli.fi_ym_rbd_ppt_n-nativo_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 28 Sep 2022 12:42:47 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
WG4MBC1BJ1JRYEJBPEAH

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Wed, 28 Sep 2022 12:42:47 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=4718842991840813561514
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
view
securepubads.g.doubleclick.net/pcs/ Frame F21D
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss-eQzJfTfsnVnfwNYbaptbW0J8MIxgRGYDuxEcqjpeeMI7IrqTrIi9nSWDba1goxhUNQz28Pp7bNFBfaEdsV4suvMWr7zfwnKa4tDzSCx0P_ckTpsInxloRXIDU9i2-U8KDKYmYJhn7hSvtDzZwWUWwy5fNCiyrxhSEgYJHBViZFTIBERotE6kav1r8fuUCCYcwg2HAR7V6TFEo4nriojaBQYkV0in14uFZ6CetCrgnbsV4YY9Iz7t_hgJeh-O-MruLNLlD1MGBpJGHEHKrenyN0ZmUF8W3S0tvamb1GEaSDkX0Xis4kK01Kyo3w&sai=AMfl-YSZvuxobE6OQNGXbTackiICnECbxMvNmGk2OExI723OT_6ZYdC9UrEBlxW72gFDP_r3J_r-6dm0Wwou4WSI51kR3glfpVOmMfiglU9EKOXp-UCulSaxDlCV71nJuR__xrX7&sig=Cg0ArKJSzJJudjNsWPQfEAE&uach_m=[UACH]&adurl=
Requested by
Host: omg.blog
URL: https://omg.blog/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 12:42:47 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 28 Sep 2022 12:42:47 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220922/r20110914/ Frame F21D
23 KB
10 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220922/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d485f54c3ae5920cd21c8d180458c50f092554777b97f9c52ac6f76359838a05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 12:37:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
331
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9559
x-xss-protection
0
server
cafe
etag
12142024561622733046
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 12 Oct 2022 12:37:16 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/ Frame F21D
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 12:39:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
177
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 12 Oct 2022 12:39:50 GMT
l
www.google.com/ads/measurement/ Frame F21D
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ4LmjsHbMLwB4FHN5o9fBD-6yL-XnGdKOcionfKoi0RNVB9BeOtcPMX2PgiyQjXiRFTqIMlArcOxq1ZNPR7Vq34qtKzQ
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2004 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F21D
140 KB
44 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
111ac61e627008261e23043c5e6b486035f0b123b1963e2fa8671e188eb33829
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 12:42:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44528
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1664191987193040"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 28 Sep 2022 12:42:47 GMT
10308959994541076779
tpc.googlesyndication.com/simgad/ Frame F21D
235 KB
236 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/10308959994541076779
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
634a819c8cd883049df51c9cfea2f446b31e4197a8fc0d481ff5b72098a3fc3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 12:45:50 GMT
x-content-type-options
nosniff
age
604617
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
241145
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 22:00:02 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 21 Sep 2023 12:45:50 GMT
ecm3
s.amazon-adsystem.com/ Frame AED5
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?id=FZEadLZHN15ZqvYISY2gzKHr&ex=sovrn.com&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Sep 2022 12:42:47 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
S5D34V9K5Q5W97C2EF08
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/ Frame AED5
Redirect Chain
  • https://sync.1rx.io/usersync2/sovrn?gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/sovrn?zcc=1&cb=1664368967737
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-6832713e-82e4-4536-9770-c4b4aefdc3c6-005&rndcb=2918428377
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=c889e140-9c07-4ae9-92f9-0642e63aa07d&google_hm=Yzg4OWUxNDAtOWMwNy00YWU5LTkyZjktMDY0MmU2M2Fh...
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEPB8hO8qzU6FMNVSBqaQzaY&google_cver=1&ssp=adconductor&bsw_param=c889e140-9c07-4ae9-92f9-0642e63aa07d
  • https://sync.1rx.io/usersync/bidswitch/c889e140-9c07-4ae9-92f9-0642e63aa07d?gdpr=&gdpr_consent=
  • https://sync.targeting.unrulymedia.com/csync/RX-6832713e-82e4-4536-9770-c4b4aefdc3c6-005?redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D56%263pid%3DRX-6832713e-82e4-4536-9770-c4b4aefdc3c6-005
  • https://ce.lijit.com/merge?pid=56&3pid=RX-6832713e-82e4-4536-9770-c4b4aefdc3c6-005
43 B
2 KB
Image
General
Full URL
https://ce.lijit.com/merge?pid=56&3pid=RX-6832713e-82e4-4536-9770-c4b4aefdc3c6-005
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Protocol
HTTP/1.1
Server
23.92.190.69 Katy, United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Sep 2022 12:42:48 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location
https://ce.lijit.com/merge?pid=56&3pid=RX-6832713e-82e4-4536-9770-c4b4aefdc3c6-005
Date
Wed, 28 Sep 2022 12:42:48 GMT
Content-Type
text/html
Connection
keep-alive
ETag
RX6832713e82e445369770c4b4aefdc3c6005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
amazon
ap.lijit.com/beacon/ Frame AED5
0
89 B
Image
General
Full URL
https://ap.lijit.com/beacon/amazon?gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.114.136 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

X-Sovrn-Pod
ad_ap5ewr1
Date
Wed, 28 Sep 2022 12:42:47 GMT
merge
ce.lijit.com/ Frame AED5
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://ce.lijit.com/merge?pid=85&3pid=AAFQ707GaIMAAB826eu3Ow&gdpr=0
43 B
1 KB
Image
General
Full URL
https://ce.lijit.com/merge?pid=85&3pid=AAFQ707GaIMAAB826eu3Ow&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Protocol
HTTP/1.1
Server
23.92.190.69 Katy, United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Sep 2022 12:42:47 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=85&3pid=AAFQ707GaIMAAB826eu3Ow&gdpr=0
Date
Wed, 28 Sep 2022 12:42:47 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
merge
ce.lijit.com/ Frame AED5
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent=
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=87&3pid=dc98ff85-97e2-46db-b230-9da195bc858e
43 B
1 KB
Image
General
Full URL
https://ce.lijit.com/merge?pid=87&3pid=dc98ff85-97e2-46db-b230-9da195bc858e
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Protocol
HTTP/1.1
Server
23.92.190.69 Katy, United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Sep 2022 12:42:47 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
//ce.lijit.com/merge?pid=87&3pid=dc98ff85-97e2-46db-b230-9da195bc858e
date
Wed, 28 Sep 2022 12:42:47 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
merge
ce.lijit.com/ Frame AED5
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=ix2k_Ikfo_2QT6GrjEi6-41Kpq6QHKH83xiXFMh8
43 B
873 B
Image
General
Full URL
https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=ix2k_Ikfo_2QT6GrjEi6-41Kpq6QHKH83xiXFMh8
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Protocol
HTTP/1.1
Server
23.92.190.69 Katy, United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Sep 2022 12:42:47 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 28 Sep 2022 12:42:47 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=ix2k_Ikfo_2QT6GrjEi6-41Kpq6QHKH83xiXFMh8
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 5983
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YzRBR-N0Fdi2CjE8Ei5dxQAAAc8AAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEBEXIRWp-laE4hvrNJD815E&google_cver=1
43 B
842 B
Image
General
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEBEXIRWp-laE4hvrNJD815E&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H3
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 12:42:47 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zzV4OgHDK8Ct5Jst1PTJ4BTcvsOdVUtiFprW7mV5bD%2BlFEkyzNAY5x3hJLtc5epZBxMUGMhyI%2BpjZW8LH9j65AprXQPnpBqqIYIb4kTvP0%2BqwzLv3Cfd79MzMCZH0aVVZ3Gaji7zRZ3MdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
751c8fa07c79a222-YYZ
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 28 Sep 2022 12:42:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEBEXIRWp-laE4hvrNJD815E&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 5983
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YzRBR.N0Fdi2CjE8Ei5dxQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFRCGXcroMjF596UXO2y5JU&google_cver=1&google_hm=2
43 B
841 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFRCGXcroMjF596UXO2y5JU&google_cver=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H3
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 12:42:47 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r4BBn8xSoCUI%2BjbBtQlnc8hRRMdAFTSpvXIV%2B%2BpsXHTfik42OvfyivgY90iXF7GcEF3R5G94qie3YjYNvODHG8CiDe3BIc%2BepAYq9UYahY8eHa6n3c8leFnAHBuwR1bD90qA9kMmsVUInA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
751c8fa19b95a21a-YYZ
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 28 Sep 2022 12:42:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFRCGXcroMjF596UXO2y5JU&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 5983
43 B
855 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YzRBR-N0Fdi2CjE8Ei5dxQAAAc8AAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Sep 2022 12:42:47 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
SAYDEW3EN91W42D1QSZ3
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 5983
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://match.adsrvr.org/track/cmb/casale?
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=dee4a90a-7826-4daf-a6d8-996f99f94684&expiration=1666960967&gdpr=0&gdpr_consent=
43 B
844 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=dee4a90a-7826-4daf-a6d8-996f99f94684&expiration=1666960967&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H3
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 12:42:47 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=getRQdV%2F49%2FDiDkjA5myu7giQmFwkU%2Bnmln3FdRnBGcFKNr%2BR5Lk8sVGJq%2BgWffwZRXcGkmSPr7g551uiMoioa0b5cc1Zw8FpDB7Z2ursksOQpRU%2BDu7EjP06U8Ut8n2oInbTzp0CB%2Fm8w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
751c8fa12b09a21a-YYZ
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 28 Sep 2022 12:42:47 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=dee4a90a-7826-4daf-a6d8-996f99f94684&expiration=1666960967&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
YzRBR-N0Fdi2CjE8Ei5dxQAAAc8AAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 5983
43 B
603 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YzRBR-N0Fdi2CjE8Ei5dxQAAAc8AAAAB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a07:eb88:cc7a:3ac8:6e0f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 12:42:47 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum-sec.casalemedia.com/ Frame 5983
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=60A5D0A496404844AA3941651D548860
43 B
430 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=60A5D0A496404844AA3941651D548860
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H2
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 12:42:47 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=65gFJpXwuNT90R00vkx7kCyTXrGIIxQHmGAqlEFRQRdPs%2BozV0pKuVqEL4ueeLhP%2BNvBNGYieQDREMXRxWwPKV63j1HedPPKlOnX1wKe5ozaWwHptFFik%2FZIGLJ3jJdt%2Flx9DdDBbU1AHw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
751c8fa048cf3fd3-YYZ
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Wed, 28 Sep 2022 12:42:47 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=60A5D0A496404844AA3941651D548860
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Tue, 27 Sep 2022 12:42:47 GMT
crum
dsum-sec.casalemedia.com/ Frame 5983
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
  • https://cm.adgrx.com/bridge.gif?AG_PID=casale
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=0e8a0d10-3f2b-11ed-bba5-2c64b5add5bb
43 B
839 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=0e8a0d10-3f2b-11ed-bba5-2c64b5add5bb
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H3
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 12:42:48 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F%2FApWIMbUM16NJAR62RLM3M9ZrcirAo5uXoXOHxZJAnDGbtphgPVseBmx7ZrurM0Kx4yYBf45e75Ilk%2FnQZDAAjnLOZKhDwsr6zr2M6Gfjy1W5wjkE1tCITlnLRpIqnTVj1fXEX1RBtzrA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
751c8fa1ec09a21a-YYZ
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Wed, 28 Sep 2022 12:42:47 GMT
server
Cowboy
Content-Type
image/gif
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=0e8a0d10-3f2b-11ed-bba5-2c64b5add5bb
Access-Control-Allow-Origin
*
P3P
CP="NOI OTC OTP OUR NOR"
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
X-RealServer-NX
lga-delivery-4
Content-Length
0
Expires
Thu, 23 Sep 2004 17:42:04 GMT
crum
dsum-sec.casalemedia.com/ Frame 5983
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=06030002_63344147a406c&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=06030002_63344147a406c
43 B
872 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=06030002_63344147a406c
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H3
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 12:42:47 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JbD2YvJcdFkmXelcbLldqhH1bDXtjqginUb9w8zhNYDWSYEC4ewSaXBPadbf9ktd2knjFrT3lN2%2BTaubc5jrig12GPKOV3U8o1Q7HuYCNk9m3nMIzeHTOa313ejrMzt%2FGl1Cuj28RM1nSg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
751c8fa12b07a21a-YYZ
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Wed, 28 Sep 2022 12:42:47 GMT
server
nginx
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
access-control-allow-origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=06030002_63344147a406c
content-type
text/html; charset=UTF-8
cache-control
no-cache
keep-alive
timeout=10
access-control-allow-headers
Origin
ecm3
s.amazon-adsystem.com/ Frame 5983
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=index.com&id=YzRBR-N0Fdi2CjE8Ei5dxQAAAc8AAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Sep 2022 12:42:47 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
1ZYJM3XDHP6XH6BYZ6X4
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame A230
31 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.1.200.83 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-1-200-83.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
ef55b97b394f016fc1b7385ec2b1f3dfa95929292a8200379d9bcfdeffc22964

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 12:42:47 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Sep 2022 22:38:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=32646
Connection
keep-alive
Content-Length
9421
Expires
Wed, 28 Sep 2022 21:46:53 GMT
match
c1.adform.net/serving/cookie/ Frame 9660
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=EB0918BB-D98C-4931-AD49-EA7233D2A3DA
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=EB0918BB-D98C-4931-AD49-EA7233D2A3DA
35 B
468 B
Document
General
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=EB0918BB-D98C-4931-AD49-EA7233D2A3DA
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D63344146bfc14%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D0%26gdpr_consent%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.42 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Wed, 28 Sep 2022 12:42:47 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Wed, 28 Sep 2022 12:42:47 GMT
expires
-1
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=EB0918BB-D98C-4931-AD49-EA7233D2A3DA
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame B257
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YzRBRwAABKv4aQAK&gdpr=0&gdpr_consent=&_test=YzRBRwAABKv4aQAK
1 B
241 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YzRBRwAABKv4aQAK&gdpr=0&gdpr_consent=&_test=YzRBRwAABKv4aQAK
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D63344146bfc14%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D0%26gdpr_consent%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Wed, 28 Sep 2022 12:42:47 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Wed, 28 Sep 2022 12:42:47 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YzRBRwAABKv4aQAK&gdpr=0&gdpr_consent=&_test=YzRBRwAABKv4aQAK
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-yul12831-YUL
x-timer
S1664368968.728753,VS0,VE0
Pug
image2.pubmatic.com/AdServer/ Frame 9774
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFGUTcwN0dhSU1BQUI4MjZldTNPdw&bee_sync_partners=sas%2Cpp%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAFQ707GaIMAAB826eu3Ow&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Csyn%252Cpm%26bee_sy...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Csyn%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=5230961174065027787
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAFQ707GaIMAAB826eu3Ow&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D5230961174065027787%26bee_sync_partners%3Dsyn%252Cpm%26...
  • https://match.prod.bidr.io/cookie-sync?userid=5230961174065027787&bee_sync_partners=syn%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAFQ707GaIMAAB826eu3Ow&pid=55...
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AAFQ707GaIMAAB826eu3Ow&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D5230961174065027787%26bee_sync_partners%3Dpm%26bee_sy...
  • https://match.prod.bidr.io/cookie-sync?userid=5230961174065027787&bee_sync_partners=pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=4
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFQ707GaIMAAB826eu3Ow
42 B
199 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFQ707GaIMAAB826eu3Ow
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D63344146bfc14%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D0%26gdpr_consent%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 28 Sep 2022 12:42:47 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Wed, 28 Sep 2022 12:42:48 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFQ707GaIMAAB826eu3Ow
strict-transport-security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 948F
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:d73b6334-4147-4100-a5ec-96e71a094ff2&gdpr=0&gdpr_consent=
42 B
554 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:d73b6334-4147-4100-a5ec-96e71a094ff2&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D63344146bfc14%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D0%26gdpr_consent%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 28 Sep 2022 12:42:47 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Wed, 28 Sep 2022 12:42:47 GMT
Expires
Wed, 28 Sep 2022 12:42:46 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4505 5b23575 master ord-pixel-x58 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:d73b6334-4147-4100-a5ec-96e71a094ff2&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame 9379
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=0e8a0d10-3f2b-11ed-bba5-2c64b5add5bb
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:588a9e2e-75d3-49fa-9a59-bbb8902ea662&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
113 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:588a9e2e-75d3-49fa-9a59-bbb8902ea662&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D63344146bfc14%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D0%26gdpr_consent%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 28 Sep 2022 12:42:48 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
Keep-Alive
Content-Length
0
Date
Wed, 28 Sep 2022 12:42:48 GMT
Keep-Alive
timeout=5, max=3000
Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:588a9e2e-75d3-49fa-9a59-bbb8902ea662&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Server
Apache
141
match.deepintent.com/usersync/ Frame 01CB
0
223 B
Document
General
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D63344146bfc14%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D0%26gdpr_consent%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
0
content-type
image/gif
date
Wed, 28 Sep 2022 12:42:46 GMT
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
server
b
usersync.aspx
dis.criteo.com/dis/ Frame 321F
43 B
363 B
Document
General
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D63344146bfc14%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D0%26gdpr_consent%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Wed, 28 Sep 2022 12:42:47 GMT
expires
Wed, 28 Sep 2022 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
300554
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
simage2.pubmatic.com/AdServer/ Frame 2D7D
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=NvmzZiTnRZ5-Z7Y0uO_0qpU4mbU
42 B
315 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=NvmzZiTnRZ5-Z7Y0uO_0qpU4mbU
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D63344146bfc14%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D0%26gdpr_consent%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 28 Sep 2022 12:42:45 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
159
Content-Type
text/html; charset=utf-8
Date
Wed, 28 Sep 2022 12:42:47 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=NvmzZiTnRZ5-Z7Y0uO_0qpU4mbU
Pug
simage2.pubmatic.com/AdServer/ Frame C532
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:hims5jZv1ODwoL5&gdpr=0&gdpr_consent=
42 B
195 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:hims5jZv1ODwoL5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D63344146bfc14%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D0%26gdpr_consent%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 28 Sep 2022 12:42:47 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Wed, 28 Sep 2022 12:42:47 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:hims5jZv1ODwoL5&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/5cd8a5d#5cd8a5dae4649c563ed7e6eb1dd90a4f2423ff29 i-07f80ddae7791dbe8@us-east-1e@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
d1ba4609
rtb.gumgum.com/getuid/ Frame 0570
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1664368967708
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6144068632
  • https://sync.1rx.io/usersync/tradedesk/dee4a90a-7826-4daf-a6d8-996f99f94684
  • https://sync.targeting.unrulymedia.com/csync/RX-6832713e-82e4-4536-9770-c4b4aefdc3c6-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-6832713e-82e4-4536-9770-c4b4aefdc3c6-005
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
35 B
209 B
Document
General
Full URL
https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D63344146bfc14%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D0%26gdpr_consent%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.2.60.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-2-60-97.compute-1.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
content-length
35
content-type
image/gif;charset=UTF-8
date
Wed, 28 Sep 2022 12:42:48 GMT
expires
0
pragma
no-cache
server
nginx
timing-allow-origin
*

