urlscan.io logo urlscan.io
SecurityTrails logo

babesinhairland.com Open in urlscan Pro
192.124.249.6  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://babesinhairland.com/
Effective URL: https://babesinhairland.com/
Submission: On April 20 via manual from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 68 IPs in 11 countries across 73 domains to perform 453 HTTP transactions. The main IP is 192.124.249.6, located in Menifee, United States and belongs to SUCURI-SEC, US. The main domain is babesinhairland.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on March 3rd 2021. Valid for: a year.
This is the only time babesinhairland.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 55 192.124.249.6 30148 (SUCURI-SEC)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:219... 16509 (AMAZON-02)
3 2600:1901:0:3... 15169 (GOOGLE)
2 2a03:2880:f02... 32934 (FACEBOOK)
53 2a04:4e42:1b::84 54113 (FASTLY)
1 13.224.102.47 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:219... 16509 (AMAZON-02)
1 13.224.102.59 16509 (AMAZON-02)
3 151.101.113.194 54113 (FASTLY)
1 13.224.102.4 16509 (AMAZON-02)
8 13.224.103.105 16509 (AMAZON-02)
2 23.218.208.246 16625 (AKAMAI-AS)
2 142.250.185.130 15169 (GOOGLE)
9 2a03:2880:f23... 32934 (FACEBOOK)
2 3.122.26.231 16509 (AMAZON-02)
7 35.186.236.140 15169 (GOOGLE)
2 151.101.112.84 54113 (FASTLY)
1 13.224.102.102 16509 (AMAZON-02)
1 34.120.133.55 15169 (GOOGLE)
14 21 52.19.21.254 16509 (AMAZON-02)
3 8 34.253.109.165 16509 (AMAZON-02)
2 2 34.246.133.154 16509 (AMAZON-02)
2 2 66.155.71.149 13768 (COGECO-PEER1)
4 4 35.227.248.159 15169 (GOOGLE)
1 63.35.129.75 16509 (AMAZON-02)
1 1 2001:678:cb4:... 56396 (TURN)
12 2a01:7e00:1::... 63949 (LINODE-AP...)
6 37.252.161.190 29990 (ASN-APPNEX)
6 52.20.243.141 14618 (AMAZON-AES)
13 18.156.195.47 16509 (AMAZON-02)
6 185.64.189.112 62713 (AS-PUBMATIC)
6 54.74.153.15 16509 (AMAZON-02)
11 104.16.68.69 13335 (CLOUDFLAR...)
6 216.52.2.39 30282 (AS-INAPCD...)
6 178.162.133.150 60781 (LEASEWEB-...)
8 18.185.167.149 16509 (AMAZON-02)
6 47 35.244.159.8 15169 (GOOGLE)
15 54.76.72.47 16509 (AMAZON-02)
4 10 185.33.223.178 29990 (ASN-APPNEX)
6 52.4.152.106 14618 (AMAZON-AES)
30 2606:4700::68... 13335 (CLOUDFLAR...)
3 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 13.224.102.122 16509 (AMAZON-02)
6 7 2620:116:800d... 16509 (AMAZON-02)
1 2600:9000:219... 16509 (AMAZON-02)
14 23.218.208.200 16625 (AKAMAI-AS)
3 208.100.17.171 32748 (STEADFAST)
10 54.208.200.8 14618 (AMAZON-AES)
3 4 54.36.109.186 16276 (OVH)
2 2 35.156.198.184 16509 (AMAZON-02)
7 2a00:1288:110... 34010 (YAHOO-IRD)
10 10 3.127.88.255 16509 (AMAZON-02)
20 20 52.29.176.117 16509 (AMAZON-02)
2 2 18.159.8.206 16509 (AMAZON-02)
12 18 54.220.102.114 16509 (AMAZON-02)
31 36 142.250.185.162 15169 (GOOGLE)
8 8 185.29.132.144 30419 (MEDIAMATH...)
13 14 37.157.6.246 198622 (ADFORM)
3 3 35.210.178.101 19527 (GOOGLE-2)
2 2 52.214.7.146 16509 (AMAZON-02)
2 2 52.17.151.21 16509 (AMAZON-02)
3 185.64.189.115 62713 (AS-PUBMATIC)
2 178.250.0.163 44788 (ASN-CRITE...)
2 213.155.156.183 1299 (TELIANET ...)
1 4 2606:4700:10:... 13335 (CLOUDFLAR...)
2 4 77.243.60.138 42697 (NETIC-AS)
4 4 35.201.96.126 15169 (GOOGLE)
2 185.64.189.249 62713 (AS-PUBMATIC)
22 185.64.189.110 62713 (AS-PUBMATIC)
2 159.253.128.183 36351 (SOFTLAYER)
2 2 18.158.167.137 16509 (AMAZON-02)
2 2 18.156.0.31 16509 (AMAZON-02)
3 185.64.189.114 62713 (AS-PUBMATIC)
2 185.64.190.81 62713 (AS-PUBMATIC)
2 2 23.111.200.118 7979 (SERVERS-COM)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
1 1 94.23.171.206 16276 (OVH)
1 72.251.241.204 29791 (VOXEL-DOT...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
3 3 51.222.80.231 16276 (OVH)
1 2 54.78.254.47 16509 (AMAZON-02)
1 1 2001:678:cb4:... 56396 (TURN)
2 2 151.101.14.49 54113 (FASTLY)
1 1 178.62.202.251 14061 (DIGITALOC...)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 34.98.107.212 15169 (GOOGLE)
1 1 185.33.221.15 29990 (ASN-APPNEX)
453 68
55    192.124.249.6 (Menifee, United States)