Redirect headers

content-length
216
content-type
text/html; charset=utf-8
date
Wed, 28 Sep 2022 12:42:46 GMT
location
https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame 7207
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=6
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=695670762000
42 B
189 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=695670762000
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D63344146bfc14%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D0%26gdpr_consent%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 28 Sep 2022 12:42:47 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Content-Length
0
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=695670762000
i.match
s.tribalfusion.com/z/ Frame 08F0
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
408 B
Document
General
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D63344146bfc14%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D0%26gdpr_consent%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:230b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
751c8fa0fadd4bbf-YUL
content-length
43
content-type
image/gif; charset=utf-8
date
Wed, 28 Sep 2022 12:42:47 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
751c8fa049d24bbf-YUL
content-type
text/html
date
Wed, 28 Sep 2022 12:42:47 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
2280
Pug
simage2.pubmatic.com/AdServer/ Frame AEF1
Redirect Chain
  • https://ad.mrtnsvr.com/sync/pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=SoctVDtaM
42 B
205 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=SoctVDtaM
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D63344146bfc14%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D0%26gdpr_consent%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 28 Sep 2022 12:42:47 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141
content-type
text/html; charset=utf-8
date
Wed, 28 Sep 2022 12:42:47 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=SoctVDtaM
vary
Origin
via
1.1 google
pbmtc.gif
beacon.lynx.cognitivlabs.com/ Frame A62B
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=0cacbc55-2d24-4c26-af6d-efc6a8cf5846&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=$...
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=EB0918BB-D98C-4931-AD49-EA7233D2A3DA
42 B
495 B
Document
General
Full URL
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=EB0918BB-D98C-4931-AD49-EA7233D2A3DA
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D63344146bfc14%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D0%26gdpr_consent%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.44.36.54 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-72-44-36-54.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
keep-alive
Content-Length
42
Content-Type
image/gif
Date
Wed, 28 Sep 2022 12:42:47 GMT
Server
Kestrel

Redirect headers

cache-control
no-store, no-cache, private
date
Wed, 28 Sep 2022 12:42:46 GMT
location
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=EB0918BB-D98C-4931-AD49-EA7233D2A3DA
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
/
csync.loopme.me/ Frame 9FBC
0
0
Document
General
Full URL
https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D63344146bfc14%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D0%26gdpr_consent%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6813:ad6c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
751c8f9ff9a44bb8-YUL
date
Wed, 28 Sep 2022 12:42:47 GMT
server
cloudflare
liveCS.php
live.primis.tech/live/ Frame 9E8A
0
398 B
Document
General
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=63344146bfc14&pixel=&advId=91&advUuid=EB0918BB-D98C-4931-AD49-EA7233D2A3DA&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D63344146bfc14%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D0%26gdpr_consent%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:3e00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
0
cache-control
no-store
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 28 Sep 2022 12:42:47 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
pragma
no-cache
server
nginx
vary
Accept-Encoding
via
1.1 53e905605490f05641e5a7bb370e4b1a.cloudfront.net (CloudFront)
x-amz-cf-id
HSxdJX378bf7DQq3i0N8ITy6wEffKW91kB-kDTkB90QfoNUTAOqGTw==
x-amz-cf-pop
PHL50-C1
x-cache
Miss from cloudfront
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame DF3E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=6wkYu9mMSTGtSepyM9Kj2g%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
15 KB
15 KB
Image
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D63344146bfc14%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D0%26gdpr_consent%3D
Protocol
H2
Server
23.52.161.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-161-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 12:42:47 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=110192
accept-ranges
bytes
content-length
5549
expires
Thu, 29 Sep 2022 19:19:19 GMT

Redirect headers

pragma
no-cache
date
Wed, 28 Sep 2022 12:42:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
458249.gif
idsync.rlcdn.com/ Frame DF3E
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=EB0918BB-D98C-4931-AD49-EA7233D2A3DA
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJEVCMDkxOEJCLUQ5OEMtNDkzMS1BRDQ5LUVBNzIzM0QyQTNEQRAAGg0Ix4LRmQYSBQjoBxAAQgBKAA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=e0b4403676c020cd00131591ba5f3fab03df1d7c73918ffd1507734e1bca29ab791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlBlMGI0NDAzNjc2YzAyMGNkMDAxMzE1OTFiYTVmM2ZhYjAzZGYxZDdjNzM5MThmZmQxNTA3NzM0ZTFiY2EyOWFiNzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlBlMGI0NDAzNjc2YzAyMGNkMDAxMzE1OTFiYTVmM2ZhYjAzZGYxZDdjNzM5MThmZmQxNTA3NzM0ZTFiY2EyOWFiNzkxNDI2YjU0MTdkY2UyMRAAGgwIyILRmQYSBAgCEABCAEoA&goog...
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
  • https://idsync.rlcdn.com/458249.gif?partner_uid=2517ed25-d348-4c74-8b8d-5514cd96ee2b
42 B
60 B
Image
General
Full URL
https://idsync.rlcdn.com/458249.gif?partner_uid=2517ed25-d348-4c74-8b8d-5514cd96ee2b
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D63344146bfc14%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D0%26gdpr_consent%3D
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 12:42:48 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/458249.gif?partner_uid=2517ed25-d348-4c74-8b8d-5514cd96ee2b
date
Wed, 28 Sep 2022 12:42:48 GMT
via
1.1 google
x-samesite
secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
content-type
text/html; charset=utf-8
SPug
image4.pubmatic.com/AdServer/ Frame DF3E
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=0cdd6334-4147-4800-820f-b7ec28b356d1
0
48 B
Image
General
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=0cdd6334-4147-4800-820f-b7ec28b356d1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D63344146bfc14%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D0%26gdpr_consent%3D
Protocol
H2
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 12:42:47 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Wed, 28 Sep 2022 12:42:47 GMT
Server
MT3 4505 5b23575 master ord-pixel-x51 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=0cdd6334-4147-4800-820f-b7ec28b356d1
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 28 Sep 2022 12:42:46 GMT
Pug
image2.pubmatic.com/AdServer/ Frame DF3E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RUIwOTE4QkItRDk4Qy00OTMxLUFENDktRUE3MjMzRDJBM0RB&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
245 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D63344146bfc14%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D0%26gdpr_consent%3D
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 28 Sep 2022 12:42:47 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 28 Sep 2022 12:42:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame DF3E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESED-BE5J4ljkR8iH5jZT-bKc&google_cver=1
42 B
379 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESED-BE5J4ljkR8iH5jZT-bKc&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D63344146bfc14%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D0%26gdpr_consent%3D
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 28 Sep 2022 12:42:46 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 28 Sep 2022 12:42:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESED-BE5J4ljkR8iH5jZT-bKc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame DF3E
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:60A5D0A496404844AA3941651D548860
42 B
208 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:60A5D0A496404844AA3941651D548860
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D63344146bfc14%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D0%26gdpr_consent%3D
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 28 Sep 2022 12:42:47 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Wed, 28 Sep 2022 12:42:47 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:60A5D0A496404844AA3941651D548860
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Tue, 27 Sep 2022 12:42:47 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame DF3E
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=dee4a90a-7826-4daf-a6d8-996f99f94684
42 B
279 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=dee4a90a-7826-4daf-a6d8-996f99f94684
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D63344146bfc14%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D0%26gdpr_consent%3D
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 28 Sep 2022 12:42:47 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 28 Sep 2022 12:42:47 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=dee4a90a-7826-4daf-a6d8-996f99f94684
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
313
d1ba4609
rtb.gumgum.com/getuid/ Frame DF3E
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2330777839504810061&gdpr=0&gdpr_consent=&us_privacy=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
35 B
208 B
Image
General
Full URL
https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D63344146bfc14%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D0%26gdpr_consent%3D
Protocol
H2
Server
52.2.60.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-2-60-97.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 12:42:48 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
date
Wed, 28 Sep 2022 12:42:46 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
216
content-type
text/html; charset=utf-8
EB0918BB-D98C-4931-AD49-EA7233D2A3DA
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame DF3E
43 B
604 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/EB0918BB-D98C-4931-AD49-EA7233D2A3DA?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D63344146bfc14%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D0%26gdpr_consent%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a07:eb88:cc7a:3ac8:6e0f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 12:42:47 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
SPug
image4.pubmatic.com/AdServer/ Frame DF3E
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=EB0918BB-D98C-4931-AD49-EA7233D2A3DA&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-ME5KuKFE2uUK6qtr3yL8zocbfGsyPfA-~A&gdpr=0&gdpr_consent=
0
260 B
Image
General
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-ME5KuKFE2uUK6qtr3yL8zocbfGsyPfA-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D63344146bfc14%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D0%26gdpr_consent%3D
Protocol
H2
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 12:42:47 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-ME5KuKFE2uUK6qtr3yL8zocbfGsyPfA-~A&gdpr=0&gdpr_consent=
date
Wed, 28 Sep 2022 12:42:47 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame DF3E
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=9eacfdab-d995-4cdf-b5c1-35499246cefc&gdpr=0&gdpr_consent=
1 B
237 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=9eacfdab-d995-4cdf-b5c1-35499246cefc&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D63344146bfc14%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D0%26gdpr_consent%3D
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Wed, 28 Sep 2022 12:42:47 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=9eacfdab-d995-4cdf-b5c1-35499246cefc&gdpr=0&gdpr_consent=
Date
Wed, 28 Sep 2022 12:42:47 GMT
Connection
keep-alive
X-CI-RTID
e572616f-2d34-473d-8611-6fa7cd2e4be3
Content-Length
205
Content-Type
text/html; charset=utf-8
Pug
image2.pubmatic.com/AdServer/ Frame DF3E
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3672728183819967796&gdpr=0&gdpr_consent=
42 B
297 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3672728183819967796&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D63344146bfc14%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D0%26gdpr_consent%3D
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 28 Sep 2022 12:42:47 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Wed, 28 Sep 2022 12:42:47 GMT
AN-X-Request-Uuid
c6829e4f-bc20-4eba-bebc-477d2d0ad0ef
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3672728183819967796&gdpr=0&gdpr_consent=
Connection
keep-alive
X-Proxy-Origin
149.56.153.181; 149.56.153.181; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame DF3E
0
35 B
Image
General
Full URL
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D63344146bfc14%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D0%26gdpr_consent%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.213.85.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-213-85-80.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 12:42:47 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame DF3E
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=EB0918BB-D98C-4931-AD49-EA7233D2A3DA&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=467929d9210415c3&is_secure=true&networkId=17100&version=1&nuid=EB0918BB-D98C-4931-AD49-EA7233D2A3DA&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAHz9iswJe84wMVgD8MAAAAAAA&expiration=1664455367&nuid=EB0918BB-D98C-4931-AD49-EA7233D2A3DA&...
42 B
264 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAHz9iswJe84wMVgD8MAAAAAAA&expiration=1664455367&nuid=EB0918BB-D98C-4931-AD49-EA7233D2A3DA&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D63344146bfc14%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D0%26gdpr_consent%3D
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 28 Sep 2022 12:42:46 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 28 Sep 2022 12:42:47 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAHz9iswJe84wMVgD8MAAAAAAA&expiration=1664455367&nuid=EB0918BB-D98C-4931-AD49-EA7233D2A3DA&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
Pug
image2.pubmatic.com/AdServer/ Frame DF3E
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=30504c13-e28b-4c2a-86c3-22188607f8ac-63344147-4341&gdpr=0&gdpr_consent=
42 B
295 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=30504c13-e28b-4c2a-86c3-22188607f8ac-63344147-4341&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D63344146bfc14%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D0%26gdpr_consent%3D
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 28 Sep 2022 12:42:48 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 28 Sep 2022 12:42:47 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=30504c13-e28b-4c2a-86c3-22188607f8ac-63344147-4341&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
sync
sync-pm.ads.yieldmo.com/ Frame DF3E
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=au8VQmjtEkNxvRAVbboLRWy4FxBx7hBCPuprTFWm
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?p=160648&pmc=1&pr=https%3A%2F%2Fsync-pm.ads.yieldmo.com%2Fsync%3Fpn_id%3Dpub%26id%3DEB0918BB-D98C-4931-AD49-EA7233D2A3DA
  • https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=EB0918BB-D98C-4931-AD49-EA7233D2A3DA
43 B
670 B
Image
General
Full URL
https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=EB0918BB-D98C-4931-AD49-EA7233D2A3DA
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D63344146bfc14%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D0%26gdpr_consent%3D
Protocol
H2
Server
107.20.145.50 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-20-145-50.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 28 Sep 2022 12:42:48 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

location
https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=EB0918BB-D98C-4931-AD49-EA7233D2A3DA
date
Wed, 28 Sep 2022 12:42:47 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame DF3E
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=c889e140-9c07-4ae9-92f9-0642e63aa07d
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=c889e140-9c07-4ae9-92f9-0642e63aa07d
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=cd565a13-ab13-4356-941b-585ce37fba5e&user_group=1&ssp=pubmatic&bsw_param=c889e140-9c07-4ae9-92f9-0642e63aa07d
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c889e140-9c07-4ae9-92f9-0642e63aa07d&gdpr=&gdpr_consent=&gdpr_pd=
1 B
325 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c889e140-9c07-4ae9-92f9-0642e63aa07d&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D63344146bfc14%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D0%26gdpr_consent%3D
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Wed, 28 Sep 2022 12:42:48 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c889e140-9c07-4ae9-92f9-0642e63aa07d&gdpr=&gdpr_consent=&gdpr_pd=
Date
Wed, 28 Sep 2022 12:42:48 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sn.ashx
pmp.mxptint.net/ Frame DF3E
Redirect Chain
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R1B332_F6EAD229_1EE4870A&r=https://pmp.mxptint.net/sn.ashx?ak=1
  • https://pmp.mxptint.net/sn.ashx?ak=1
43 B
266 B
Image
General
Full URL
https://pmp.mxptint.net/sn.ashx?ak=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D63344146bfc14%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D0%26gdpr_consent%3D
Protocol
HTTP/1.1
Server
204.2.255.233 Bear, United States, ASN2914 (NTT-LTD-2914, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=-347355768; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Expires
-1
Pragma
no-cache
Date
Wed, 28 Sep 2022 12:42:47 GMT
Cache-Control
no-cache
Strict-Transport-Security
max-age=-347355768; includeSubDomains
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://pmp.mxptint.net/sn.ashx?ak=1
date
Wed, 28 Sep 2022 12:42:48 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sync
sync-pm.ads.yieldmo.com/ Frame DF3E
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3789377830791269412
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?p=160648&pmc=1&pr=https%3A%2F%2Fsync-pm.ads.yieldmo.com%2Fsync%3Fpn_id%3Dpub%26id%3DEB0918BB-D98C-4931-AD49-EA7233D2A3DA
  • https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=EB0918BB-D98C-4931-AD49-EA7233D2A3DA
43 B
670 B
Image
General
Full URL
https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=EB0918BB-D98C-4931-AD49-EA7233D2A3DA
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D63344146bfc14%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D0%26gdpr_consent%3D
Protocol
H2
Server
107.20.145.50 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-20-145-50.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 28 Sep 2022 12:42:48 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

location
https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=EB0918BB-D98C-4931-AD49-EA7233D2A3DA
date
Wed, 28 Sep 2022 12:42:46 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
rtset
bh.contextweb.com/bh/ Frame ED19
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=Zm1TNkM5NXo3ZU9aZ1lOSk1vSWZ5UQ&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEFyOQA-25r7C6-Hltlcou2w&google_cver=1
49 B
651 B
Image
General
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEFyOQA-25r7C6-Hltlcou2w&google_cver=1
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Protocol
H2
Server
198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-CA
content-type
image/gif;charset=iso-8859-1
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-5d5cf8576-2zvw4
expires
-1

Redirect headers

pragma
no-cache
date
Wed, 28 Sep 2022 12:42:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEFyOQA-25r7C6-Hltlcou2w&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
335
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame ED19
Redirect Chain
  • https://pulsepoint-match.dotomi.com/match/bounce/current?networkId=14200&version=1&nuid=
  • https://pulsepoint-match.dotomi.com/match/bounce/current?DotomiTest=67382084d44113eb&is_secure=true&networkId=14200&version=1&nuid=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAFzzCW3jIT9wNddXKFAAAAAAA&expiration=1664455367&nuid=&is_secure=true
49 B
679 B
Image
General
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAFzzCW3jIT9wNddXKFAAAAAAA&expiration=1664455367&nuid=&is_secure=true
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Protocol
H2
Server
198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-CA
content-type
image/gif;charset=iso-8859-1
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-5d5cf8576-2zvw4
expires
-1

Redirect headers

pragma
no-cache
date
Wed, 28 Sep 2022 12:42:47 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAFzzCW3jIT9wNddXKFAAAAAAA&expiration=1664455367&nuid=&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
ecm3
s.amazon-adsystem.com/ Frame ED19
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?id=baF4ihTqssbd&ex=Pulsepoint
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Sep 2022 12:42:47 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
8PGHKQX2S5072S7TAYNQ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame DB50
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=ym.com&id=g50f94bcb720d67ad24b
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Sep 2022 12:42:47 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
KANFP9T5YYBMPGK5219F
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame DB50
170 B
243 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_hm=Zzk3MDc5ZTkzNjg3MDQyZDE2ZDg=
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 12:42:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
ads.yieldmo.com/v000/ Frame DB50
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=yieldmo
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=yieldmo
  • https://ads.yieldmo.com/v000/sync?pn_id=mf&userid=dc98ff85-97e2-46db-b230-9da195bc858e&gdpr=&gdpr_pd=&gdpr_consent=
43 B
336 B
Image
General
Full URL
https://ads.yieldmo.com/v000/sync?pn_id=mf&userid=dc98ff85-97e2-46db-b230-9da195bc858e&gdpr=&gdpr_pd=&gdpr_consent=
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
34.227.236.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-236-203.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 28 Sep 2022 12:42:47 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

location
//ads.yieldmo.com/v000/sync?pn_id=mf&userid=dc98ff85-97e2-46db-b230-9da195bc858e&gdpr=&gdpr_pd=&gdpr_consent=
date
Wed, 28 Sep 2022 12:42:47 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
ImgSync
image8.pubmatic.com/AdServer/ Frame DB50
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160648&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.yieldmo.com%252Fsync%...
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3672728183819967796
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
127 B
Image
General
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
8.28.7.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 12:42:48 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date
Wed, 28 Sep 2022 12:42:48 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sync
ads.yieldmo.com/ Frame DB50
Redirect Chain
  • https://yieldmo-match.dotomi.com/match/bounce/current?networkId=42851&version=1
  • https://yieldmo-match.dotomi.com/match/bounce/current?DotomiTest=7bb1869a0d1204f4&is_secure=true&networkId=42851&version=1
  • https://ads.yieldmo.com/sync?pn_id=eps&id=AAAH1eLQ2jKKgQNyqV12AAAAAAA&expiration=1664455367&is_secure=true
43 B
551 B
Image
General
Full URL
https://ads.yieldmo.com/sync?pn_id=eps&id=AAAH1eLQ2jKKgQNyqV12AAAAAAA&expiration=1664455367&is_secure=true
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
34.227.236.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-236-203.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 28 Sep 2022 12:42:48 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

pragma
no-cache
date
Wed, 28 Sep 2022 12:42:47 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://ads.yieldmo.com/sync?pn_id=eps&id=AAAH1eLQ2jKKgQNyqV12AAAAAAA&expiration=1664455367&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
sync
ads.yieldmo.com/ Frame DB50
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=yieldmo
  • https://ads.yieldmo.com/sync?pn_id=rc&id=L8LMB5ZU-Q-6LA8
43 B
322 B
Image
General
Full URL
https://ads.yieldmo.com/sync?pn_id=rc&id=L8LMB5ZU-Q-6LA8
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
34.227.236.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-236-203.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 28 Sep 2022 12:42:47 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ads.yieldmo.com/sync?pn_id=rc&id=L8LMB5ZU-Q-6LA8
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b3266a43228eaeab48f59934ee9159da
Expires
0
c
c.pub.network/
36 B
53 B
XHR
General
Full URL
https://c.pub.network/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.messaging.2.33.1.151f798ea80a87430a17d382215f149c28c263b9.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.71.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
192.71.201.35.bc.googleusercontent.com
Software
/
Resource Hash
b710ede2187af6ec0c482dfea4c5330cf150b2d5b8583b8356288eded3e32a32

Request headers

Referer
https://omg.blog/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 28 Sep 2022 12:42:47 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://omg.blog
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
ecm3
s.amazon-adsystem.com/ Frame A230
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=L8LMB5ZU-Q-6LA8
  • https://s.amazon-adsystem.com/ecm3?id=L8LMB5ZU-Q-6LA8&ex=d-rubiconproject.com&status=ok
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?id=L8LMB5ZU-Q-6LA8&ex=d-rubiconproject.com&status=ok
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Sep 2022 12:42:47 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
9VJZXACFCJE30Q4HP7BF
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=L8LMB5ZU-Q-6LA8&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6734403d2cb3625dc1fef1bbd4a17cf3
Expires
0
truncated
/ Frame F21D
209 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ccebe87d60c5df5f748edd3e69b30e22d1cd360c4141c5a1e7e791f0c3268a37

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame F21D
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuRQCxMIKX0JuiQk8M5ECo_Wr8dh8XL5Fueak7CggN5o6LZdZK2alRlkrCyWXx7PIsmkYKmAusbBUWQafjun4cu9VS9Q6TIQa9nsFKL_dFWEudJM7hZ-weWoh7edhItzwapYh5yHaD-9S59myrYlzA6MHQL41iwxGvJOR-gtuX1mRlUN5fdFrr9qLzBK2b0bVDrH1ja9G7bC1AOmBcpr-us3U6a2bHfZ_inRcxkffnnCBrWpjfyuQE4eV1DibgPxHMb1WcvlDgV1GWCzFZGGdslwjl5FH3mRq-iHj2Wnjut0KX9zexHx1Jvl_z3cTGz&sai=AMfl-YRTsWJpa9ju5kRbHcyewfJ9OuheTr0wqsPab_YXCupGJvSQVhU7Vfym_jUv4rBNR1nITk9UqhJs-sgTEh9iLCjIIsxCiCJnhmh9IWLocuILC6Sje6BLeHEHH_JGU7nWPl-N&sig=Cg0ArKJSzGb6Wq6e54WHEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 12:42:47 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 28 Sep 2022 12:42:47 GMT
ecm3
s.amazon-adsystem.com/ Frame A230
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Ll9or36MTUSGFyXhfOziUw&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Ll9or36MTUSGFyXhfOziUw
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Ll9or36MTUSGFyXhfOziUw
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Sep 2022 12:42:48 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
AKNGW6JS5324X7FQBC3K
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Ll9or36MTUSGFyXhfOziUw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f69a50991384d09413b97a37bb74928b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame A230
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MjIwNTEzN2IxZmNkYmVhMWQ3ZmFkMDY1MGRkM2QxYWE4ZmI3ZGUzZg
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MjIwNTEzN2IxZmNkYmVhMWQ3ZmFkMDY1MGRkM2QxYWE4ZmI3ZGUzZg
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H3
Server
142.250.80.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 12:42:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MjIwNTEzN2IxZmNkYmVhMWQ3ZmFkMDY1MGRkM2QxYWE4ZmI3ZGUzZg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
d5a7ef20801cf5cb1ee516b6110e672f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame A230
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJTTs483MLfg70YeXejoiPA&google_cver=1
42 B
690 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJTTs483MLfg70YeXejoiPA&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
9a0c641c0479142b55591fdf2031b15f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Wed, 28 Sep 2022 12:42:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJTTs483MLfg70YeXejoiPA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
px.ads.linkedin.com/ Frame A230
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L8LMB5ZU-Q-6LA8
0
571 B
Image
General
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L8LMB5ZU-Q-6LA8
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 12:42:47 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 0215C2024F1248F6AB5845565874B178 Ref B: YTO01EDGE0421 Ref C: 2022-09-28T12:42:48Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXpvBkd90gdR0EY51HUnw==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L8LMB5ZU-Q-6LA8
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
382e2818ca015d35b02cd449aa60881d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
dcm
aax-eu.amazon-adsystem.com/s/ Frame A230
43 B
855 B
Image
General
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.223.37 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Sep 2022 12:42:48 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
Y82QDXVVZC0MS70QZMZJ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame A230
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=dee4a90a-7826-4daf-a6d8-996f99f94684&gdpr=0&gdpr_consent=&expires=30
42 B
690 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=dee4a90a-7826-4daf-a6d8-996f99f94684&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
29af2665c43893332e84c235bac366c1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Wed, 28 Sep 2022 12:42:47 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=dee4a90a-7826-4daf-a6d8-996f99f94684&gdpr=0&gdpr_consent=&expires=30
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
289
pixel
cm.g.doubleclick.net/ Frame A230
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhMTUI1WlUtUS02TEE4
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhMTUI1WlUtUS02TEE4
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H3
Server
142.250.80.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 12:42:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhMTUI1WlUtUS02TEE4
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
29af2665c43893332e84c235bac366c1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame A230
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us
  • https://s.amazon-adsystem.com/ecm3?id=L8LMB5ZU-Q-6LA8&ex=d-rubiconproject.com&status=ok
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?id=L8LMB5ZU-Q-6LA8&ex=d-rubiconproject.com&status=ok
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Sep 2022 12:42:47 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
W7SYQE814MC4D98E14YY
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=L8LMB5ZU-Q-6LA8&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
19c1ac3b9706c83a73951eba4d239689
Expires
0
vid63342716da92f227783171.jpg
video.primis.tech/uploads/cn18/video/users/converted/28530/video_5d5b9eefa3fc7205450607/
20 KB
21 KB
Image
General
Full URL
https://video.primis.tech/uploads/cn18/video/users/converted/28530/video_5d5b9eefa3fc7205450607/vid63342716da92f227783171.jpg?cbuster=1664362268
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-129.phl50.r.cloudfront.net
Software
nginx /
Resource Hash
7854e432a9fde0078779f6c85806a3d9b586043dc65ea5c9a072dd0c54b962da

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 12:38:54 GMT
via
1.1 fe2c65104051140806cad998f531e478.cloudfront.net (CloudFront), 1.1 29c5489c5e1405c3b5e0ac847cbfad6e.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C2, PHL50-C1
age
232
x-cache
Hit from cloudfront
content-length
20863
last-modified
Wed, 28 Sep 2022 10:51:19 GMT
server
nginx
etag
"91a59730ff6f9ff59cdba0e9970f0afc"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
o_hdgE4jmkKdXwXetRr0GZtrLZpGHL1rIEz3g6tGbd9jMSCH2lpk7g==
expires
Thu, 29 Sep 2022 12:38:54 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 31AD
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://omg.blog/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
30898
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 28 Sep 2022 04:07:49 GMT
expires
Thu, 28 Sep 2023 04:07:49 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame EBA0
783 B
534 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2004 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
0360a0429737bafbdbade69759c1042e5d1e08e1ead3e17ae5c14a9c50b43c39
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-v2gRtihI6eWqnN060YsN0w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://omg.blog/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-v2gRtihI6eWqnN060YsN0w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 28 Sep 2022 12:42:47 GMT
expires
Wed, 28 Sep 2022 12:42:47 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
setuid
s2s.t13.io/
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/1508?redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadbe%26uid%3D%24%7BTM_USER_ID%7D%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26us_privacy%3D
  • https://s2s.t13.io/setuid?bidder=adbe&uid=YzRBRwAABKv4aQAK&gdpr=&gdpr_consent=&f=i&us_privacy=
86 B
117 B
Image
General
Full URL
https://s2s.t13.io/setuid?bidder=adbe&uid=YzRBRwAABKv4aQAK&gdpr=&gdpr_consent=&f=i&us_privacy=
Protocol
H3
Server
34.107.140.113 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 12:42:48 GMT
content-encoding
gzip
via
1.1 google
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0

Redirect headers

x-served-by
cache-yul12831-YUL
pragma
no-cache
date
Wed, 28 Sep 2022 12:42:47 GMT
via
1.1 varnish
server
Varnish
x-timer
S1664368968.986096,VS0,VE0
x-cache
HIT
location
https://s2s.t13.io/setuid?bidder=adbe&uid=YzRBRwAABKv4aQAK&gdpr=&gdpr_consent=&f=i&us_privacy=
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
sodar
pagead2.googlesyndication.com/pagead/ Frame EBA0
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022092201&jk=2360150523016300&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
pagead2.googlesyndication.com/bg/ Frame 31AD
36 KB
16 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7f7e94e4b2ce4850a5fd141c45be20cf976db7c651dc580e4c8ecb3570124319
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 01:36:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
212781
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16009
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 26 Sep 2023 01:36:27 GMT
publishertag.prebid.117.js
static.criteo.net/js/ld/
87 KB
28 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-6.19.13.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 12:42:48 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 29 Sep 2022 12:42:48 GMT
syncframe
gum.criteo.com/ Frame FDC2
15 KB
6 KB
Document
General
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=omg.blog
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
b043a79fc3e5aa25fc53b624db4dfc612198a4e62e43780296ab07dafb6f8f83
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://omg.blog/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 28 Sep 2022 12:42:47 GMT
server
Kestrel
server-processing-duration-in-ticks
1052796
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/
88 KB
29 KB
XHR
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 12:42:48 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Sat, 17 Sep 2022 19:59:55 GMT
server
nginx
etag
W/"6326273b-16120"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 29 Sep 2022 12:42:48 GMT
setuid
s2s.t13.io/
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=189517&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid%3D
  • https://s2s.t13.io/setuid?bidder=ix&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=YzRBR.N0Fdi2CjE8Ei5dxQAA%26463
86 B
115 B
Image
General
Full URL
https://s2s.t13.io/setuid?bidder=ix&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=YzRBR.N0Fdi2CjE8Ei5dxQAA%26463
Protocol
H3
Server
34.107.140.113 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 12:42:48 GMT
content-encoding
gzip
via
1.1 google
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0

Redirect headers

pragma
no-cache
date
Wed, 28 Sep 2022 12:42:48 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BgDvgbEJKMxmY2vzpTEbpyksqQCy%2F1920O0d2n8iVmzRmK8Ukach1SOqGoXgD%2Fwq3oMAyqVzQwNjROuSLB%2Bld7o3H7AsoJzC0whqwagKRKD8ujpVHZl3%2F5AYdRHTKoggSwVpiGMl"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://s2s.t13.io/setuid?bidder=ix&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=YzRBR.N0Fdi2CjE8Ei5dxQAA%26463
cache-control
no-cache
cf-ray
751c8fa37e8c53f5-YYZ
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
generate_204
tpc.googlesyndication.com/ Frame 31AD
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?haLzsg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 12:42:48 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sid
mug.criteo.com/ Frame FDC2
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=omg.blog&sn=ChromeSyncframe&so=0&topUrl=omg.blog&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=utukgXxzR1NCb3dvMFV6cVRxaklUeUpLT1B1ZG9Bd2xHM05QVm0rdmRyUExncjBQS1RXTWFXbVpKSzZXWUd2NHFkNndoQTg5Y1Izb0ZCWC95RUorWnRQSi8zMHE0UEkxQVBDNlgwTUsrRFNkWGhvbTcwRjJpMzFtOWljNW...
423 B
651 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=utukgXxzR1NCb3dvMFV6cVRxaklUeUpLT1B1ZG9Bd2xHM05QVm0rdmRyUExncjBQS1RXTWFXbVpKSzZXWUd2NHFkNndoQTg5Y1Izb0ZCWC95RUorWnRQSi8zMHE0UEkxQVBDNlgwTUsrRFNkWGhvbTcwRjJpMzFtOWljNWZoVEtnOEJmQk8wMnhLVGZlbVdjbFowbUlZdzVsdnBNQURIZ1A5SGFuS1NxcS84d3Q0NnVteXh3ckE0bDcyVmEyaDQyZ0J2ZUV6VmhRbFgxNXM2RXRwaHFvcnMxNUIrZUFENWFQaEkzK0ZCOXZ4bXExVVVEclU2VEV2bkRRNHZzWDhyN2ZFNEUrK3crYWJnc3ZGd3ZpaXUvekV0alFzZz09fA&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4bd0f6acb7e1fe07b6639adb4971810f767973fcb4c0d1d19f56d5601c071d7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 12:42:47 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2477592
expires
0

Redirect headers

pragma
no-cache
date
Wed, 28 Sep 2022 12:42:47 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=utukgXxzR1NCb3dvMFV6cVRxaklUeUpLT1B1ZG9Bd2xHM05QVm0rdmRyUExncjBQS1RXTWFXbVpKSzZXWUd2NHFkNndoQTg5Y1Izb0ZCWC95RUorWnRQSi8zMHE0UEkxQVBDNlgwTUsrRFNkWGhvbTcwRjJpMzFtOWljNWZoVEtnOEJmQk8wMnhLVGZlbVdjbFowbUlZdzVsdnBNQURIZ1A5SGFuS1NxcS84d3Q0NnVteXh3ckE0bDcyVmEyaDQyZ0J2ZUV6VmhRbFgxNXM2RXRwaHFvcnMxNUIrZUFENWFQaEkzK0ZCOXZ4bXExVVVEclU2VEV2bkRRNHZzWDhyN2ZFNEUrK3crYWJnc3ZGd3ZpaXUvekV0alFzZz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
274572
content-length
0
expires
0
setuid
s2s.t13.io/
Redirect Chain
  • https://ads.yieldmo.com/pbsync?gdpr=&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dyieldmo%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid%3D%24UID
  • https://s2s.t13.io/setuid?bidder=yieldmo&f=i&uid=g50f94bcb720d67ad24b&gdpr=&gdpr_consent=&us_privacy=
86 B
117 B
Image
General
Full URL
https://s2s.t13.io/setuid?bidder=yieldmo&f=i&uid=g50f94bcb720d67ad24b&gdpr=&gdpr_consent=&us_privacy=
Protocol
H3
Server
34.107.140.113 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 12:42:48 GMT
content-encoding
gzip
via
1.1 google
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0

Redirect headers

pragma
no-cache
date
Wed, 28 Sep 2022 12:42:48 GMT
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://s2s.t13.io/setuid?bidder=yieldmo&f=i&uid=g50f94bcb720d67ad24b&gdpr=&gdpr_consent=&us_privacy=
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame FA4C
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.161.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-161-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://omg.blog/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=110191
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Wed, 28 Sep 2022 12:42:48 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Thu, 29 Sep 2022 19:19:19 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
c
c.pub.network/
36 B
53 B
XHR
General
Full URL
https://c.pub.network/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.messaging.2.33.1.151f798ea80a87430a17d382215f149c28c263b9.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.71.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
192.71.201.35.bc.googleusercontent.com
Software
/
Resource Hash
b710ede2187af6ec0c482dfea4c5330cf150b2d5b8583b8356288eded3e32a32