ASN30148 (SUCURI-SEC, US)
PTR: cloudproxy10006.sucuri.net
babesinhairland.com
1    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
1    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2600:9000:2190:2400:3:c04e:c780:93a1 (United States)

ASN16509 (AMAZON-02, US)
ws.sharethis.com
3    2600:1901:0:333a:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
monu.delivery
2    2a03:2880:f02d:12:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
53    2a04:4e42:1b::84 (United States)

ASN54113 (FASTLY, US)
assets.pinterest.com
i.pinimg.com
1    13.224.102.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-102-47.zrh50.r.cloudfront.net
tags.crwdcntrl.net
2    2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2600:9000:2190:9200:c:a9b7:ddc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
c.sharethis.mgr.consensu.org
1    13.224.102.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-102-59.zrh50.r.cloudfront.net
ats.rlcdn.com
3    151.101.113.194 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
confiant-integrations.global.ssl.fastly.net
1    13.224.102.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-102-4.zrh50.r.cloudfront.net
js.gumgum.com
8    13.224.103.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-103-105.zrh50.r.cloudfront.net
c.amazon-adsystem.com
2    23.218.208.246 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-246.deploy.static.akamaitechnologies.com
js-sec.indexww.com
as-sec.casalemedia.com
2    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
securepubads.g.doubleclick.net
9    2a03:2880:f231:c5:face:b00c:0:43fe (Santa Clara, United States)

ASN32934 (FACEBOOK, US)
scontent-sjc3-1.cdninstagram.com
2    3.122.26.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-26-231.eu-central-1.compute.amazonaws.com
l.sharethis.com
7    35.186.236.140 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 140.236.186.35.bc.googleusercontent.com
imps.monu.delivery
2    151.101.112.84 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
widgets.pinterest.com
log.pinterest.com
1    13.224.102.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-102-102.zrh50.r.cloudfront.net
geo.privacymanager.io
1    34.120.133.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 55.133.120.34.bc.googleusercontent.com
api.rlcdn.com
21    52.19.21.254 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-21-254.eu-west-1.compute.amazonaws.com
match.adsrvr.org
8    34.253.109.165 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-109-165.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
sync.crwdcntrl.net
2    34.246.133.154 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-133-154.eu-west-1.compute.amazonaws.com
dpm.demdex.net
2    66.155.71.149 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
4    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com
pixel.tapad.com
1    63.35.129.75 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-129-75.eu-west-1.compute.amazonaws.com
beacon.krxd.net
1    2001:678:cb4:bbbb::13 (United Kingdom)

ASN56396 (TURN, GB)
d.turn.com
12    2a01:7e00:1::b24f:afb0 (London, United Kingdom)

ASN63949 (LINODE-AP Linode, LLC, US)
ipwatch.monu.delivery
6    37.252.161.190 (Shepherds Bush, United Kingdom)

ASN29990 (ASN-APPNEX, US)
PTR: prebid.ams1.adnexus.net
prebid.adnxs.com
6    52.20.243.141 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-20-243-141.compute-1.amazonaws.com
display.bfmio.com
13    18.156.195.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
c2shb.ssp.yahoo.com
6    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
6    54.74.153.15 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-74-153-15.eu-west-1.compute.amazonaws.com
ads.yieldmo.com
11    104.16.68.69 (United States)

ASN13335 (CLOUDFLARENET, US)
dmx.districtm.io
cdn.districtm.io
6    216.52.2.39 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
6    178.162.133.150 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-apex.go.sonobi.com
apex.go.sonobi.com
8    18.185.167.149 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
btlr.sharethrough.com
47    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
bloggernetwork-d.openx.net
eu-u.openx.net
us-u.openx.net
15    54.76.72.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-72-47.eu-west-1.compute.amazonaws.com
g2.gumgum.com
10    185.33.223.178 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 824.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
6    52.4.152.106 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
ssc.33across.com
30    2606:4700::6810:9440 (United States)

ASN13335 (CLOUDFLARENET, US)
cmp-cdn.cookielaw.org
cdn.cookielaw.org
3    2606:4700:10::6814:b844 (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
2    13.224.102.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-102-122.zrh50.r.cloudfront.net
sb.scorecardresearch.com
7    2620:116:800d:21:5a23:9c4e:e774:96c1 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
1    2600:9000:2190:e600:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
14    23.218.208.200 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-200.deploy.static.akamaitechnologies.com
ads.pubmatic.com
3    208.100.17.171 (United States)

ASN32748 (STEADFAST, US)
PTR: ip171.208-100-17.static.steadfastdns.net
ssc-cms.33across.com
10    54.208.200.8 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-208-200-8.compute-1.amazonaws.com
sync.bfmio.com
4    54.36.109.186 (France)

ASN16276 (OVH, FR)
PTR: p06.id5-sync.com
id5-sync.com
2    35.156.198.184 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
ice.360yield.com
7    2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
10    3.127.88.255 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
pm.w55c.net
20    52.29.176.117 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
x.bidswitch.net
2    18.159.8.206 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
rtb.mfadsrvr.com
18    54.220.102.114 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-220-102-114.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
36    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
cm.g.doubleclick.net
8    185.29.132.144 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
14    37.157.6.246 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
3    35.210.178.101 (Brussels, Belgium)