Request headers

Referer
https://omg.blog/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 28 Sep 2022 12:42:48 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://omg.blog
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022092201&jk=2360150523016300&bg=!LC-lL2vNAAYIxsuQKMY7ACkAdvg8Wtsqu9ps5AzuTpYOZyeeB9UTVqw7i3qmd6MaQzOVZJRPJwbnOwIAAACDUgAAAANoAQcKAAEPmQKcvz9tBUx6W6WoXAKM-l79NZkvvFxAhIxnklJ5VVhY5LC0EeJCrMUIh4ReT1bSYr_KKIs5EXQSZZ_S2EFeh2pkeHiCt9pnND0ifSMza6L1Klvutw9P7799yXXy47QdA-0pxF1EPyr9gGkkxrxfPhxlJTOEzSVaYdvMdxkomp7fnGGwoipyng0G72W6Mvphijf9OZwkiYpDjevrD2J_B_KzrP73ltq9ezEnAPUpxYey9WqgaLLBo1yDJwIjNJV5pfpxdpCYElRjLm9wYfstqk8RDan7C2udoP5c-sRcFXXKq25rMcl-xl9UF7gtKfPkoljr1OaowNTAVTS5-wmVPZmcw_Jocu-h84C9CPIYX0KLVJ9NhWWGqfSrQtG1gwDLTlS3pDSvWVT2683cxuggd_mQ0Q_OlC3mfe3qP5NWBZBHRuKYPfYuLvkc-hF-ieL06SOqalzZmSsuKf0Rhj7rz0I6MXPVukN4CZIU4GaJp7Qt0ruVsmBmnd17KJmRSEzCTEPYeyRwXIh1rS70RhcJTwgOIbcRzwTx4AzL4sNtvzp3jgROS-mQlZF3tl1cT7G2ofB7aUne94cMD1TkxK-xe-3OG2js3MT2kdv_ha5m4Wvy5f4NEQn8PG-jLUKFXS7WbuTxh4d-3b6tv7vwAPrykTf-KpeY6QRJgXYWH-m4E_mMgkfKj2CNrFtK2HWy1qOSM61LhRASB5_jC_upjUHyO29Zc5-XugcmuNhPSsfI2L_6g5D2L2g7j2rX5cqqDmd0nSQm3cFQWkkLxNt5J4V8YN-exo8TSBuLc9Id0NNs_6lTLeBtPLqXLWqVvCEs9BauMA5loU4uGFadAym450RRRefW3Bg7x44MRnNA7MHY2Cy8yGVaxnmDsvYP-6FOk-E
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

activeview
pagead2.googlesyndication.com/pcs/ Frame F21D
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvQoWLdmAuMNT36mvDm2Ap79qzHeNtad7X6kt_QCbJoB4E0_FqCXZnAb2Iti6FnEMZvF6EFsiU0B6yHzZvLMRfRNGBOYfQLcWnDGSA6a8ZgOakNy0xN&sig=Cg0ArKJSzFzalif4TZGREAE&id=lidar2&mcvt=1000&p=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220926&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=85219409&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1664368967506&rpt=276&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 12:42:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame DF3E
0
128 B
Script
General
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=159196&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D63344146bfc14%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D0%26gdpr_consent%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 12:42:49 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
json
gum.criteo.com/sid/ Frame
0
0
Preflight
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fomg.blog%2F&domain=omg.blog&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://omg.blog
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://omg.blog
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Wed, 28 Sep 2022 12:42:49 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
274354
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fomg.blog%2F&domain=omg.blog&cw=1&pbt=1&lsw=1
  • https://mug.criteo.com/sid?cpp=Tk3OqHw5Q3EyWUhsbXprcEhLM1VSZHNkeXEwRnBtZVVJaDltU2J0bHpmVlh3dXlUSE9uRjV5Vk9UVkw3UGovbUJTRFJBcGxzV1N5UmpWOTRZNGFzalZIVzVuZlhYR3BScHIySW1udzlPZnVRdFJweWNFODlEeUloeEgxYW...
418 B
695 B
XHR
General
Full URL
https://mug.criteo.com/sid?cpp=Tk3OqHw5Q3EyWUhsbXprcEhLM1VSZHNkeXEwRnBtZVVJaDltU2J0bHpmVlh3dXlUSE9uRjV5Vk9UVkw3UGovbUJTRFJBcGxzV1N5UmpWOTRZNGFzalZIVzVuZlhYR3BScHIySW1udzlPZnVRdFJweWNFODlEeUloeEgxYW5mR3dpcEdkQkkwOC9hbEhhYkdYQzgzd09VeG8xNFNMYlR3RjlFK0FnbmZKOG52NjgvWWVDcWhTT3JoYWJsNVJLQ1RZV1E1STBQTTJYK2ZIaktWKzJjYlpyNURZWTJNanM2RU54MU53SVJyS1piWVVTNUVMTkVCUDRuUFlCMDcxdXYyeDdVNCtQTjNqRi9KOURwa2RJWmpPK1RYSVY1Zz09fA&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
6c696018490a4d6ff6934ca2e49209ce050549cb19d4b361e395aabe1461bafc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 12:42:49 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2022981
expires
0

Redirect headers

pragma
no-cache
date
Wed, 28 Sep 2022 12:42:50 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
location
https://mug.criteo.com/sid?cpp=Tk3OqHw5Q3EyWUhsbXprcEhLM1VSZHNkeXEwRnBtZVVJaDltU2J0bHpmVlh3dXlUSE9uRjV5Vk9UVkw3UGovbUJTRFJBcGxzV1N5UmpWOTRZNGFzalZIVzVuZlhYR3BScHIySW1udzlPZnVRdFJweWNFODlEeUloeEgxYW5mR3dpcEdkQkkwOC9hbEhhYkdYQzgzd09VeG8xNFNMYlR3RjlFK0FnbmZKOG52NjgvWWVDcWhTT3JoYWJsNVJLQ1RZV1E1STBQTTJYK2ZIaktWKzJjYlpyNURZWTJNanM2RU54MU53SVJyS1piWVVTNUVMTkVCUDRuUFlCMDcxdXYyeDdVNCtQTjNqRi9KOURwa2RJWmpPK1RYSVY1Zz09fA&cppv=2
access-control-allow-origin
https://omg.blog
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
290765
content-length
0
expires
0
envelope
api.rlcdn.com/api/identity/
0
0

rid
match.adsrvr.org/track/
108 B
712 B
XHR
General
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=6bjin1p&fmt=json
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-6.19.13.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8a078a48a99512e6c1ab28d4be944de0c7fa5b536290256fa095d6d7fa9290eb

Request headers

Referer
https://omg.blog/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 28 Sep 2022 12:42:50 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://omg.blog
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Fri, 28 Oct 2022 12:42:50 GMT
usync.html
eus.rubiconproject.com/ Frame FEB9
281 B
573 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-6.19.13.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.1.200.83 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-1-200-83.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://omg.blog/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 28 Sep 2022 12:42:50 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Unused62
8096267
Vary
Accept-Encoding
sync
eb2.3lift.com/ Frame 2E2A
1 KB
1 KB
Document
General
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-6.19.13.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
c6cca58c8f515c7e50b64e8b5239910d8971d670aa08b6324aafdc081deb54ca

Request headers

Referer
https://omg.blog/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
460
content-type
text/html; charset=utf-8
date
Wed, 28 Sep 2022 12:42:50 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
ixmatch.html
js-sec.indexww.com/um/ Frame 1215
3 KB
2 KB
Document
General
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-6.19.13.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://omg.blog/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1387
Content-Type
text/html; charset=UTF-8
Date
Wed, 28 Sep 2022 12:42:50 GMT
ETag
"e20015-b68-5e4a60c97afb7"
Last-Modified
Mon, 25 Jul 2022 19:18:30 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6931
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-6.19.13.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.161.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-161-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://omg.blog/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=110189
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Wed, 28 Sep 2022 12:42:50 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Thu, 29 Sep 2022 19:19:19 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
check.html
biddr.brealtime.com/ Frame 75E9
926 B
1 KB
Document
General
Full URL
https://biddr.brealtime.com/check.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-6.19.13.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.120.107 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Referer
https://omg.blog/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Age
5716
CF-Cache-Status
HIT
CF-RAY
751c8faf8a8eeff1-EWR
Cache-Control
public, max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Wed, 28 Sep 2022 12:42:50 GMT
Expires
Wed, 28 Sep 2022 13:42:50 GMT
Last-Modified
Tue, 08 Sep 2020 13:51:51 GMT
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
x-amz-id-2
tpmTauKN4k5llKX9H0qzLIzHqKHbq5IvhzK6Dafb1cyQF67hUZLebHHeFpFOlwlump9ug3N+3MM=
x-amz-request-id
XV253H62FKWE8DKM
async_usersync.html
acdn.adnxs.com/dmp/ Frame E877
52 KB
17 KB
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-6.19.13.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.160.130 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-160-130.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://omg.blog/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 28 Sep 2022 12:42:50 GMT
ETag
"623de86a-cf34"
Expires
Thu, 29 Sep 2022 12:42:52 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://id5-sync.com/s/441/9.gif?puid=u_aedd22df-436d-4c7b-85c3-6a7485397977&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/441/2/8/2.gif?puid=$UID&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/441/2/8/2.gif?puid=3672728183819967796&gdpr=0&gdpr_consent=
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-ZHMOapxn1QF9gThSrEx8U-ZaCCidJkGgMrs621BeOQ&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F3%2F7%2F3.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26g...
  • https://id5-sync.com/c/441/3/7/3.gif?puid=d73b6334-4147-4100-a5ec-96e71a094ff2&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=dee4a90a-7826-4daf-a6d8-996f99f94684&ttl=%%TTL%%
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F429%2F5%2F5.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://id5-sync.com/c/441/429/5/5.gif?puid=EB0918BB-D98C-4931-AD49-EA7233D2A3DA&gdpr=0&gdpr_consent=
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F434%2F4%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent=
  • https://id5-sync.com/c/441/434/4/6.gif?puid=309247b1-f447-48b9-85b8-d074b5e81674&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F108%2F3%2F7.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_con...
  • https://id5-sync.com/c/441/108/3/7.gif?puid=5c0fbc42-26a5-4a7e-82c4-c0b888aa62b0&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F112%2F2%2F8.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/441/112/2/8.gif?puid=4709BA07D6CB552F&gdpr=0&gdpr_consent=
  • https://rtd-tm.everesttech.net/upi/pid/dm4ha19W?redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F136%2F1%2F9.gif%3Fpuid%3D%24%7BTM_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/441/136/1/9.gif?puid=YzRBRwAABKv4aQAK&gdpr=0&gdpr_consent=
  • https://sync.go.sonobi.com/us.gif?nw=i5mm&nuid=d73b6334-4147-4100-a5ec-96e71a094ff2&gdpr=0&consent=&id5id=ID5-ZHMOapxn1QF9gThSrEx8U-ZaCCidJkGgMrs621BeOQ
49 B
955 B
Image
General
Full URL
https://sync.go.sonobi.com/us.gif?nw=i5mm&nuid=d73b6334-4147-4100-a5ec-96e71a094ff2&gdpr=0&consent=&id5id=ID5-ZHMOapxn1QF9gThSrEx8U-ZaCCidJkGgMrs621BeOQ
Protocol
HTTP/1.1
Server
69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Sep 2022 12:42:51 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-70
Content-Type
image/gif
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=i5mm&nuid=d73b6334-4147-4100-a5ec-96e71a094ff2&gdpr=0&consent=&id5id=ID5-ZHMOapxn1QF9gThSrEx8U-ZaCCidJkGgMrs621BeOQ
date
Wed, 28 Sep 2022 12:42:50 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://id5-sync.com/s/441/9.gif?puid=u_8a155a22-d61b-4484-8b42-e05ec02c5315&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/441/2/8/2.gif?puid=$UID&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/441/2/8/2.gif?puid=3672728183819967796&gdpr=0&gdpr_consent=
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-ZHMOapxn1QF9gThSrEx8U-ZaCCidJkGgMrs621BeOQ&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F3%2F7%2F3.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26g...
  • https://id5-sync.com/c/441/3/7/3.gif?puid=d73b6334-4147-4100-a5ec-96e71a094ff2&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=dee4a90a-7826-4daf-a6d8-996f99f94684&ttl=%%TTL%%
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F429%2F5%2F5.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://id5-sync.com/c/441/429/5/5.gif?puid=EB0918BB-D98C-4931-AD49-EA7233D2A3DA&gdpr=0&gdpr_consent=
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F434%2F4%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent=
  • https://id5-sync.com/c/441/434/4/6.gif?puid=79ba752f-58e3-4000-b67d-b0ea3170af15&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F108%2F3%2F7.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_con...
  • https://id5-sync.com/c/441/108/3/7.gif?puid=5c0fbc42-26a5-4a7e-82c4-c0b888aa62b0&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F112%2F2%2F8.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/441/112/2/8.gif?puid=4709BA07D6CB552F&gdpr=0&gdpr_consent=
  • https://rtd-tm.everesttech.net/upi/pid/dm4ha19W?redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F136%2F1%2F9.gif%3Fpuid%3D%24%7BTM_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/441/136/1/9.gif?puid=YzRBRwAABKv4aQAK&gdpr=0&gdpr_consent=
  • https://sync.go.sonobi.com/us.gif?nw=i5mm&nuid=d73b6334-4147-4100-a5ec-96e71a094ff2&gdpr=0&consent=&id5id=ID5-ZHMOapxn1QF9gThSrEx8U-ZaCCidJkGgMrs621BeOQ
49 B
955 B
Image
General
Full URL
https://sync.go.sonobi.com/us.gif?nw=i5mm&nuid=d73b6334-4147-4100-a5ec-96e71a094ff2&gdpr=0&consent=&id5id=ID5-ZHMOapxn1QF9gThSrEx8U-ZaCCidJkGgMrs621BeOQ
Protocol
HTTP/1.1
Server
69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://omg.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Sep 2022 12:42:51 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-70
Content-Type
image/gif
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=i5mm&nuid=d73b6334-4147-4100-a5ec-96e71a094ff2&gdpr=0&consent=&id5id=ID5-ZHMOapxn1QF9gThSrEx8U-ZaCCidJkGgMrs621BeOQ
date
Wed, 28 Sep 2022 12:42:50 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"
usync.js
eus.rubiconproject.com/ Frame FEB9
31 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.1.200.83 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-1-200-83.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
ef55b97b394f016fc1b7385ec2b1f3dfa95929292a8200379d9bcfdeffc22964

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 12:42:50 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Sep 2022 22:38:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=32643
Connection
keep-alive
Content-Length
9421
Expires
Wed, 28 Sep 2022 21:46:53 GMT
xuid
eb2.3lift.com/ Frame 2E2A
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=dee4a90a-7826-4daf-a6d8-996f99f94684&dongle=0cfd
37 B
354 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=dee4a90a-7826-4daf-a6d8-996f99f94684&dongle=0cfd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-type
image/gif
date
Wed, 28 Sep 2022 12:42:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Wed, 28 Sep 2022 12:42:50 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=dee4a90a-7826-4daf-a6d8-996f99f94684&dongle=0cfd
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
209
ebda
eb2.3lift.com/ Frame 2E2A
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDcxODg0Mjk5MTg0MDgxMzU2MTUxNA%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B
Image
General
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 12:42:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 28 Sep 2022 12:42:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 2E2A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEEMF2qEI5-fFnrCZt_lN_co&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEEMF2qEI5-fFnrCZt_lN_co&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-type
image/gif
date
Wed, 28 Sep 2022 12:42:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Wed, 28 Sep 2022 12:42:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEEMF2qEI5-fFnrCZt_lN_co&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2E2A
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDcxODg0Mjk5MTg0MDgxMzU2MTUxNA%3D%3D
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDcxODg0Mjk5MTg0MDgxMzU2MTUxNA%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H3
Server
142.250.80.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 12:42:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDcxODg0Mjk5MTg0MDgxMzU2MTUxNA%3D%3D
date
Wed, 28 Sep 2022 12:42:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
p.adsymptotic.com/d/px/ Frame 2E2A
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=4718842991840813561514&dbredirect=true&gdpr=0&consent=
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=4718842991840813561514&dbredirect=true&gdpr=0&consent=&cookiesTest=true
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=81ea6b90-24c8-4e3f-b4ab-9eccf8fcf332&_noobservation=1
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=81ea6b90-24c8-4e3f-b4ab-9eccf8fcf332&_noobservation=1&_expected_cookie=a8d1639...
43 B
141 B
Image
General
Full URL
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=81ea6b90-24c8-4e3f-b4ab-9eccf8fcf332&_noobservation=1&_expected_cookie=a8d1639f029a5049671338f5ca633a0c
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
104.18.101.194 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

p3p
CP='NON DSP COR CONi OUR BUS CNT'
date
Wed, 28 Sep 2022 12:42:50 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
751c8fb13e73ab3b-YYZ
content-length
43
content-type
image/gif

Redirect headers

location
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=81ea6b90-24c8-4e3f-b4ab-9eccf8fcf332&_noobservation=1&_expected_cookie=a8d1639f029a5049671338f5ca633a0c
date
Wed, 28 Sep 2022 12:42:50 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
751c8fb0ee12ab3b-YYZ
content-length
0
xuid
eb2.3lift.com/ Frame 2E2A
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=4718842991840813561514&gdpr=0&gdpr_consent=
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=triplelift&bsw_custom_parameter=c889e140-9c07-4ae9-92f9-0642e63aa07d
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=triplelift&bsw_custom_parameter=c889e140-9c07-4ae9-92f9-0642e63aa07d
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=7e30ea0e-192b-49d2-8c09-990b01999c78&ssp=triplelift&expires=30&user_group=5&bsw_param=c889e140-9c07-4ae9-92f9-0642e63aa07d
  • https://eb2.3lift.com/xuid?mid=2409&xuid=c889e140-9c07-4ae9-92f9-0642e63aa07d&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
37 B
354 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=c889e140-9c07-4ae9-92f9-0642e63aa07d&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-type
image/gif
date
Wed, 28 Sep 2022 12:42:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=c889e140-9c07-4ae9-92f9-0642e63aa07d&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Date
Wed, 28 Sep 2022 12:42:50 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
xuid
eb2.3lift.com/ Frame 2E2A
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/4718842991840813561514?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-gbtnvWhE2oS0ml8raE_FvHqRFs.CvArAz7TXoY.s9w--~A&dongle=0883
37 B
354 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-gbtnvWhE2oS0ml8raE_FvHqRFs.CvArAz7TXoY.s9w--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-type
image/gif
date
Wed, 28 Sep 2022 12:42:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Wed, 28 Sep 2022 12:42:50 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-gbtnvWhE2oS0ml8raE_FvHqRFs.CvArAz7TXoY.s9w--~A&dongle=0883
content-length
0
757c0557066e95cfd4c7
s.amazon-adsystem.com/x/ Frame 2E2A
0
0
Image
General
Full URL
https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=4718842991840813561514
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

c.gif
c.bing.com/ Frame 2E2A
42 B
666 B
Image
General
Full URL
https://c.bing.com/c.gif?xid=4718842991840813561514&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 12:42:50 GMT
last-modified
Tue, 13 Sep 2022 03:22:00 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 5691D75233BC446E8B7F951E89D3A775 Ref B: YTO01EDGE0819 Ref C: 2022-09-28T12:42:50Z
etag
"8766f3fc1fc7d81:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42
xuid
eb2.3lift.com/ Frame 2E2A
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=Wn4oBX0qAX71mtLoH5Lk&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLE...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5K5XDI32CLAYHC...
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=Wn4oBX0qAX71mtLoH5Lk
37 B
354 B
Image
General
Full URL
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=Wn4oBX0qAX71mtLoH5Lk
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-type
image/gif
date
Wed, 28 Sep 2022 12:42:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Wed, 28 Sep 2022 12:42:50 GMT
Content-Type
text/html; charset=utf-8
Location
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=Wn4oBX0qAX71mtLoH5Lk
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame A03A
1 KB
1 KB
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fomg.blog%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80c8204a81a325f5c1fe281d4952bf22e31e98e1d86209d4a3f4010b3a3b8fb3

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
751c8faf785da222-YYZ
content-encoding
br
content-type
text/html
date
Wed, 28 Sep 2022 12:42:50 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vDOeB5yVo15cbZyOJ7zOwWvfc8whboAqCSC88eMBd2TBthX1UJAy7bmO1M6rsNPYSqQeAWxUnhDJAHzY%2F9Bj%2F9et1SfuzBaqyIa1ScvAsccPaXe9RCKetRwLejEny%2BMB37SUwTsRHi9sAg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame 6931
2 KB
2 KB
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=47957816&p=156696&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
c43a014dfec24f152f9a4d0f8531a4cbfba9348013b532d8925c6a6ce5267836

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Wed, 28 Sep 2022 12:42:48 GMT
content-length
1952
content-type
text/html; charset=UTF-8
Pug
simage2.pubmatic.com/AdServer/ Frame E06E
Redirect Chain
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7176553702049903647&uid=Q717655370204990...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7176553702049903647
42 B
298 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7176553702049903647
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 28 Sep 2022 12:42:50 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
max-age=35543
Connection
keep-alive
Content-Length
154
Content-Type
text/html
Date
Wed, 28 Sep 2022 12:42:50 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7176553702049903647
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
Apache/2.4.6 (CentOS)
Vary
Accept-Encoding
X-Powered-By
PHP/7.3.33
Pug
image2.pubmatic.com/AdServer/ Frame B980
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=rpaobp32AJ2dBBtPSkE0Yw
42 B
305 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=rpaobp32AJ2dBBtPSkE0Yw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 27 Sep 2022 21:49:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-store
content-length
153
content-type
text/html; charset=utf-8
date
Wed, 28 Sep 2022 12:42:50 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=rpaobp32AJ2dBBtPSkE0Yw
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
nginx
pub
matching.truffle.bid/sync/ Frame 9592
0
0
Document
General
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.161.47.120 , Germany, ASN213230 (HETZNER-CLOUD2-AS, DE),
Reverse DNS
static.120.47.161.5.clients.your-server.de
Software
nginx/1.23.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
keep-alive
Date
Wed, 28 Sep 2022 12:42:50 GMT
Server
nginx/1.23.1
Strict-Transport-Security
max-age=15768000
cookiesync
core.iprom.net/ Frame 89F6
43 B
279 B
Document
General
Full URL
https://core.iprom.net/cookiesync
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Wed, 28 Sep 2022 12:42:50 GMT
Vary
Accept-Encoding
X-adserver-worker
ragnarok-1086cc4c6491@version_1.526
X-core-time
0ms
X-server-arch
v2
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame 61DC
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=741cffde-96da-41ff-b860-7999aa95a3ac-tucta2dc6ca&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
149 B
Document
General
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=741cffde-96da-41ff-b860-7999aa95a3ac-tucta2dc6ca&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
content-length
0
date
Wed, 28 Sep 2022 12:42:50 GMT
server
nginx
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-yul12831-YUL
x-timer
S1664368970.279658,VS0,VE12

Redirect headers

accept-ranges
bytes
content-length
0
date
Wed, 28 Sep 2022 12:42:50 GMT
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=741cffde-96da-41ff-b860-7999aa95a3ac-tucta2dc6ca&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
server
nginx
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-yul12833-YUL
x-timer
S1664368970.228703,VS0,VE12
x-vcl-time-ms
12
Pug
image2.pubmatic.com/AdServer/ Frame D736
Redirect Chain
  • https://mweb.ck.inmobi.com/sync/15?redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA%3D%3D%26piggybackCookie%3D%24DSP_CKID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=8581d625-9c3b-4747-9873-6365c14bea63
1 B
72 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=8581d625-9c3b-4747-9873-6365c14bea63
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Wed, 28 Sep 2022 12:42:50 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Wed, 28 Sep 2022 12:42:50 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=8581d625-9c3b-4747-9873-6365c14bea63
strict-transport-security
max-age=15724800; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 49AA
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:60A5D0A496404844AA3941651D548860
1 B
53 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:60A5D0A496404844AA3941651D548860
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Wed, 28 Sep 2022 12:42:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Wed, 28 Sep 2022 12:42:50 GMT
expires
Tue, 27 Sep 2022 12:42:50 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:60A5D0A496404844AA3941651D548860
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
epx
um.simpli.fi/ Frame C389
Redirect Chain
  • https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
  • https://um.simpli.fi/bnmlahttps%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D6%26uuid%3D%24UID
  • https://um.simpli.fi/epx
43 B
228 B
Document
General
Full URL
https://um.simpli.fi/epx
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.194.66.159 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
159.66.194.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
content-type
image/gif
date
Wed, 28 Sep 2022 12:42:50 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
pragma
no-cache

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Wed, 28 Sep 2022 12:42:50 GMT
expires
Tue, 27 Sep 2022 12:42:50 GMT
location
https://um.simpli.fi/epx
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
33141
tags.bluekai.com/site/ Frame 6931
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=EB0918BB-D98C-4931-AD49-EA7233D2A3DA
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=474dfa72cf78138a75dd415b88f1d349&gdpr=0
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=6da9908d946fc464/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD/tpid=6da9908d946fc464/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdp...
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=e50eaf7f1f3c3d9cc19c378b4946249d&gdpr=0
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
  • https://pixel.onaudience.com/?partner=147&mapped=dee4a90a-7826-4daf-a6d8-996f99f94684&icm&gdpr=0&gdpr_consent=&cver
  • https://cms.analytics.yahoo.com/cms?partner_id=DELI&gdpr=0
  • https://pixel.onaudience.com/?partner=252&mapped=y-TrTrojdE2pQsNoi2nOks1RbA.q1mDHR5hQ--~A&gdpr=0
  • https://pixel.onaudience.com/?partner=109&icm&cver&gdpr=0&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m
  • https://tags.bluekai.com/site/33141?&id=ac28a74eefe29e18
62 B
427 B
Image
General
Full URL
https://tags.bluekai.com/site/33141?&id=ac28a74eefe29e18
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Server
173.223.57.84 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-57-84.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Wed, 28 Sep 2022 12:42:51 GMT
content-length
62
content-type
image/gif

Redirect headers

location
https://tags.bluekai.com/site/33141?&id=ac28a74eefe29e18
content-length
0
Artemis
aud.pubmatic.com/AdServer/ Frame 6931
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=EB0918BB-D98C-4931-AD49-EA7233D2A3DA&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=EB0918BB-D98C-4931-AD49-EA7233D2A3DA&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=EB0918BB-D98C-4931-AD49-EA7233D2A3DA&addseg=10,33,39
0
0
Image
General
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=EB0918BB-D98C-4931-AD49-EA7233D2A3DA&addseg=10,33,39
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Server
162.248.18.10 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Redirect headers

date
Wed, 28 Sep 2022 12:42:50 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=EB0918BB-D98C-4931-AD49-EA7233D2A3DA&addseg=10,33,39
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141
info2
uipglob.semasio.net/pubmatic/1/ Frame 6931
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=EB0918BB-D98C-4931-AD49-EA7233D2A3DA&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=EB0918BB-D98C-4931-AD49-EA7233D2A3DA&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B
Image
General
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=EB0918BB-D98C-4931-AD49-EA7233D2A3DA&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
HTTP/1.1
Server
50.57.31.206 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Sep 2022 12:42:50 GMT
Frontend-ID
4
P3P
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Content-Type
image/gif
UIP-Response-Status
Ok
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Origin
*
Content-Length
42
Routing-Server-ID
-1
Expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 28 Sep 2022 12:42:50 GMT
Frontend-ID
7
P3P
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Location
/pubmatic/1/info2?sType=sync&sExtCookieId=EB0918BB-D98C-4931-AD49-EA7233D2A3DA&sInitiator=external&gdpr=0&gdpr_consent=
UIP-Response-Status
Ok
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Content-Length
0
Routing-Server-ID
-1
Expires
Sat, 01 Jan 2011 12:00:00 GMT
g.pixel
aa.agkn.com/adscores/ Frame 6931
43 B
658 B
Image
General
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212308278&puid=EB0918BB-D98C-4931-AD49-EA7233D2A3DA
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-26.phl50.r.cloudfront.net
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 12:42:50 GMT
via
1.1 18235244f92adbfef142c197cb3eac0c.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
PHL50-C1
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
43
x-amz-cf-id
fxZO-nPIejyVB8R7j_b47nLmOW1I_TBcSrBl-LTmfFD2ovovfZvxhw==
expires
0
sid
mug.criteo.com/ Frame
0
0
Preflight
General
Full URL
https://mug.criteo.com/sid?cpp=Tk3OqHw5Q3EyWUhsbXprcEhLM1VSZHNkeXEwRnBtZVVJaDltU2J0bHpmVlh3dXlUSE9uRjV5Vk9UVkw3UGovbUJTRFJBcGxzV1N5UmpWOTRZNGFzalZIVzVuZlhYR3BScHIySW1udzlPZnVRdFJweWNFODlEeUloeEgxYW5mR3dpcEdkQkkwOC9hbEhhYkdYQzgzd09VeG8xNFNMYlR3RjlFK0FnbmZKOG52NjgvWWVDcWhTT3JoYWJsNVJLQ1RZV1E1STBQTTJYK2ZIaktWKzJjYlpyNURZWTJNanM2RU54MU53SVJyS1piWVVTNUVMTkVCUDRuUFlCMDcxdXYyeDdVNCtQTjNqRi9KOURwa2RJWmpPK1RYSVY1Zz09fA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Wed, 28 Sep 2022 12:42:49 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
397250
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
crum
dsum-sec.casalemedia.com/ Frame A03A
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3672728183819967796
43 B
845 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3672728183819967796
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fomg.blog%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 12:42:50 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sUUKErih15y3liFc66GmKYNybwyoa0eAAu%2F%2B%2BFzDN%2Fhki8UV%2FCW24oJfUqcgRujeSC8h9bN9RgjL81N6hxcES6H9fHgZa00V8smLFUKxvPvicI0djR%2Bi6%2F2tY2evcRNOTsN6%2BK%2Fi8sQtkA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
751c8fb02f73a21a-YYZ
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Wed, 28 Sep 2022 12:42:50 GMT
AN-X-Request-Uuid
c1cf4647-5373-4940-9f2b-4208eac7a453
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3672728183819967796
Connection
keep-alive
X-Proxy-Origin
149.56.153.181; 149.56.153.181; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
YzRBR-N0Fdi2CjE8Ei5dxQAAAc8AAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame A03A
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YzRBR-N0Fdi2CjE8Ei5dxQAAAc8AAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/YzRBR-N0Fdi2CjE8Ei5dxQAAAc8AAAAB
43 B
603 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YzRBR-N0Fdi2CjE8Ei5dxQAAAc8AAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fomg.blog%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
2600:1f18:4e9:5a07:eb88:cc7a:3ac8:6e0f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 12:42:50 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/YzRBR-N0Fdi2CjE8Ei5dxQAAAc8AAAAB
date
Wed, 28 Sep 2022 12:42:50 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rum
dsum-sec.casalemedia.com/ Frame A03A
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2330777839504810061
43 B
841 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2330777839504810061
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fomg.blog%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 12:42:50 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z%2BIIvhJQBoLrXet7aJ8H4y2R3a7aMSDlWT1rFSoTv8DOdbSO8RYO8fjeOKRrMfXKHvGluoCkGJVZARWUGGBla3xavhCeH6j39EeqVYBIHg8ZVblPI%2BzXQPU2IlKkk6dsRXXPJXVNWSi4SQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
751c8fb05fa6a21a-YYZ
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2330777839504810061
pragma
no-cache
date
Wed, 28 Sep 2022 12:42:49 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame A03A
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAFQ707GaIMAAB826eu3Ow&expiration=1665578570
43 B
841 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAFQ707GaIMAAB826eu3Ow&expiration=1665578570
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fomg.blog%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 12:42:50 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vb6Ov050Pzk5pF8HWdYnHGyX%2B0UP6x2FX3kRnR235%2BhoME4mU2%2FiTP9UdqvZ66ErwejG2bx2d8xFvVn7RMyoQycbS8Ilg%2FmjUusK3hmyx2d8Hm0x7VgJJixRp91LdbclNkuqtLbJNG9QVg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
751c8fb03f95a21a-YYZ
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAFQ707GaIMAAB826eu3Ow&expiration=1665578570
Date
Wed, 28 Sep 2022 12:42:50 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
crum
dsum.casalemedia.com/ Frame A03A
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=b6e50425-c49a-0cb5-5d848496
43 B
867 B
Image
General
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=b6e50425-c49a-0cb5-5d848496
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fomg.blog%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 12:42:50 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QQOFQC0STXkuZosa0BaKLUO2VdkNw9sCF2H1rw6LXfu8AgsQsPXEWrdr4vka4lz1nZgtu3CAY2ERs1kVswbmQ7CHI07TVBQG0SD1d4ASVC%2B%2BkPUdJNvX4Edsc2X8nC1%2Bru0D8bgB"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
751c8fb0ecd25419-YYZ
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Wed, 28 Sep 2022 12:42:50 GMT
via
1.1 google
server
nginx/1.22.0
p3p
CP='This is not a P3P policy!'
access-control-allow-origin
*
location
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=b6e50425-c49a-0cb5-5d848496
content-type
text/html; charset=utf-8
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
119
CookieIndex
rtb.adentifi.com/ Frame A03A
0
34 B
Image
General
Full URL
https://rtb.adentifi.com/CookieIndex
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fomg.blog%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.213.85.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-213-85-80.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 12:42:50 GMT
crum
dsum-sec.casalemedia.com/ Frame A03A
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-132e3fe0-5e2a-429e-a121-8b8b41c82e3e
43 B
844 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-132e3fe0-5e2a-429e-a121-8b8b41c82e3e
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fomg.blog%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 12:42:50 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P7bea%2BVxjurVrJmkpQR%2BywT00DAKjjuWvdOYWLa%2BfOclD4T3fZrYr%2BTJ%2FdTLONe4h4yxfwVBRMcNE83BtL9fv72VuLGDBXLH7QYduv7uGYQnH9xYtuQ9QRTpEC4dj5ECsniPtj9xqkPgwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
751c8fb08feda21a-YYZ
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-132e3fe0-5e2a-429e-a121-8b8b41c82e3e
date
Wed, 28 Sep 2022 12:42:50 GMT
server
Apache-Coyote/1.1
content-length
0
crum
dsum-sec.casalemedia.com/ Frame A03A
Redirect Chain
  • https://sync.extend.tv/r.gif?exchange=index
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=4b70f043-a054-41c1-b1d2-4ebd9acf459e
43 B
843 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=4b70f043-a054-41c1-b1d2-4ebd9acf459e
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fomg.blog%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 12:42:50 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jytBGeABUFikvYzOAfczKh2YzvJs%2BKDFINNhtO48l%2Btjdr%2BsOoTYSD5%2Be15LW7MaKsqxTws%2Bddl5FRtScGB86qP7GV9wx5MNXlSnW3lp91x5%2FWxL22tuErs4rgsfzr3Gh9KrnIFtJg3v3A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
751c8fb0c846a21a-YYZ
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Wed, 28 Sep 2022 12:42:50 GMT
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=4b70f043-a054-41c1-b1d2-4ebd9acf459e
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
132
Expires
Tue, 29 May 1984 15:00:00 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame A03A
43 B
351 B
Image
General
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?YzRBR.N0Fdi2CjE8Ei5dxQAA%26463
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fomg.blog%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 12:42:50 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
65
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
751c8fb06c2b7145-YUL
content-length
43
expires
Wed, 28 Sep 2022 16:42:50 GMT
async_usersync
ib.adnxs.com/ Frame E877
0
745 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.181.211 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Sep 2022 12:42:50 GMT
AN-X-Request-Uuid
ad8b552e-9687-424c-8abe-bbc1c343c5b9
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
149.56.153.181; 149.56.153.181; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame CDD3
520 B
761 B
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=7812152&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
b5f8fdf76b2a536c2335ddda0ed75fd79569d163edc730886dd320c52e01a9be

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Wed, 28 Sep 2022 12:42:50 GMT
content-length
520
content-type
text/html; charset=UTF-8
ecm3
s.amazon-adsystem.com/ Frame D454
43 B
479 B
Document
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UIDEB0918BB-D98C-4931-AD49-EA7233D2A3DA
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 28 Sep 2022 12:42:50 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
1QEMQZE1JW999MA9BM9W
async_usersync
ib.adnxs.com/ Frame E877
0
745 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.181.211 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Sep 2022 12:42:51 GMT
AN-X-Request-Uuid
f1f68617-6fbb-43f3-b6eb-cd338a689f49
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
149.56.153.181; 149.56.153.181; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 6931
0
128 B
Script
General
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156696&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 12:42:51 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
s7.addthis.com
URL
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=1258