ASN19527 (GOOGLE-2, US)
a.volvelle.tech
2    52.214.7.146 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
r.scoota.co
2    52.17.151.21 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
ads.avct.cloud
3    185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    213.155.156.183 (Sweden)

ASN1299 (TELIANET Telia Carrier, SE)
d5p.de17a.com
4    2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
spl.zeotap.com
4    77.243.60.138 (Aalborg, Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
4    35.201.96.126 (Kansas City, United States)

ASN15169 (GOOGLE, US)
visitor.fiftyt.com
2    185.64.189.249 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
aud.pubmatic.com
22    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
simage2.pubmatic.com
2    159.253.128.183 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: b7.80.fd9f.ip4.static.sl-reverse.com
um.simpli.fi
2    18.158.167.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
ads.creative-serving.com
2    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
ups.analytics.yahoo.com
3    185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
2    185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
2    23.111.200.118 (Russian Federation)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
1    85.114.159.118 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
dsp.adfarm1.adition.com
1    94.23.171.206 (France)

ASN16276 (OVH, FR)
green.erne.co
1    72.251.241.204 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
cm.adgrx.com
1    2606:4700:3039::6815:c02f (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
3    51.222.80.231 (Canada)

ASN16276 (OVH, FR)
PTR: ns574734.ip-51-222-80.net
pixel.onaudience.com
2    54.78.254.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
loadm.exelator.com
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (TURN, GB)
ad.turn.com
2    151.101.14.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    178.62.202.251 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    2a02:fa8:8806:20::2010 (United States)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
1    34.98.107.212 (Kansas City, United States)