Verdicts & Comments Add Verdict or Comment

148 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| _wpemojiSettings function| admiral object| googletag object| dataLayer undefined| $ function| jQuery object| html5 object| Modernizr function| yepnope number| w3tc_lazyload object| lazyLoadOptions object| twemoji object| wp function| _toConsumableArray function| _nonIterableSpread function| _iterableToArray function| _arrayWithoutHoles function| _extends function| _typeof function| LazyLoad object| deployads object| adasync object| datalayer object| data function| 4dm1r11545242527 object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| _qevents object| PUBX object| _paq function| atwpjp string| _atd function| _euc function| _duc object| _atc string| _atr object| addthis string| addthis_pub function| emdot object| _ate object| _adr object| addthis_conf function| addthis_open function| addthis_close function| addthis_sendto object| gaplugins object| gaGlobal object| gaData object| Piwik object| Matomo object| AnalyticsTracker function| piwik_log function| onYouTubeIframeAPIReady function| quantserve function| __qc object| ezt object| _qoptions function| qtrack object| pubx_rail_grid_1 boolean| __@@##MUH object| partnerList object| regeneratorRuntime object| freestar object| addthis_share object| addthis_config object| fsdata object| _comscore object| fsprebid object| _atw string| addthis_exclude boolean| addthis_use_personalization string| addthis_options_default string| addthis_options_rank string| addthis_options object| __callbacks function| load_script object| confiant object| COMSCORE function| udm_ object| ns_p object| fsprebidChunk object| _pbjsGlobals object| mnet object| headertag object| ggeac object| google_js_reporting_queue object| __bt_tag_d object| __bt_tag_am object| __bt_intrnl boolean| __bt_already_invoked undefined| google_measure_js_timing object| apstag boolean| apstagLOADED object| Criteo boolean| creativeVendorLibraryLoaded object| paramMatch object| viewPortSize object| debugIp object| debugId number| sekindoDisplayedPlacement object| PrimisApiConfig function| constructsekindoParent424 function| setImmediate function| clearImmediate object| ID5 object| PublisherCommonId object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id boolean| sekindoFlowingPlayerOn object| GoogleGcLKhOms object| criteo_pubtag object| criteo_pubtag_prebid_117 object| Criteo_prebid_117 object| google_image_requests

243 Cookies

Domain/Path Name / Value
.mrtnsvr.com/sync Name: userId
Value: SoctVDtaM
.3lift.com/sync Name: sync
Value: CgoIoQEQ-5L8oLgwCgoIgQIQ-5L8oLgwCgoI4gEQ-5L8oLgwCgoI5gEQ-5L8oLgwCgoIhwIQ-5L8oLgwCgkICRD7kvyguDAKCQg6EPuS_KC4MAoJCAsQ-5L8oLgwCgoIjAIQ-5L8oLgwCgkIXxD7kvyguDA=
.spotify.com/ Name: sp_t
Value: 90f93163e3e58cf7856d37ab6b553401
.spotify.com/ Name: sp_landing
Value: https%3A%2F%2Fopen.spotify.com%2Fembed%2Fplaylist%2F4GCVvY4NTIh0RJ3wu0ALzZ%3Fsp_cid%3D90f93163e3e58cf7856d37ab6b553401%26device%3Ddesktop%26utm_source%3Dgenerator
.omg.blog/ Name: _gid
Value: GA1.2.1775662787.1664368965
.omg.blog/ Name: _gat_UA-255852-1
Value: 1
.omg.blog/ Name: _pk_id.1.5cd7
Value: ef3facc9c268b226.1664368965.
.omg.blog/ Name: _pk_ses.1.5cd7
Value: 1
.omg.blog/ Name: _ga_E9W5XP51BD
Value: GS1.1.1664368965.1.0.1664368965.0.0.0
.omg.blog/ Name: _ga
Value: GA1.1.2103452496.1664368965
omg.blog/ Name: qcSxc
Value: 1664368965657
.omg.blog/ Name: _awl
Value: 2.1664368965.0.5-3c46e930fa8143ab4457d78ea7ba6e90-6763652d75732d6561737431-0
.quantserve.com/ Name: mc
Value: 63344145-a6c1f-30d1f-264b6
.omg.blog/ Name: __qca
Value: P0-1450509662-1664368965651
omg.blog/ Name: fs.bot.check
Value: true
omg.blog/ Name: __atuvc
Value: 1%7C39
omg.blog/ Name: __atuvs
Value: 63344145415715ac000
.addthis.com/ Name: uvc
Value: 1%7C39
.omg.blog/ Name: _admrla
Value: 2.2-7d4d7e332738b1ad-0d5bbb11-3f2b-11ed-8718-c6f425e86907
.addthis.com/ Name: ouid
Value: 633441450001bd8f2b89e6b90cefcdcd3b43e25c73c49c548d58
.addthis.com/ Name: di2
Value: aVT_z#%!k#$M`#!AgP2TIPv7LW6Lj6Hq#1:R#19w#+3e#&Gd
.addthis.com/ Name: bt2
Value: 63344145001Ks0002
.addthis.com/ Name: um
Value: j.'2022092812424586500560299554'
.addthis.com/ Name: uid
Value: 63344145e5c61813
.addthis.com/ Name: na_id
Value: 2022092812424586500560299554
.addthis.com/ Name: vc
Value: 2
.addthis.com/ Name: loc
Value: MDAwMDBOQUNBUUMyMjU1MTA2NDQ2MjAwMDBDSA==
omg.blog/ Name: fs.session.id
Value: 5a715859-672b-494a-9dc7-ebfc27d94eab
.scorecardresearch.com/ Name: UID
Value: 169d1bb88210175ac1b09dc1664368966
omg.blog/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.omg.blog/ Name: cookie
Value: d500c64f-8f86-46aa-b190-4ac074facbbd
.primis.tech/ Name: csuuid
Value: 63344146bfc14
.gumgum.com/ Name: cs
Value: true
.gumgum.com/ Name: loc
Value: OkD6KCdmh_BQUvb_UV4sfwVbbCcZSoDbg46fY9BL6n66HBs9VsZZfbyEEstj6rZa4hNJeODTsrRyrpDalL1a_rdRipBZ-W2arPu1ZvSLcHEqa9jqS-Y2Xw
.gumgum.com/ Name: vst
Value: u_aedd22df-436d-4c7b-85c3-6a7485397977
.yahoo.com/ Name: A3
Value: d=AQABBEZBNGMCEH0BWfVKFhVkIhkpUGoKSEgFEgEBAQGSNWM-YwAAAAAA_eMAAA&S=AQAAAk3AW12INT1ASjHcHpHaE0I
.rubiconproject.com/ Name: khaos
Value: L8LMB5ZU-Q-6LA8
.intentiq.com/ Name: IQver
Value: 1.9
.intentiq.com/ Name: intentIQCDate
Value: 1664368967206
.pub.network/ Name: _fsuid
Value: e8a8325d-924d-4429-b4ce-74ca3989be6d
.intentiq.com/ Name: intentIQ
Value: 8Ci9HzX4HH
.amazon-adsystem.com/ Name: ad-id
Value: A6HDoj-XKUfcsRiqfx-ElfU
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.adnxs.com/ Name: uuid2
Value: 3672728183819967796
.openx.net/ Name: i
Value: c56dba85-31dc-4d8f-a98e-3550e99a18ad|1664368967
.3lift.com/ Name: tluid
Value: 4718842991840813561514
.tremorhub.com/ Name: tvid
Value: e63a547d2fb44dc4b05efb776ca8b478
.casalemedia.com/ Name: CMID
Value: YzRBR.N0Fdi2CjE8Ei5dxQAA
.casalemedia.com/ Name: CMPS
Value: 463
.casalemedia.com/ Name: CMPRO
Value: 463
.intentiq.com/ Name: ASDT
Value: 0
.bidswitch.net/ Name: tuuid
Value: c889e140-9c07-4ae9-92f9-0642e63aa07d
.bidswitch.net/ Name: c
Value: 1664368967
.bidswitch.net/ Name: tuuid_lu
Value: 1664368967
.spotxchange.com/ Name: audience
Value: 0e42515f-3f2b-11ed-b9dc-14caa66b0403
.media.net/ Name: visitor-id
Value: 3073705671454982000V10
.media.net/ Name: data-pri
Value: 63344146bfc14~~34
.lijit.com/ Name: ljt_reader
Value: FZEadLZHN15ZqvYISY2gzKHr
.tremorhub.com/ Name: tvssa
Value: 1664368967423
.omg.blog/ Name: __gads
Value: ID=06635ae48bd40d23-22eebd88f77e007d:T=1664368967:S=ALNI_MYu2MLcafd5uDWDE92wd3a-i2KAuA
.omg.blog/ Name: __gpi
Value: UID=000009763178a94e:T=1664368967:RT=1664368967:S=ALNI_MZeanGR9FmdYBo6TNFFFf4Vhe3mOw
.pubmatic.com/ Name: KADUSERCOOKIE
Value: EB0918BB-D98C-4931-AD49-EA7233D2A3DA
.admanmedia.com/ Name: admtr
Value: a631ccb5-4729-43ca-932d-108eb2489421
.admanmedia.com/ Name: ac_r
Value: CS116
.lijit.com/ Name: ljtrtbexp
Value: eJyrVjI1tDBXsjI0MzM1NbcwNTPXUbIwReOjyZuaofJNjJH5tQDKzxEa
.simpli.fi/ Name: suid
Value: 60A5D0A496404844AA3941651D548860
.intentiq.com/ Name: IIQYahooPrimisCookieSync
Value: 1664368967536
.contextweb.com/ Name: V
Value: baF4ihTqssbd
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 7f3e9623b98ea701
.doubleclick.net/ Name: IDE
Value: AHWqTUmSEnTudzagQrhSxUT1oDUvu9SsaSLAEqbgPvlWyZ-nGEyln5ZSFvtUeR2Xjvw
.postrelease.com/ Name: visitor
Value: 9be7de40-14dc-4759-93a5-f3f1800bbe8e
.postrelease.com/ Name: status
Value: 1
.intentiq.com/ Name: IQTripleLiftCookieSync
Value: 1664368967557
.intentiq.com/ Name: IQtelariaCookieSync
Value: 1664368967560
.intentiq.com/ Name: IQRubiconPrimisCookieSync
Value: 1664368967563
.intentiq.com/ Name: IQMediaNetCookieSync
Value: 1664368967566
.yieldmo.com/ Name: yieldmo_id
Value: g50f94bcb720d67ad24b%7C1664368967579%7C0%7C
.mookie1.com/ Name: id
Value: 10594366284727598666
.mookie1.com/ Name: mdata
Value: 1|10594366284727598666|1664368967587
.mookie1.com/ Name: ov
Value: 99d84d35a11b4136f37c51b4ba70c505
.adsrvr.org/ Name: TDID
Value: dee4a90a-7826-4daf-a6d8-996f99f94684
.dyntrk.com/ Name: dyn_u
Value: 06030002_63344147a406c
.deepintent.com/ Name: CDIUSER
Value: di_2bb2bfff816b46d6bca6f
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YzRBRwAABKv4aQAK
.intentiq.com/ Name: IIQADMANCookieSync
Value: 1664368967683
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-36f9b366-24e7-459e-7e67-b634b8eff4aa.OqyZVvJrq8qnTsN65YUDLUSIxeRkvESwJIWn8HdoLSY
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3ANvmzZiTnRZ5-Z7Y0uO_0qpU4mbU.HFKbyBjodd%2FfedIflREbQ2ihGyvgj3QetaQ5h5kyI%2BQ
.w55c.net/ Name: wfivefivec
Value: hims5jZv1ODwoL5
.acuityplatform.com/ Name: auid
Value: 695670762000
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANvqNdXNlck1hdGNoaW5nSWTMkWxhc3REcm9wVGltZU1pbGxpcyUBQWEDcAG8mGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUFhA3ABvI90aGlyZFBhcnR5VXNlcklkIfv7hnZlcnNpb27C+w=="
.mfadsrvr.com/ Name: c
Value: 1664368967
.mfadsrvr.com/ Name: tuuid_lu
Value: 1664368967
.mfadsrvr.com/ Name: tuuid
Value: dc98ff85-97e2-46db-b230-9da195bc858e
.mathtag.com/ Name: uuid
Value: d73b6334-4147-4100-a5ec-96e71a094ff2
.ipredictive.com/ Name: cu
Value: 9eacfdab-d995-4cdf-b5c1-35499246cefc|1664368967745
.bidr.io/ Name: bito
Value: AAFQ707GaIMAAB826eu3Ow
.bidr.io/ Name: bitoIsSecure
Value: ok
.mookie1.com/ Name: syncdata_IOW
Value: 1
.tapad.com/ Name: TapAd_TS
Value: 1664368967759
.tapad.com/ Name: TapAd_DID
Value: 5c0fbc42-26a5-4a7e-82c4-c0b888aa62b0
.w55c.net/ Name: matchpubmatic
Value: 5
.adform.net/ Name: C
Value: 1
.lijit.com/ Name: _ljtrtb_43
Value: ix2k_Ikfo_2QT6GrjEi6-41Kpq6QHKH83xiXFMh8
.ads.stickyadstv.com/ Name: UID
Value: 51a2f777231ac03cfdd08d3549c1db29
.ads.stickyadstv.com/ Name: sessionId
Value: c3550118422eddd9aae4f875d217dc4
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:d73b6334-4147-4100-a5ec-96e71a094ff2&KRTB&16736-uid:d73b6334-4147-4100-a5ec-96e71a094ff2&KRTB&23019-uid:d73b6334-4147-4100-a5ec-96e71a094ff2&KRTB&23208-uid:d73b6334-4147-4100-a5ec-96e71a094ff2
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-NvmzZiTnRZ5-Z7Y0uO_0qpU4mbU&KRTB&23334-NvmzZiTnRZ5-Z7Y0uO_0qpU4mbU
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:hims5jZv1ODwoL5
.pubmatic.com/ Name: KRTBCOOKIE_1278
Value: 23329-0cacbc55-2d24-4c26-af6d-efc6a8cf5846&KRTB&23340-0cacbc55-2d24-4c26-af6d-efc6a8cf5846
.pubmatic.com/ Name: KRTBCOOKIE_1305
Value: 23408-SoctVDtaM&KRTB&23413-SoctVDtaM
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-YzRBRwAABKv4aQAK&KRTB&22978-YzRBRwAABKv4aQAK&KRTB&23194-YzRBRwAABKv4aQAK&KRTB&23209-YzRBRwAABKv4aQAK
.pubmatic.com/ Name: KRTBCOOKIE_469
Value: 8273-695670762000
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-3672728183819967796&KRTB&23339-3672728183819967796
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:60A5D0A496404844AA3941651D548860
.adform.net/ Name: uid
Value: 3789377830791269412
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 16514-CAESED-BE5J4ljkR8iH5jZT-bKc&KRTB&22987-CAESED-BE5J4ljkR8iH5jZT-bKc&KRTB&23025-CAESED-BE5J4ljkR8iH5jZT-bKc&KRTB&23386-CAESED-BE5J4ljkR8iH5jZT-bKc