ASN15169 (GOOGLE, US)
ads.playground.xyz
1    185.33.221.15 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com
Apex Domain
Subdomains		 Transfer
55 babesinhairland.com
babesinhairland.com
1 MB
52 pubmatic.com
hbopenbid.pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
aud.pubmatic.com
image2.pubmatic.com
simage2.pubmatic.com
image4.pubmatic.com
simage4.pubmatic.com
219 KB
51 pinimg.com
i.pinimg.com
1 MB
47 openx.net
bloggernetwork-d.openx.net
eu-u.openx.net
us-u.openx.net
11 KB
38 doubleclick.net
securepubads.g.doubleclick.net
cm.g.doubleclick.net
130 KB
30 cookielaw.org
cmp-cdn.cookielaw.org
cdn.cookielaw.org
343 KB
22 yahoo.com
c2shb.ssp.yahoo.com
pr-bh.ybp.yahoo.com
ups.analytics.yahoo.com
11 KB
22 monu.delivery
monu.delivery
imps.monu.delivery
ipwatch.monu.delivery
148 KB
21 adsrvr.org
match.adsrvr.org
8 KB
20 bidswitch.net
x.bidswitch.net
7 KB
18 bidr.io
match.prod.bidr.io
9 KB
17 adnxs.com
prebid.adnxs.com
ib.adnxs.com
secure.adnxs.com
11 KB
16 bfmio.com
display.bfmio.com
sync.bfmio.com
9 KB
16 gumgum.com
js.gumgum.com
g2.gumgum.com
43 KB
14 adform.net
c1.adform.net
7 KB
11 districtm.io
dmx.districtm.io
cdn.districtm.io
866 B
10 w55c.net
pm.w55c.net
7 KB
9 33across.com
ssc.33across.com
ssc-cms.33across.com
4 KB
9 cdninstagram.com
scontent-sjc3-1.cdninstagram.com
2 MB
9 crwdcntrl.net
tags.crwdcntrl.net
bcp.crwdcntrl.net
sync.crwdcntrl.net
16 KB
8 mathtag.com
sync.mathtag.com
5 KB
8 sharethrough.com
btlr.sharethrough.com
921 B
8 amazon-adsystem.com
c.amazon-adsystem.com
38 KB
7 quantserve.com
secure.quantserve.com
pixel.quantserve.com
11 KB
6 sonobi.com
apex.go.sonobi.com
4 KB
6 lijit.com
ap.lijit.com
4 KB
6 yieldmo.com
ads.yieldmo.com
1 KB
4 fiftyt.com
visitor.fiftyt.com
2 KB
4 semasio.net
uipglob.semasio.net
2 KB
4 zeotap.com
mwzeom.zeotap.com
spl.zeotap.com
2 KB
4 id5-sync.com
id5-sync.com
6 KB
4 tapad.com
pixel.tapad.com
2 KB
4 pinterest.com
assets.pinterest.com
widgets.pinterest.com
log.pinterest.com
28 KB
3 onaudience.com
pixel.onaudience.com
1 KB
3 volvelle.tech
a.volvelle.tech
1 KB
3 onetrust.com
geolocation.onetrust.com
1 KB
3 fastly.net
confiant-integrations.global.ssl.fastly.net
121 KB
3 sharethis.com
ws.sharethis.com
l.sharethis.com
8 KB
2 everesttech.net
sync-tm.everesttech.net
744 B
2 exelator.com
loadm.exelator.com
2 KB
2 betweendigital.com
ads.betweendigital.com
1019 B
2 creative-serving.com
ads.creative-serving.com
1 KB
2 simpli.fi
um.simpli.fi
1018 B
2 de17a.com
d5p.de17a.com
268 B
2 criteo.com
dis.criteo.com
567 B
2 avct.cloud
ads.avct.cloud
888 B
2 scoota.co
r.scoota.co
1 KB
2 mfadsrvr.com
rtb.mfadsrvr.com
1 KB
2 360yield.com
ice.360yield.com
1013 B
2 scorecardresearch.com
sb.scorecardresearch.com
868 B
2 turn.com
d.turn.com
ad.turn.com
929 B
2 sitescout.com
pixel-sync.sitescout.com
726 B
2 demdex.net
dpm.demdex.net
2 KB
2 rlcdn.com
ats.rlcdn.com
api.rlcdn.com
61 KB
2 gstatic.com
fonts.gstatic.com
52 KB
2 google-analytics.com
www.google-analytics.com
19 KB
2 facebook.net
connect.facebook.net
66 KB
1 playground.xyz
ads.playground.xyz
486 B
1 dotomi.com
pubmatic-match.dotomi.com
104 B
1 bidtheatre.com
match.adsby.bidtheatre.com
550 B
1 ad4m.at
ad4m.at
1 KB
1 adgrx.com
cm.adgrx.com
408 B
1 erne.co
green.erne.co
325 B
1 adition.com
dsp.adfarm1.adition.com
501 B
1 quantcount.com
rules.quantcount.com
349 B
1 krxd.net
beacon.krxd.net
338 B
1 casalemedia.com
as-sec.casalemedia.com
317 B
1 privacymanager.io
geo.privacymanager.io
603 B
1 indexww.com
js-sec.indexww.com
13 KB
1 consensu.org
c.sharethis.mgr.consensu.org
1 KB
1 googleapis.com
fonts.googleapis.com
1 KB
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com
5 KB
0 w.org Failed
s.w.org Failed
453 73
Domain Requested by
55 babesinhairland.com 1 redirects babesinhairland.com
51 i.pinimg.com babesinhairland.com
36 cm.g.doubleclick.net 31 redirects eu-u.openx.net
28 cmp-cdn.cookielaw.org monu.delivery
cmp-cdn.cookielaw.org
babesinhairland.com
25 eu-u.openx.net 5 redirects monu.delivery
eu-u.openx.net
21 match.adsrvr.org 14 redirects js-sec.indexww.com
bcp.crwdcntrl.net
eu-u.openx.net
20 x.bidswitch.net 20 redirects
18 match.prod.bidr.io 12 redirects eu-u.openx.net
ads.pubmatic.com
16 us-u.openx.net 1 redirects eu-u.openx.net
15 g2.gumgum.com monu.delivery
js.gumgum.com
14 c1.adform.net 13 redirects ads.pubmatic.com
14 ads.pubmatic.com monu.delivery
ads.pubmatic.com
13 simage2.pubmatic.com ads.pubmatic.com
13 c2shb.ssp.yahoo.com monu.delivery
12 ipwatch.monu.delivery monu.delivery
10 pm.w55c.net 10 redirects
10 sync.bfmio.com monu.delivery
sync.bfmio.com
10 ib.adnxs.com 4 redirects monu.delivery
9 image2.pubmatic.com ads.pubmatic.com
9 scontent-sjc3-1.cdninstagram.com babesinhairland.com
8 sync.mathtag.com 8 redirects
8 btlr.sharethrough.com monu.delivery
8 c.amazon-adsystem.com monu.delivery
c.amazon-adsystem.com
7 pr-bh.ybp.yahoo.com eu-u.openx.net
ads.pubmatic.com
7 imps.monu.delivery babesinhairland.com
6 pixel.quantserve.com 6 redirects
6 ssc.33across.com monu.delivery
6 bloggernetwork-d.openx.net monu.delivery
6 apex.go.sonobi.com monu.delivery
6 ap.lijit.com monu.delivery
6 dmx.districtm.io monu.delivery
6 ads.yieldmo.com monu.delivery
6 hbopenbid.pubmatic.com monu.delivery
6 display.bfmio.com monu.delivery
6 prebid.adnxs.com monu.delivery
6 sync.crwdcntrl.net 2 redirects bcp.crwdcntrl.net
5 cdn.districtm.io monu.delivery
4 visitor.fiftyt.com 4 redirects
4 uipglob.semasio.net 2 redirects ads.pubmatic.com
4 id5-sync.com 3 redirects
4 pixel.tapad.com 4 redirects
3 pixel.onaudience.com 3 redirects
3 image4.pubmatic.com ads.pubmatic.com
3 mwzeom.zeotap.com ads.pubmatic.com
3 image6.pubmatic.com ads.pubmatic.com
3 a.volvelle.tech 3 redirects
3 ssc-cms.33across.com monu.delivery
3 geolocation.onetrust.com cmp-cdn.cookielaw.org
3 confiant-integrations.global.ssl.fastly.net monu.delivery