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-dee4a90a-7826-4daf-a6d8-996f99f94684&KRTB&22918-dee4a90a-7826-4daf-a6d8-996f99f94684&KRTB&23031-dee4a90a-7826-4daf-a6d8-996f99f94684
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-9eacfdab-d995-4cdf-b5c1-35499246cefc&KRTB&23011-9eacfdab-d995-4cdf-b5c1-35499246cefc&KRTB&23355-9eacfdab-d995-4cdf-b5c1-35499246cefc
.adgrx.com/ Name: ADGRX_UID
Value: 0e8a0d10-3f2b-11ed-bba5-2c64b5add5bb
.smartadserver.com/ Name: pid
Value: 5230961174065027787
.adgrx.com/ Name: ADGRX_CM_PUBMATIC_BRIDGED
Value: 1
beacon.lynx.cognitivlabs.com/ Name: UID
Value: 8d99ec85-5490-4e48-ab98-37d0f4010570
beacon.lynx.cognitivlabs.com/ Name: ss
Value: FJkx4vn%2B4EqAeINZkAQiDzQ%2FykN1iLirsuO6okM3LAE7umsaT05%2B08PDKHNU%2BiuhBvm4fDGgfPjVR4ken1F8qA%3D%3D
.quantserve.com/ Name: d
Value: EEEBGQGaJ_ijDejbEOm40QA
.id5-sync.com/ Name: callback
Value:
.mfadsrvr.com/ Name: ssh
Value: !sovrn,1664368967
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.rlcdn.com/ Name: pxrc
Value: CMeC0ZkGEgUI6AcQABIFCOhHEAA=
.pubmatic.com/ Name: KRTBCOOKIE_1003
Value: 22761-0e8a0d10-3f2b-11ed-bba5-2c64b5add5bb&KRTB&23275-0e8a0d10-3f2b-11ed-bba5-2c64b5add5bb
.turn.com/ Name: uid
Value: 2330777839504810061
.tribalfusion.com/ Name: ANON_ID
Value: aAnseFqO2c9U2OqnverCyBJofI4DbP60EMYbQuycmgvoqHSCBuM1gf1faLwPdD7H53LfJbSZaQq0SbVeatDm9
.dotomi.com/ Name: DotomiTest
Value: 7bb1869a0d1204f4
.lijit.com/ Name: _ljtrtb_85
Value: AAFQ707GaIMAAB826eu3Ow
.sitescout.com/ Name: ssi
Value: 30504c13-e28b-4c2a-86c3-22188607f8ac#1664368967931
.adgrx.com/ Name: ADGRX_CM_CASALE_BRIDGED
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-3789377830791269412&KRTB&23263-3789377830791269412
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-au8VQmjtEkNxvRAVbboLRWy4FxBx7hBCPuprTFWm&KRTB&19420-au8VQmjtEkNxvRAVbboLRWy4FxBx7hBCPuprTFWm&KRTB&22979-au8VQmjtEkNxvRAVbboLRWy4FxBx7hBCPuprTFWm&KRTB&23403-au8VQmjtEkNxvRAVbboLRWy4FxBx7hBCPuprTFWm
.intentiq.com/ Name: IQRubiconCookieSync
Value: 1664368967958
.intentiq.com/ Name: IIQFreeWheelPrimisCookieSync
Value: 1664368967958
.ads.yieldmo.com/ Name: ptrmf
Value: dc98ff85-97e2-46db-b230-9da195bc858e
.ads.yieldmo.com/ Name: ptrrc
Value: L8LMB5ZU-Q-6LA8
.lijit.com/ Name: _ljtrtb_87
Value: dc98ff85-97e2-46db-b230-9da195bc858e
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-2330777839504810061&KRTB&23150-2330777839504810061
.mookie1.com/ Name: syncdata_TAP
Value: 1
ads.playground.xyz/ Name: connect.sid
Value: s%3ALzwRxRPq7_lhgtjB3NnrAUedjMQRZT9h.od9d5iriKXXf0O61XJYFcilppFCXP%2BvEibl2s%2FNJh7c
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-6832713e-82e4-4536-9770-c4b4aefdc3c6-005%22%7D
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTY2NDM2ODk2Nzk5Mn0
.rubiconproject.com/ Name: audit
Value: 1|tcR/wBEzWcK2Hpeu9jTwpu1WuCoMxA8a+JUixCbOKdpceUZ20GQ5sikBaCFS2cAfEAlpT8wNrJ/4NtzLV8geLpktLOTIeOLnsqlSNZOaaDQ=
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17105-RX-6832713e-82e4-4536-9770-c4b4aefdc3c6-005&KRTB&17107-RX-6832713e-82e4-4536-9770-c4b4aefdc3c6-005
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-30504c13-e28b-4c2a-86c3-22188607f8ac-63344147-4341
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAAHz9iswJe84wMVgD8MAAAAAAA&KRTB&22713-AAAHz9iswJe84wMVgD8MAAAAAAA&KRTB&22715-AAAHz9iswJe84wMVgD8MAAAAAAA
.ads.yieldmo.com/ Name: ptreps
Value: AAAH1eLQ2jKKgQNyqV12AAAAAAA
.pippio.com/ Name: did
Value: xkiGYcnZjndRbDIS
.pippio.com/ Name: didts
Value: 1664368968
.pippio.com/ Name: nnls
Value:
.mxptint.net/ Name: mxpim
Value: R1B332_F6EAD229_1EE4870A.1.000000000000000063344148
.pubmatic.com/ Name: KRTBCOOKIE_52
Value: 22772-R1B332_F6EAD229_1EE4870A&KRTB&23092-R1B332_F6EAD229_1EE4870A
.ads.yieldmo.com/ Name: ptrpub
Value: EB0918BB-D98C-4931-AD49-EA7233D2A3DA
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-6832713e-82e4-4536-9770-c4b4aefdc3c6-005%22%2C%22nxtrdr%22%3Afalse%7D
.agkn.com/ Name: ab
Value: 0001%3A2Oxk6HQO8G9%2Byk9t%2Fq%2Fq7d5fuuV6pkmP
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&6e6fb275-2c78-47e6-89ff-374369c77d6f"
.linkedin.com/ Name: lidc
Value: "b=TGST01:s=T:r=T:a=T:p=T:g=2925:u=1:x=1:i=1664368968:t=1664455368:v=2:sig=AQGk6F5wh51miojKRTirqAMBQo3siK6a"
.pippio.com/ Name: pxrc
Value: CMiC0ZkGEgQIAhAAEgYI7OsBEAA=
.mookie1.com/ Name: syncdata_NEU
Value: 1
.lijit.com/ Name: ljtrtb
Value: eJwNyskKwjAQANB%2FmbMDbdaJtwh2oRQJePBWmibB2IMLiAXx3835vS%2BQhD1Y2zhd6XbuR2sPxFR889MHdkC6aFgMpUQSjY4MhQoePeMVmjDXRvqFJMVyBS83b2yd%2BjXdJ%2BbOqn3djlmhqIfHU7lu6Ihv%2BdKMV4LfH8E6IZU%3D
.lijit.com/ Name: _ljtrtb_56
Value: RX-6832713e-82e4-4536-9770-c4b4aefdc3c6-005
.smartadserver.com/ Name: csync
Value: 127:AAFQ707GaIMAAB826eu3Ow
.criteo.com/ Name: uid
Value: 82e20330-16de-4725-8a23-4cf330641244
.linksynergy.com/ Name: rmuid
Value: 2517ed25-d348-4c74-8b8d-5514cd96ee2b
.linksynergy.com/ Name: icts
Value: 2022-09-28T12:42:48Z
.adsby.bidtheatre.com/ Name: __kuid
Value: 588a9e2e-75d3-49fa-9a59-bbb8902ea662.433582968
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1gcv|2N.0.AAAFzzCW3jIT9wNddXKFAAAAAAA|3oy.0|4is.0.CAESEFyOQA-25r7C6-Hltlcou2w|7TY.0|7dN.0.AAFQ707GaIMAAB826eu3Ow
.rlcdn.com/ Name: rlas3
Value: kDd+ZXT+xiso56bnRoIgiDXfXsJbqszeoM14+GJljAA=
.intentiq.com/ Name: CSDT
Value: UEQ6MTUxMDZfMCZUSWpTWlpXIzE1MTMxXzAmVElqU1plbiMxNTAzOF8wJlRJalNaVEM
.intentiq.com/ Name: IQPData
Value: 2503514549#1664368968285#0#1664368967359
pool.admedo.com/ Name: tuuid
Value: cd565a13-ab13-4356-941b-585ce37fba5e
pool.admedo.com/ Name: c
Value: 1664368968
pool.admedo.com/ Name: tuuid_lu
Value: 1664368968
.technoratimedia.com/ Name: tads_uid
Value: DEFC1CD2C44D4C8791D14BBED6980DD0
.technoratimedia.com/ Name: tads_uid_cd
Value: 20220928084248-0400
.technoratimedia.com/ Name: tads_zora
Value: 2
.technoratimedia.com/ Name: tads_uidp_73
Value: AAFQ707GaIMAAB826eu3Ow
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAFQ707GaIMAAB826eu3Ow
s2s.t13.io/ Name: uids
Value: eyJ1aWRzIjp7fSwidGVtcFVJRHMiOnsicnViaWNvbiI6eyJ1aWQiOiJMOExNQjVaVS1RLTZMQTgiLCJleHBpcmVzIjoiMjAyMi0xMC0xMlQxMjo0Mjo0Ny44NTUyMTIwODhaIn0sImFkYmUiOnsidWlkIjoiWXpSQlJ3QUFCS3Y0YVFBSyIsImV4cGlyZXMiOiIyMDIyLTEwLTEyVDEyOjQyOjQ4LjA3MDkzNzIyOVoifSwiaXgiOnsidWlkIjoiWXpSQlIuTjBGZGkyQ2pFOEVpNWR4UUFBJjQ2MyIsImV4cGlyZXMiOiIyMDIyLTEwLTEyVDEyOjQyOjQ4LjM1MDIyMzk5WiJ9LCJ5aWVsZG1vIjp7InVpZCI6Imc1MGY5NGJjYjcyMGQ2N2FkMjRiIiwiZXhwaXJlcyI6IjIwMjItMTAtMTJUMTI6NDI6NDguNTYwOTY2MzIxWiJ9fSwiYmRheSI6IjIwMjItMDktMjhUMTI6NDI6NDcuMDM0MTU2NDE1WiJ9
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-c889e140-9c07-4ae9-92f9-0642e63aa07d&KRTB&23280-c889e140-9c07-4ae9-92f9-0642e63aa07d
.pubmatic.com/ Name: SPugT
Value: 1664368969
omg.blog/ Name: _lr_retry_request
Value: true
omg.blog/ Name: _lr_env_src_ats
Value: false
.pubmatic.com/ Name: SyncRTB3
Value: 1666915200%3A224%7C1665619200%3A35%7C1665187200%3A63%7C1665532800%3A56_22_165_243_204_189_220_234_71_238_81_104_239_231_48_96_222_7_249_13_178_8_55_240_54_176_99_166_21_3_57_233_5%7C1664928000%3A223_15_2_38%7C1669507200%3A69
.id5-sync.com/ Name: id5
Value: ad7b0029-028b-496a-8c4a-3462aa9238ca#1664368967591#3
.linkedin.com/ Name: li_sugr
Value: 81ea6b90-24c8-4e3f-b4ab-9eccf8fcf332
.bing.com/ Name: MUID
Value: 3655925D3C5F6510233380703D756460
.c.bing.com/ Name: MR
Value: 0
.taboola.com/ Name: t_gid
Value: 741cffde-96da-41ff-b860-7999aa95a3ac-tucta2dc6ca
.zemanta.com/ Name: zuid
Value: Wn4oBX0qAX71mtLoH5Lk
.analytics.yahoo.com/ Name: IDSYNC
Value: "198j~27f0:18z8~27f0:175w~27f0"
.owneriq.net/ Name: p2
Value: pmc
.owneriq.net/ Name: si
Value: Q7176553702049903647P
.owneriq.net/ Name: pmc
Value: 1
.fiftyt.com/ Name: fifid
Value: 0d37a45b-4ca8-4f8b-5d4a-bd80a3a99dff
.fiftyt.com/ Name: cs
Value: MTY2NDM2ODk3MHxEdi1CQkFFQ180SUFBUkFCRUFBQUJQLUNBQUE9fMXLDjJqHmdrWLF7bI2FrxvmJ8rEtKZoJva-eyy4e2eI
.bnmla.com/ Name: rx_sspurl_10738
Value: https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3Dc16daf51-e71b-4c23-8e29-0d09321b5016
.bnmla.com/ Name: rx_uuid
Value: c16daf51-e71b-4c23-8e29-0d09321b5016
.bnmla.com/ Name: rx_maxage_10738
Value: 1665664970
.bnmla.com/ Name: rx_sspid_10738
Value: 6_170
.brand-display.com/ Name: _knxq_
Value: b6e50425-c49a-0cb5-5d848496.1664368970.0.1664368970.1664368970
.inmobi.com/ Name: idsp_c
Value: 8581d625-9c3b-4747-9873-6365c14bea63
.creative-serving.com/ Name: tuuid
Value: 7e30ea0e-192b-49d2-8c09-990b01999c78
.creative-serving.com/ Name: c
Value: 1664368970
.creative-serving.com/ Name: tuuid_lu
Value: 1664368970
.omg.blog/ Name: cto_bundle
Value: 4ifO_F9ycnR4Tno5Z1B3R042UFNPYjRCN290c0t3ekhET3FEMWFYY2FVcXRudXZRV3h1b2VSRjF1QWgzJTJCbTZpa0RiUVFIMzBqaTZtemxEdm5oJTJGNktSbTF5TFE2bXFNQzNjZXllazJ6ektLRXZJcWtybU9DUGxPN2RsVVZBUjNUSE53NXFsNkZsaURyUlowbUFjTVJ1Mjg0VHBnJTNEJTNE
.omg.blog/ Name: cto_bidid
Value: kfvCIF9Hd3k2YTU1YzNKWE05QXFUbXhTWEFzVDllb0hraHIlMkJtQlJ5WnFGM2hVeGJ3SGx3SUlzRXolMkYlMkJyQVhqY0t4MTVEZnNDNEtKT1pWNENFRW52RzFDNjROZnU2R0I2c0ZUcno0ZlFQRmlGQjhQRSUzRA
.semasio.net/ Name: SEUNCY
Value: 4709BA07D6CB552F
.fiftyt.com/ Name: fppm
Value: 20220928124250
.pubmatic.com/ Name: KRTBCOOKIE_286
Value: 5193-Q7176553702049903647&KRTB&22521-Q7176553702049903647
.adsymptotic.com/ Name: U
Value: a8d1639f029a5049671338f5ca633a0c
.casalemedia.com/ Name: CMTS
Value: 028
.onaudience.com/ Name: cookie
Value: 6da9908d946fc464
.onaudience.com/ Name: done_redirects161
Value: 1
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 8
.pubmatic.com/ Name: DPSync3
Value: 1664409600%3A174%7C1665532800%3A226_228_197_221_219_236_245_201%7C1664928000%3A164_248
.ads.pubmatic.com/ Name: pubsyncexp
Value: 1664390570605
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.onaudience.com/ Name: done_redirects104
Value: 1
.c.appier.net/ Name: _auid
Value: rpaobp32AJ2dBBtPSkE0Yw
.pubmatic.com/ Name: KRTBCOOKIE_904
Value: 16787-rpaobp32AJ2dBBtPSkE0Yw&KRTB&23130-rpaobp32AJ2dBBtPSkE0Yw
.pubmatic.com/ Name: PugT
Value: 1664315368
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: e50eaf7f1f3c3d9cc19c378b4946249d
.go.sonobi.com/ Name: __uis
Value: 79ba752f-58e3-4000-b67d-b0ea3170af15
.onaudience.com/ Name: done_redirects147
Value: 1
.adsrvr.org/ Name: TDCPM
Value: CAESFQoGY2FzYWxlEgsImteCsJ_WkDsQBRIWCgdydWJpY29uEgsIrJWpsZ_WkDsQBRIWCgdzdng5dDUwEgsIiveQx5_WkDsQBRgBIAEoAjILCPjT3fu11pA7EAU4AVoHeGtzdzlsYWAC
.onaudience.com/ Name: done_redirects252
Value: 1
.onaudience.com/ Name: done_redirects109
Value: 1
.id5-sync.com/ Name: 3pi
Value: 112#1664368971262#1028541207#4709BA07D6CB552F|2#1664368970382#-1658374515#3672728183819967796|434#1664368970977#-389436249|3#1664368970520#-2058783983#d73b6334-4147-4100-a5ec-96e71a094ff2|501#1664368971410#-1177820499|264#1664368970647#-309049471#dee4a90a-7826-4daf-a6d8-996f99f94684|136#1664368971410#-2110005961|441#1664368970254#-819390769#u_8a155a22-d61b-4484-8b42-e05ec02c5315|108#1664368971117#-1269418136|429#1664368970776#-1059606820#EB0918BB-D98C-4931-AD49-EA7233D2A3DA
.go.sonobi.com/ Name: __uir_i5mm
Value: 1
.go.sonobi.com/ Name: __uin_i5mm
Value: d73b6334-4147-4100-a5ec-96e71a094ff2
.go.sonobi.com/ Name: HAPLB8S
Value: s8750|YzRBP