confiant-integrations.global.ssl.fastly.net
3 monu.delivery babesinhairland.com
monu.delivery
2 sync-tm.everesttech.net 2 redirects
2 loadm.exelator.com 1 redirects ads.pubmatic.com
2 ads.betweendigital.com 2 redirects
2 simage4.pubmatic.com ads.pubmatic.com
2 ups.analytics.yahoo.com 2 redirects
2 ads.creative-serving.com 2 redirects
2 um.simpli.fi ads.pubmatic.com
2 aud.pubmatic.com ads.pubmatic.com
2 d5p.de17a.com image6.pubmatic.com
ads.pubmatic.com
2 dis.criteo.com image6.pubmatic.com
ads.pubmatic.com
2 ads.avct.cloud 2 redirects
2 r.scoota.co 2 redirects
2 rtb.mfadsrvr.com 2 redirects
2 ice.360yield.com 2 redirects
2 sb.scorecardresearch.com 1 redirects
2 cdn.cookielaw.org cmp-cdn.cookielaw.org
2 pixel-sync.sitescout.com 2 redirects
2 dpm.demdex.net 2 redirects
2 bcp.crwdcntrl.net 1 redirects tags.crwdcntrl.net
2 l.sharethis.com ws.sharethis.com
babesinhairland.com
2 securepubads.g.doubleclick.net monu.delivery
securepubads.g.doubleclick.net
2 fonts.gstatic.com fonts.googleapis.com
2 www.google-analytics.com babesinhairland.com
www.google-analytics.com
2 assets.pinterest.com babesinhairland.com
assets.pinterest.com
2 connect.facebook.net babesinhairland.com
connect.facebook.net
1 secure.adnxs.com 1 redirects
1 ads.playground.xyz 1 redirects
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 match.adsby.bidtheatre.com 1 redirects
1 ad.turn.com 1 redirects
1 spl.zeotap.com 1 redirects
1 ad4m.at ads.pubmatic.com
1 cm.adgrx.com ads.pubmatic.com
1 green.erne.co 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 rules.quantcount.com secure.quantserve.com
1 secure.quantserve.com babesinhairland.com
1 d.turn.com 1 redirects
1 beacon.krxd.net bcp.crwdcntrl.net
1 log.pinterest.com babesinhairland.com
1 as-sec.casalemedia.com js-sec.indexww.com
1 api.rlcdn.com js-sec.indexww.com
1 geo.privacymanager.io ats.rlcdn.com
1 widgets.pinterest.com assets.pinterest.com
1 js-sec.indexww.com monu.delivery
1 js.gumgum.com monu.delivery
1 ats.rlcdn.com monu.delivery
1 c.sharethis.mgr.consensu.org ws.sharethis.com
1 tags.crwdcntrl.net monu.delivery
1 ws.sharethis.com babesinhairland.com
1 fonts.googleapis.com babesinhairland.com
1 maxcdn.bootstrapcdn.com babesinhairland.com
0 s.w.org Failed babesinhairland.com
453 103
Subject Issuer Validity Valid
babesinhairland.com
Go Daddy Secure Certificate Authority - G2		 2021-03-03 -
2022-04-02		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-03-01 -
2022-02-28		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
sharethis.com
Amazon		 2020-08-17 -
2021-09-16		 a year crt.sh
*.monu.delivery
Sectigo RSA Domain Validation Secure Server CA		 2020-08-18 -
2022-02-11		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-04-06 -
2021-07-03		 3 months crt.sh
*.pinterest.com
DigiCert SHA2 High Assurance Server CA		 2020-07-16 -
2021-08-04		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2019-06-13 -
2021-06-28		 2 years crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
sharethis.mgr.consensu.org
Amazon		 2021-04-07 -
2022-05-06		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
*.freetls.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2021-04-05 -
2022-04-06		 a year crt.sh
*.gumgum.com
Amazon		 2020-11-14 -
2021-12-13		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2020-08-04 -
2021-08-02		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.instagram.com
DigiCert SHA2 High Assurance Server CA		 2021-03-21 -
2021-06-19		 3 months crt.sh
imps.monu.delivery
GTS CA 1D2		 2021-03-25 -
2021-06-23		 3 months crt.sh
*.privacymanager.io
Amazon		 2020-10-24 -
2021-11-23		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-13 -
2022-01-07		 a year crt.sh
prebid.adnxs.com
GeoTrust TLS RSA CA G1		 2020-03-29 -
2022-03-29		 2 years crt.sh
*.bfmio.com
Amazon		 2020-05-21 -
2021-06-21		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-03-18 -
2021-09-08		 6 months crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2020-12-07 -
2021-12-14		 a year crt.sh
*.yieldmo.com
Amazon		 2020-06-23 -
2021-07-23		 a year crt.sh
districtm.io
Cloudflare Inc ECC CA-3		 2020-07-01 -
2021-07-01		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2020-03-11 -
2021-05-10		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2020-12-06 -
2022-01-07		 a year crt.sh
*.sharethrough.com
Amazon		 2020-09-09 -
2021-10-11		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2020-06-18 -
2021-08-17		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2019-10-01 -
2021-09-30		 2 years crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2020-07-01 -
2021-07-01		 a year crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2021-02-12 -
2022-02-11		 a year crt.sh
*.scorecardresearch.com
Amazon		 2021-02-28 -
2022-03-29		 a year crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2020-10-02 -
2021-10-07		 a year crt.sh
*.id5-sync.com
R3		 2021-03-23 -
2021-06-21		 3 months crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2020-10-30 -
2021-04-27		 6 months crt.sh
*.match.prod.bidr.io
Amazon		 2021-02-26 -
2022-03-27		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-04-14 -
2021-07-12		 3 months crt.sh
*.de17a.com
Sectigo ECC Domain Validation Secure Server CA		 2020-11-25 -
2021-12-25		 a year crt.sh
*.semasio.net
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-09 -
2022-04-10		 a year crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA		 2019-09-18 -
2021-12-12		 2 years crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA		 2019-09-16 -
2021-09-20		 2 years crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-24 -
2022-03-26		 a year crt.sh
*.exelator.com
Go Daddy Secure Certificate Authority - G2		 2019-05-17 -
2021-06-25		 2 years crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2019-06-19 -
2021-08-31		 2 years crt.sh

This page contains 38 frames:

Primary Page: https://babesinhairland.com/
Frame ID: B6CABB465A24934667C20461F609A93D
Requests: 307 HTTP requests in this frame

Frame: https://c.sharethis.mgr.consensu.org/portal-v2.html
Frame ID: 7D85986CABE0BFEFE2D9308F70541F0A
Requests: 1 HTTP requests in this frame

Frame: https://monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/xdomain_cookie.html
Frame ID: 9DD57A5FF588A08911070B9C31CE39CF
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/5/ct=y/c=13511/rand=331327543/pv=y/int=%23OpR%2385908%23Total%20Site%20Traffic%20%3A%20babesinhairland.com/rt=ifr
Frame ID: 4126EC1AC32761D33C08AA945FF07F9E
Requests: 7 HTTP requests in this frame

Frame: https://secure.quantserve.com/quant.js
Frame ID: 439F75D1A4F244CA1988206C19375DE9
Requests: 2 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: 954A4A5CA6EB8A5CD793A035B22C874D
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Frame ID: 54984B0EDA5BDA0589E17D1711431BFE
Requests: 11 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Frame ID: 854F1ADD06F2AAF9461BE25A74502898
Requests: 11 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: D56AA73D3BF11A670DD060ABF28B097C
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 4A4AB8570D5A12A3120535F028874D52
Requests: 18 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=bFQb0ON20r6RjGaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 13D721ECFC78D884FEC666980077E7EA
Requests: 1 HTTP requests in this frame

Frame: https://sync.bfmio.com/sync_iframe?ifpl=5&ifg=1&id=Monumetric+-+Display+-+Header+Bidding&gdpr=0&gc=&gce=1&cb=1618903395038
Frame ID: 2ABDBF14A48F41696898717893BA8F17
Requests: 2 HTTP requests in this frame

Frame: https://sync.bfmio.com/sync_iframe?ifpl=5&ifg=1&id=Monumetric+-+Display+-+Header+Bidding&gdpr=0&gc=&gce=1&cb=1618903394941
Frame ID: C2D6D5242E40C018EF7CB84F747B8825
Requests: 2 HTTP requests in this frame

Frame: https://sync.bfmio.com/sync_iframe?ifpl=5&ifg=1&id=Monumetric+-+Display+-+Header+Bidding&gdpr=0&gc=&gce=1&cb=1618903395033
Frame ID: BFEB31A80BF8ABC0E966B916A32A9330
Requests: 2 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=bFQb0ON20r6RjGaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 3251CF9EDFAEA36266CB0C8B4C021A33
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 87F1072EA475D75B7D773B6DACDD47BF
Requests: 17 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: B07C332E5919F04DCDC1FCDDFEFD6DC7
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: 70D027CC8DE767FFA2340EF01190B6DA
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Frame ID: 47291DC0888A59B600F362F88584F0B3
Requests: 11 HTTP requests in this frame

Frame: https://sync.bfmio.com/sync_iframe?ifpl=5&ifg=1&id=Monumetric+-+Display+-+Header+Bidding&gdpr=0&gc=&gce=1&cb=1618903395136
Frame ID: F3F828752885A5D23AFFDB50D91ADBED
Requests: 2 HTTP requests in this frame

Frame: https://sync.bfmio.com/sync_iframe?ifpl=5&ifg=1&id=Monumetric+-+Display+-+Header+Bidding&gdpr=0&gc=&gce=1&cb=1618903394934
Frame ID: EB8C85121F7DB148510AB39615018AE8
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 31378A54BDFD571D5D6A77B97235767B
Requests: 14 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Frame ID: 564AB9AE6CDBE2E03F476D14B44BA670
Requests: 11 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 676859C07B67A0884A193B633384B88C
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 40DB3109F2A8CC70457412E44CE97F6E
Requests: 3 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=bFQb0ON20r6RjGaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 945C1C783BDED7DFF82B6D8A31881589
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: 3BD935642D17FEB91ABF47469BCC981A
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Frame ID: E3B90D246D103F8B3A7879F355909BAC
Requests: 11 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 307AB2BB8A9561F460BBDB6AC65E1FA6
Requests: 1 HTTP requests in this frame

Frame: https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
Frame ID: 0761DB4745A21B4FEC4FBDC9F0178DEF
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 2000ED344827C2DB6B25C3080F448DCB
Requests: 1 HTTP requests in this frame

Frame: https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
Frame ID: 404CF73A6279C1B41FFD3EB9236591F7
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=1C5F2DDE-F7B2-4088-831F-B2FA9F746DD3
Frame ID: C5A0F2630081DA9E2AC50C148A5D4A05
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6953137175575656601
Frame ID: 04708E7D199C859A0AA7CA20C1F39841
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Frame ID: 3A38F670BB68390F59F4B098291F4B56
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=Lg3zPgg8xe0wftE8dBEaWrAb
Frame ID: 3AE5FF27B10788D14A70D7E2B7E26F33
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 0734DF68B22906664A2955B754457DC4
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: 2FFB9D03CA6F2537F57E6990AB76F4C1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://babesinhairland.com/ HTTP 301
    https://babesinhairland.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