6 Console Messages

Source Level URL
Text
network error URL: https://s2s.t13.io/setuid?bidder=quantcastfsx&gdpr=0&uid=rsSUj6zGk461lpHYqZGKiKiTlt21xZGP-sFMWI_o
Message:
Failed to load resource: the server responded with a status of 400 ()
javascript error URL: https://omg.blog/
Message:
Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=1258' from origin 'https://omg.blog' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=1258
Message:
Failed to load resource: net::ERR_FAILED
javascript warning URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=7812152&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript warning URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=7812152&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript warning URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=7812152&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1647f23214414d860cd291a591032202.safeframe.googlesyndication.com
a.pub.network
a.tribalfusion.com
aa.agkn.com
aax-dtb-cf.amazon-adsystem.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad-delivery.net
ad.doubleclick.net
ad.mrtnsvr.com
ad.turn.com
ads.creative-serving.com
ads.playground.xyz
ads.pubmatic.com
ads.stickyadstv.com
ads.yieldmo.com
adservice.google.ca
adservice.google.com
amazon-tam-match.dotomi.com
ap.lijit.com
api.btloader.com
api.floors.dev
api.intentiq.com
api.rlcdn.com
apresolve.spotify.com
as-sec.casalemedia.com
aud.pubmatic.com
b1sync.zemanta.com
beacon.lynx.cognitivlabs.com
bh.contextweb.com
bidder.criteo.com
biddr.brealtime.com
btloader.com
btlr.sharethrough.com
c.amazon-adsystem.com
c.bing.com
c.pub.network
c1.adform.net
c2shb.pubgw.yahoo.com
c2shb.ssp.yahoo.com
causecherry.com
cdn.id5-sync.com
cdn.indexww.com
cdn.jsdelivr.net
cdn2.pubexchange.com
ce.lijit.com
cm.adgrx.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
confiant-integrations.global.ssl.fastly.net
core.iprom.net
cs.admanmedia.com
cs.media.net
csync.loopme.me
d.pub.network
dis.criteo.com
dmp.brand-display.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
encore.scdn.co
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
freestar-io.videoplayerhub.com
g2.gumgum.com
gocm.c.appier.net
gu.dyntrk.com
gue1-spclient.spotify.com
gum.criteo.com
hb.emxdgt.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i1.wp.com
ib.adnxs.com
id5-sync.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
jadserve.postrelease.com
js-sec.indexww.com
lb.eu-1-id5-sync.com
lbs.eu-1-id5-sync.com
live.primis.tech
loada.exelator.com
m.addthis.com
main.pubexchange.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.bnmla.com
match.deepintent.com
match.prod.bidr.io
match.taboola.com
matching.truffle.bid
mb9eo.publishers.tremorhub.com
mosaic.scdn.co
mug.criteo.com
mweb.ck.inmobi.com
nep.advangelists.com
odr.mookie1.com
omg.blog
onetag-sys.com
open.spotify.com
open.spotifycdn.com
p.adsymptotic.com
pagead2.googlesyndication.com
pippio.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pmp.mxptint.net
pool.admedo.com
pr-bh.ybp.yahoo.com
pubmatic-match.dotomi.com
pulsepoint-match.dotomi.com
px.ads.linkedin.com
px.owneriq.net
pxl.qccerttest.com
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.gumgum.com
rtb.mfadsrvr.com
rtd-tm.everesttech.net
rules.quantcount.com
s.amazon-adsystem.com
s.tribalfusion.com
s.w.org
s2s.t13.io
s7.addthis.com
sb.scorecardresearch.com
secure.adnxs.com
secure.cdn.fastclick.net
secure.quantserve.com
securepubads.g.doubleclick.net
sentry.io
simage2.pubmatic.com
simage4.pubmatic.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
stags.bluekai.com
static.adsafeprotected.com
static.criteo.net
stats.g.doubleclick.net
sync-amz.ads.yieldmo.com
sync-pm.ads.yieldmo.com
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.extend.tv
sync.go.sonobi.com
sync.inmobi.com
sync.intentiq.com
sync.ipredictive.com
sync.mathtag.com
sync.search.spotxchange.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
sync1.intentiq.com
tags.bluekai.com
tags.rd.linksynergy.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
ums.acuityplatform.com
unusedstone.com
ups.analytics.yahoo.com
v1.addthisedge.com
video.primis.tech
visitor.fiftyt.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.makeup.com
x.bidswitch.net
yieldmo-match.dotomi.com
z.moatads.com
api.rlcdn.com
s7.addthis.com
104.17.120.107
104.18.101.194
104.18.18.126
104.18.19.126
104.36.115.109
104.36.115.111
104.45.178.220
107.178.246.49
107.178.254.65
107.20.145.50
13.224.202.36
13.224.205.195
13.224.214.129
13.224.214.16
13.224.214.26
13.224.214.92
13.224.214.95
130.211.23.194
135.148.35.198
141.95.98.65
142.250.65.166
142.250.80.98
146.59.148.16
15.197.193.217
151.101.193.194
151.101.193.44
151.101.66.49
159.65.196.12
162.19.138.119
162.248.18.10
172.104.121.22
173.223.56.138
173.223.57.84
173.231.178.81
18.211.245.94
18.213.85.80
185.167.164.42
192.0.77.2
192.0.77.48
193.122.128.135
195.5.165.20
198.148.27.139
199.127.204.142
199.187.193.185
199.187.193.202
20.127.253.7
2001:41d0:701:1000::96f
204.2.255.233
207.198.113.93
209.54.182.161
216.200.232.253
23.1.200.83
23.20.109.84
23.217.43.215
23.3.125.39
23.52.160.130
23.52.161.180
23.52.162.21
23.52.163.40
23.52.167.93
23.92.190.69
2600:1901:0:524d::
2600:1901:0:6665::1
2600:1901:0:f8d1::1
2600:1901:1:b99::
2600:1901:1:c36::
2600:1f18:4e9:5a07:eb88:cc7a:3ac8:6e0f
2600:1f18:612b:4264:54e8:ad4c:a4b8:acf6
2600:9000:20ed:2800:11:615:7240:93a1
2600:9000:20ed:3e00:1a:5235:f980:93a1
2600:9000:20ed:6a00:6:44e3:f8c0:93a1
2600:9000:20ed:e00:8:48e:53c0:93a1
2602:803:c002:200::42
2606:4700:10::6816:3456
2606:4700:20::681a:3d9
2606:4700:20::681a:68b
2606:4700:20::681a:832
2606:4700:20::681a:8b
2606:4700:20::681a:e67
2606:4700:20::ac43:4513
2606:4700:4400::6812:230b
2606:4700:4400::ac40:9a6e
2606:4700::6810:5914
2606:4700::6812:d4c
2606:4700::6813:ad6c
2606:ae80:1451:14::1050
2606:ae80:1471:13::730
2607:f8b0:4004:c09::9d
2607:f8b0:4006:809::2001
2607:f8b0:4006:80c::2002
2607:f8b0:4006:80f::200a
2607:f8b0:4006:816::2002
2607:f8b0:4006:817::200e
2607:f8b0:4006:81c::2008
2607:f8b0:4006:81e::2001
2607:f8b0:4006:81e::2002
2607:f8b0:4006:820::2004
2607:f8b0:4006:823::2002
2607:f8b0:4006:824::2003
2620:100:a001::4
2620:100:a001::c
2620:112:f002:bbbb::21
2620:116:800b:21:f059:4f7e:28a9:1588
2620:1ec:21::14
2620:1ec:c11::200
2a04:4e42:600::300
2a04:4e42:77::760
2a04:4e42:79::760
2a04:4e42:79::761
3.208.153.18
3.215.101.237
3.230.217.116
34.102.163.6
34.102.253.54
34.107.140.113
34.111.151.213
34.193.201.64
34.227.236.203
34.98.64.218
34.98.67.3
35.188.42.15
35.190.60.146
35.190.90.30
35.194.66.159
35.201.71.192
35.201.96.126
35.207.24.140
35.210.53.219
35.211.178.172
35.227.238.208
35.71.139.29
38.91.45.7
44.196.50.31
5.161.47.120
50.57.31.206
51.222.39.184
52.0.156.250
52.2.182.92
52.2.60.97
52.94.223.37
54.158.55.221
54.164.39.11
54.175.87.114
54.208.179.247
54.85.143.236
54.85.248.187
54.86.215.116
63.251.114.136
63.251.28.234
68.67.160.186
68.67.181.211
69.12.8.74
69.166.1.10
69.173.151.100
69.90.254.78
70.42.32.31
72.44.36.54
74.119.119.129
74.119.119.139
74.119.119.150
74.222.140.101
76.13.32.147
8.28.7.81
8.28.7.82
8.28.7.83
8.28.7.84
8.43.72.98
88.214.206.142
01caf20e667c8e300960582162f912d9405e9895c32cff1a9ee95511fd509a2c
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0360a0429737bafbdbade69759c1042e5d1e08e1ead3e17ae5c14a9c50b43c39
039130d456855a745451bff40707bee5512bc4466373224b2258f67cc6c6d879
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08237e17f42b3142379a1a8eec5490b1eca14de55c1eb8d0883238a7935f83b3
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
111ac61e627008261e23043c5e6b486035f0b123b1963e2fa8671e188eb33829
129a5ef94f84900d4a5cccef5ba19cd16b25151e5957b41905907a64f2fc44f5
12e65339d4c575c65f00de427e757f4ecdb0bdbffb7af11e5e452c51cb6f3053
14c34f76f68a0486c21d2efb95929f5a4e06e741c8bed226f0d4f9b00def8b48
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1a54a1907a6443e3c81608130bfed4546eb0ce5d0c8897e1d7a3b43d89ecc367
1e1498f04dfb2c55c06ea027d0daee766a819fc70e1ca8fdb140938ce813b054
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
2509b4214be230d2e982f8bd655c8a6dcd58bd79046ac9a009657bed99d5422e
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
259d8ef929cf3bf47f46074576815a11499dffc5d48c1b1a3ba96e12656412a0
2a1f3b0c6d17aac0fd7ef2aaaa85ddce44a3dce2e7de3c5496a3b2d6804f77c9
2aaded58dac73e34620e86b5cfdd6e7e20bb38e2ebe5af7d777bc82822bfdb5c
2c59c4b0eadd9893c6813284c5d823c552b3bc17a72c7e0772cc9848584a9385
2c8e6548c109376632da1a33dc7758a8c6347a18196012f617528295aee6d941
2e6463398e2aef19c756950f5ebfbda5493a164c35b9f8f0b9d568467f8fc82b
2fefbbd9ab1e134e9156300c17f75fbf275390fc93364e4da7657ad535d8cbf2
301ffd3d5af33858d74ce79590fde43eda1d4aa66f56e2acaece2f9cea20b793
31873930855fe7c0caa18f6b841e0cf8a6955bd7900e468093bf6131641e1c89
3395c4c64af7e2430203edaed24b39c0f08b5b4e65771d4a7cecbacdfefd2e84
34686cba28b7d374710a0b8204ae2cbce77ced594bcac71bef4f5260a8d99745
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
38fab9383cf36eaedd0df98b3405c528e6651216a91e7256c1644122172d05bd
39ee7e995555be68f45ed3cadb7af1b883f700c44d934667148336fcfdbb32f6
3a97701135de3c6784dd656d2769b98d259f3d0a710ee125bb112cfbbf62b209
3c8a8f4d7fc689c26598752a7d8413962509ec55d6f906f49380c653c3a90e54
3d510e16e6e569e573980fd67a55221795d539fd56688ecaca8d284255e86ee6
3d630e52aca130aa957fa7925afb15f64875eadc6cb2749edd156dc701915520
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eddc363f526ebce3c6991cf515ad5d3dc4af39ba44a8c9381a0514a7e4afc99
3ef5689cc674d35eb2d1895b56e670dff48e80454fe513b4f4da5b842898f06b
3f23c221c52bf156f3482cc7e3290d322b53eb1818e77a147667474132fa7796
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40a7c93dbb3d7aae527b04178537b93829cba062dbb336f5a6fc705e6d30fc79
422cddb9fb86a7948dc8dcf559a9fee04d919672d2753f62a09aea886b6138a7
426d4db7bb4ca89f374e8c1b85807741e44b26a8d1691517f670256125624134
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4456a9b952784b4c297f72a9f513a77247e31829c1d62bc1dbedea8fe8ae16f0
458315e257eca8490d60f49da51ef4900a77891c298b751a6f69f62e78d6f548
45877403f3c1932bbdbf87c7f02f250b9ddd3d5ed4dc59b30ac9c4f876d83d4b
470dd4523c3200a7d908c30989b2877ddf8b0fe9dcefc087d15620fff31ad3fc
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b31d7ab5f55479d6e6d236a971642d937dfc9093e9c945c1963cae9cd1a6735
4bd0f6acb7e1fe07b6639adb4971810f767973fcb4c0d1d19f56d5601c071d7a
4ca50bfd038846f65ecffcdddcd9b9307bfb3898c0a11149a84ec78e11012647
4dd9a0a89a6f744f971d703a692ba46ac458994d236cff82a8f79a0d1980d4d6
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f4673f71a15a153e0e3a25d79f694c762ce4697bc16488a94814048be59b37e
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58baf1ce691339d72a2438bf5ba6dac7ddab9c4ff78bb65af309936b71b8d2d6
58bdc2e63366e9cb79fd6e94a0ece064d27b5c277366ba13bc65454b6bce4e5c
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5afe60d866d05de71ddfecf058a97f9ccce78c198c5bfde9a51494e3728407cb
5d8af1e5471bc18ee4cad66847ea39ff7911dcffda1a1b99cc5ad1899208985f
5e8f3a756d589ccf364849cf9f90d2b4f2410669a61a494a55ab8723c72ddb1b
5f356f0b0c23b23c706db9f102433759d622cdf885f739548d4d10149accb5b2
5fbde5a08eb0daa31179ebd474c5bb9efb934e24b6b22411f6c112bdbf096d0f
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
616f41fbbcf44ba72bb9c97132871526164c81d78f56a15e04ece1a44eb5606a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63081f898db4b72d9ec7c6a4c5b34cd1cf943ab18c102b783e24e818d48f3396
634a819c8cd883049df51c9cfea2f446b31e4197a8fc0d481ff5b72098a3fc3b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b3624184777d76d8b1d77d954781b182fc5f166a26092bf9e07d963979f8bfd
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c696018490a4d6ff6934ca2e49209ce050549cb19d4b361e395aabe1461bafc
6d2976a19c2d29fc2d6bea2b893056c8f9af03cdad5a0e6d62dbefb9aa6b423f
6e91e73fa61993cea2208718d670f5ed1161039b2c7c9fe38e21cdbd5d5ab181
6f0507591c49aa88fab2433451c6c3154c5d4450636b43b749afa1ae2521fe2f
703d478e3b70f4d94df050c62022203275d19bd17d5dedcb62513acd5b81e5d0
70fbc2bab5280ce8aa1b20c58a0df76cfaff01701e7f99f5216a986714955f5d
71b463edd4bbed141570ca3c12f571bc07e7cf8639a3e064ecca4411488af7f1
72ddf006df26d231eb0b80040376edd9390bb472dd1ca7eba56817b0c9d6e0a3
75cf6d2c1f06b9ac1a1e72a9424d3f27d8b13036f952e94508e91bef9610837a
7854e432a9fde0078779f6c85806a3d9b586043dc65ea5c9a072dd0c54b962da
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7a03bef9859a124f2e5a6c2bee1a757bcfc70c97c8150294c4ea212fa4b9982b
7b381bac39a627d9c9cfb5cc7c1cb175b9e2222db0a32aa10384652c5c521eee
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
7e6ad40299db05371b4e6905128b5f2e84fa22faf93623f240f3ecd7d06658a2
7f7e94e4b2ce4850a5fd141c45be20cf976db7c651dc580e4c8ecb3570124319
80c8204a81a325f5c1fe281d4952bf22e31e98e1d86209d4a3f4010b3a3b8fb3
8177822e00d8d86d171eb3aa22e972d5433734c2780872bff47a8d695d0088a8
826d2b9d8bb0092c5381c66451ded8e2f54c486930f1d37d677cac688a92c002
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8424b5639175995590309eca1f9af43d10dff646d44c92ae6299f0a01d87af1c
85f85eaa1b0386bcd8fb6323089c14be5416df57333b1b8b2fc2d4a1a217538a
8680d55c76951f58350157a289014d62aa65f9835f9efb5d20337b4a32c2766e
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202
8a078a48a99512e6c1ab28d4be944de0c7fa5b536290256fa095d6d7fa9290eb
8a6139131f047677c01c7d952ac1ec910d9a0a8fcd46b33961924059193aaf9b
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ae31769cc172a31c7fd9dff9b3cc7ea0e7aa51858538a4ee600744a877b6b52
8b9a478fe38db859ad9d24d09af9655474f65f1f93cd35ead7cdd04d5542dda7
8c22ed5414d1ca4d1421be7153eb44283645ddf78c2c14536379371a89260eb7
8f41af81bae4a1e7a0227e3b5d6e9a449a6f981e1927a110ef0741c53e64c6ff
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
8faceb2a19c7daffbc468c88edd7e19b2ff0c6792a9403ad340d5f262c39a48b
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
91974f427dd2662711b18fd5ce81af11472eea36b44d5d214b92ad510320cb19
93bdfb8e737cfcc6f756b53b8893ddc1d47eacbb4519812b7727a163aaab46cf
9424a4be4e21ce5134bcfd62c9967cf7918052290899e43d99271703d7ed0836
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
997df7e9eb86e09fc303c5ac22a38cd16172b326039c71fbbad469fbe5bf6c5e
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b7413f945c8b8bb3f75eb10513c7ad79d386e98494d541e5f1fa9301ffbddd6
9b967a69371e3af4e63c91981001d84776d23811a57f5c9c6b3a96b6c2da9310
9b9f51fabe5f4e043b1d2ead7f6d472b2ed1c8ce6569cc07d0d455d7232a91e2
9cd0c52130a2ac95e21959817ca0ad8a7f85c72995e9ecd98e069ff5e01e2135
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a16a07896c1d5b4ac3615ffbc71f9e4b5ba3de671f5eecd59fe34d8e466b2adf
a20010b26bce05ea3cfc83cf3a162b7c16b5d2fa2bcf2253b0394b0eb322347a
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a56e6fbb23b901cc18cae5a86fb60d2026cad83b2841bf5aaf46459c87fb9559
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a9707de9fcc1b7314a9c17b2fe862ff7c677fa8c0b6a3af80fd254df5588b602
abc60c07c766f2d2be1ea7284c847c72fe34488d02c109b09024d5fd2cefdac9
ac3d2989b2e2142cdb3616120078d644e9c21726c120a1d349b47c983bf5787d
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
adb24d3ae2e1bcd63c15e355be777452fe2771153be44b92b47baa8b25a402b9
afbb45574013867319967bfd48c437cb91ccd127cf70e96b7494d8f1907da7be
b043a79fc3e5aa25fc53b624db4dfc612198a4e62e43780296ab07dafb6f8f83
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b31aac70700609fcd23be2ea46aaffab114036e309fcf34c71d771b3bb6b5dd3
b326a1469c739c2ef2e5ff8b87f3824156131ed264eddbe1049410de4696426c
b4e6f9c9ed1af005d8c34943f2e29d1b65f253cc9653ab8bd093ca7d08c5f8ec
b53179c92c5774652d81e19c690f7cf4dd593bfec88fc001dd798207548ca84a
b566eb9e18f40e97326ff40241ad4db171b8183e57058abdb9fcb4f1f0b3bbe0
b5f8fdf76b2a536c2335ddda0ed75fd79569d163edc730886dd320c52e01a9be
b60f65161ce3517c2794eecab25981c51ffbcbc951a781270403e2f3572d0290
b710ede2187af6ec0c482dfea4c5330cf150b2d5b8583b8356288eded3e32a32
b7f718bb91fe5664639f129b2c07ed5a180883ec7ac8cf1b1e2dc230abff29d0
ba56022925d545fe0bd7f2b81bbe48e19f57bc49de1ca18d7c9b5eca8c682f9b
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc1ca07dd78c65c9ac66cd9dcbb0e0c421b0723f8d4d81e21dcedcf6dfc15924
bc27e74be72b93d378bcb12603491b71e6650fa4d12adc3e5befb8f7046d4c4f
bcc0a2dfd3e9e3a73fd9486a4e9349f6a320ceafa8c767039b7a8cbfa441cd0d
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
be416c5cd4e277ec21f8703b3c36f8aa65552fdf3a6fd30516835b27814eea56
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c43a014dfec24f152f9a4d0f8531a4cbfba9348013b532d8925c6a6ce5267836
c6cca58c8f515c7e50b64e8b5239910d8971d670aa08b6324aafdc081deb54ca
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cb748e759d5daf1c26b7ed8f789dee6acc62c7d9515c795160af5de8a2540811
cc3684242d1f9336442aaeadacdeaecd351108c0e559d3aebf45b7ae4dba668b
ccebe87d60c5df5f748edd3e69b30e22d1cd360c4141c5a1e7e791f0c3268a37
cf45631c03c9bb508408305e395b735b5a181d5c75be1420c8e076282e11abef
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d149bf6067ed1488704b3b8133d19e4577390381782f80682b5ddeaf598b1869
d202eab777e0b1d47771966e196a7456c4ec209b5289c43a84ca203fc3297ef2
d485f54c3ae5920cd21c8d180458c50f092554777b97f9c52ac6f76359838a05
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
d80b9ba4d9ed354519644fd9d90aa446ec818d52a9b98395c80a43159dc0e887
d88e19480afd719fd69c02036367374fb0707e6309e57e5f9f5490d3bbce3fae
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
dadb9818726b3952d1f2af97c27db3a1b1d7029006880125dc62c2f7a7177318
dbf179d12fe531a65ba95bc98104fd71586811e0f6026fc704a51a836d18bf53
dc50652b34905a6cbeb9ea2f7f7ce23014a8c0a1e05a94ab465886e5ff6ce82b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
debf84af8d66827e1cbc6791aa686504e3116d8cb20f4697fef23108333061f8
df3ba57c1234e50c05735a0dedc033f43d5e638a97d5c51583cac8411d2ea34f
df4789427f966fac0cebdd437539bcd2ba40c42ffe59775e55ccdd4c2e24ac9d
e2f0bd473759754b644e710675d5f28995f2b1f7bc36097dd583782cd14e979c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ecc20ed3c5dedbe5bbe73d1e7b14270c65a85f7d0ec4c94c4f0c9f0071e471a2
ed5d398635d1613a3b1bb2eee5a821b6f476747531af67fe37822079ecc6c3cf
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ef10b703755fde2a088572247ac40e477d452030c967403e720dbd985489fdcc
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef55b97b394f016fc1b7385ec2b1f3dfa95929292a8200379d9bcfdeffc22964
ef84ceb7c17ccbedce44458d12ba1295d23dfece293119e32ad194549841d9c1
f0dc625c21aec3948dc2cee874ea8cfcdabf555a3e3c774bcb346ac4547bb589
f63e8881aa5a91bcbb208d40f8236dff8ed953f4a5254ac435fd61369b4be573
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fa6de599b363d36d766475724769cc3f9ff22e547bb1ae84e7a5d06490d0a6e2
fa7ac2f1a68a039b6fd1e774c0c7d76bc1f9de3c5e78c7977bec02d73f0445b5
ffd127ad02c009a83075ff806fac72502c028ec3a8804d5297babf5befdb701c