453
Requests

100 %
HTTPS

23 %
IPv6

73
Domains

103
Subdomains

68
IPs

11
Countries

5504 kB
Transfer

8960 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://babesinhairland.com/ HTTP 301
    https://babesinhairland.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 152
  • https://bcp.crwdcntrl.net/5/c=13511/rand=331327543/pv=y/int=%23OpR%2385908%23Total%20Site%20Traffic%20%3A%20babesinhairland.com/rt=ifr HTTP 302
  • https://bcp.crwdcntrl.net/5/ct=y/c=13511/rand=331327543/pv=y/int=%23OpR%2385908%23Total%20Site%20Traffic%20%3A%20babesinhairland.com/rt=ifr
Request Chain 153
  • https://dpm.demdex.net/ibs:dpid=121998&dpuuid=440114f7bde64d9fd88011a876b131f9&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=121998&dpuuid=440114f7bde64d9fd88011a876b131f9&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D HTTP 302
  • https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=76002866104254000772068111150778939524
Request Chain 154
  • https://pixel-sync.sitescout.com/connectors/lotame/usersync?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID HTTP 302
  • https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=no-consent
Request Chain 155
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=440114f7bde64d9fd88011a876b131f9&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=LOTAME&partner_device_id=440114f7bde64d9fd88011a876b131f9&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=450766b5-a1a9-11eb-a0c6-265e6e83e438
Request Chain 158
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/440114f7bde64d9fd88011a876b131f9/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D HTTP 302
  • https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=2536668354284520938
Request Chain 281
  • https://sb.scorecardresearch.com/p?c1=8&c2=15039634&c3=16&c4=7ce595b2&c7=https%3A%2F%2Fbabesinhairland.com%2F&c8=Babes%20In%20Hairland%20-%20Making%20the%20world%20a%20prettier%20place%20~%20One%20head%20of%20hair%20at%20a%20time!&c9=&cv=2.0&cj=1&ns__t=1618903395026 HTTP 302
  • https://sb.scorecardresearch.com/p2?c1=8&c2=15039634&c3=16&c4=7ce595b2&c7=https%3A%2F%2Fbabesinhairland.com%2F&c8=Babes%20In%20Hairland%20-%20Making%20the%20world%20a%20prettier%20place%20~%20One%20head%20of%20hair%20at%20a%20time!&c9=&cv=2.0&cj=1&ns__t=1618903395026
Request Chain 317
  • https://eu-u.openx.net/w/1.0/pd?plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1 HTTP 302
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Request Chain 318
  • https://eu-u.openx.net/w/1.0/pd?plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1 HTTP 302
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Request Chain 329
  • https://eu-u.openx.net/w/1.0/pd?plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1 HTTP 302
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Request Chain 333
  • https://eu-u.openx.net/w/1.0/pd?plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1 HTTP 302
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Request Chain 338
  • https://eu-u.openx.net/w/1.0/pd?plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1 HTTP 302
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Request Chain 339
  • https://id5-sync.com/s/441/9.gif?puid=e_b77e7704-3f48-4cd2-8a23-2a4910c06b1d&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/441/9/1.gif?puid=e_b77e7704-3f48-4cd2-8a23-2a4910c06b1d&gdpr=1&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F108%2F8%2F2.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F108%2F8%2F2.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/108/8/2.gif?puid=4746f671-a1a9-11eb-93df-36fd58919319&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMON0tT39D-jr5PEsarfiqqSPPIx416l7lI6KtKzA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F7%2F3.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMON0tT39D-jr5PEsarfiqqSPPIx416l7lI6KtKzA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F7%2F3.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/441/124/7/3.gif?puid=18b47af7-07b6-4591-ab0b-783706c57f38&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
Request Chain 341
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=vaDbDUvj1LyKJ85
Request Chain 342
  • https://x.bidswitch.net/sync?ssp=openx HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=openx HTTP 302
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_user_id=65d94fee-c511-45e9-b056-979136a5c0f5 HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_user_id=65d94fee-c511-45e9-b056-979136a5c0f5 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=83e07eaf-79cf-435a-bd50-300514011123&ssp=openx HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=250&expires=14&user_id=83e07eaf-79cf-435a-bd50-300514011123&ssp=openx HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=1c9e1aec-402b-4c7f-a5f7-47f023c4b926 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072968&val=1c9e1aec-402b-4c7f-a5f7-47f023c4b926
Request Chain 343
  • https://match.prod.bidr.io/cookie-sync/ox HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDNjhFN0FfUU1BQUNvTmxTb3RZdw&bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
Request Chain 344
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=d1b5607e-8165-4800-876d-ab101b7e2e87
Request Chain 345
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=Pc4R-jPPEKkmz0KtassLpzidF_0mmxKub8iabcN0
Request Chain 346
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7164652902387813826
Request Chain 348
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NmY4ZjRhMWItZDc4Yy02ZTcxLTViMDAtYzY5N2Y3ZmMyZTM5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NmY4ZjRhMWItZDc4Yy02ZTcxLTViMDAtYzY5N2Y3ZmMyZTM5&google_tc=
Request Chain 349
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGcCrvsOWuZHVT3qlItpIlc&google_cver=1
Request Chain 351
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=XN8r8FS71LyKJ85
Request Chain 352
  • https://x.bidswitch.net/sync?ssp=openx HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=openx HTTP 302
  • https://a.volvelle.tech/sync?ssp=bidswitch&bidswitch_ssp_id=openx HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=190&expires=14&user_group=0&user_id=&ssp=openx HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=65d94fee-c511-45e9-b056-979136a5c0f5
Request Chain 353
  • https://match.prod.bidr.io/cookie-sync/ox HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDYzZFN0FfUU1BQUNvR2lwcVRXdw&bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
Request Chain 354
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=8f84607e-8165-4200-98f9-ba366b2f9f3c
Request Chain 355
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=Ji8jWyguIgg9LnAJJCY5CXUndg09LiwHIihHQQTW
Request Chain 356
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=9016412892272324536
Request Chain 358
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MDQ1NjQ3ZjAtYzNmYy02YTYxLTUwYmMtZGQ3ODkwMmRiZWRi HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MDQ1NjQ3ZjAtYzNmYy02YTYxLTUwYmMtZGQ3ODkwMmRiZWRi&google_tc=
Request Chain 359
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPzNImukdr39D1_MV83l7iU&google_cver=1
Request Chain 361
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=qH4qjuxX1LyKJ85
Request Chain 362
  • https://x.bidswitch.net/sync?ssp=openx HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=openx HTTP 302
  • https://a.volvelle.tech/sync?ssp=bidswitch&bidswitch_ssp_id=openx HTTP 302
  • https://a.volvelle.tech/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=openx HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=190&expires=14&user_group=1&user_id=ef022bc3-e12c-4b80-bda4-82aca5f2510e&ssp=openx HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=65d94fee-c511-45e9-b056-979136a5c0f5
Request Chain 363
  • https://match.prod.bidr.io/cookie-sync/ox HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCMWRrN0FfUU1BQUNtWmNhc25kQQ&bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
Request Chain 364
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=ad4b607e-8165-4500-a43e-aa303f5a6815
Request Chain 365
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=dRagbnsXoT1uF_E6JhO6OnIRpzhuHqA5cRC1VNw0
Request Chain 366
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3961407956414391064
Request Chain 368
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjQ5ZGMzZWUtNDkzZC02ZDA3LTQwNGYtYWMxODNmOTQ3ZWFj HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjQ5ZGMzZWUtNDkzZC02ZDA3LTQwNGYtYWMxODNmOTQ3ZWFj&google_tc=
Request Chain 369
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHke1hAnDIg27no6bHioNcU&google_cver=1
Request Chain 371
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=qH4qjuxX1LyKJ85
Request Chain 372
  • https://x.bidswitch.net/sync?ssp=openx HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=openx HTTP 302
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=openx HTTP 302
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=openx HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=506f0f82-6202-45e3-af4b-50ec61ceaf8e&ssp=openx HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=65d94fee-c511-45e9-b056-979136a5c0f5
Request Chain 373
  • https://match.prod.bidr.io/cookie-sync/ox HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEcGYwN0FfUU1BQUNuSm5rVmN6dw&bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
Request Chain 374
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=6993607e-8165-4900-ae38-b45f2334a00b
Request Chain 375
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=Ji8jWyguIgg9LnAJJCY5CXUndg09LiwHIihHQQTW
Request Chain 376
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7393674990322772452
Request Chain 378
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NTVhZmY5ZTEtYmRkNy02ZGJmLTQ2MzUtYjk4ZTliMDVhNTVh HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NTVhZmY5ZTEtYmRkNy02ZGJmLTQ2MzUtYjk4ZTliMDVhNTVh&google_tc=
Request Chain 379
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMH0o8XeP5l9Q2LALNq8ZmU&google_cver=1
Request Chain 381
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=1YJ7OjvR1LyKJ85
Request Chain 382
  • https://x.bidswitch.net/sync?ssp=openx HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=openx HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dopenx HTTP 302
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dopenx HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=dcfa8e26-1e1e-4aaa-a74c-5b3842260970&ssp=openx HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=65d94fee-c511-45e9-b056-979136a5c0f5
Request Chain 383
  • https://match.prod.bidr.io/cookie-sync/ox HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCZjlFN0FfUU1BQUNrSng1SVhGZw&bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
Request Chain 384
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=916c607e-8165-4f00-b235-a17cf35fe8f8
Request Chain 385
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=Ji8jWyguIgg9LnAJJCY5CXUndg09LiwHIihHQQTW
Request Chain 386
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3438865930910268814
Request Chain 388
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=N2UyMWVjMjEtOGM0Yi02YzRhLTdjNGYtZDdjNDE4ZjNiMzdm HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=N2UyMWVjMjEtOGM0Yi02YzRhLTdjNGYtZDdjNDE4ZjNiMzdm&google_tc=
Request Chain 389
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEA_q65783eBmKtg3QmmDzsQ&google_cver=1
Request Chain 391
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=rwuq9ny&ttd_tpi=1 HTTP 302
  • https://sync.bfmio.com/sync?pid=106&uid=61027c95-652c-4081-a2d3-737ba1b5ce03
Request Chain 392
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=rwuq9ny&ttd_tpi=1 HTTP 302
  • https://sync.bfmio.com/sync?pid=106&uid=46e81a08-a754-4be9-b96e-e8163862e6dc
Request Chain 393
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=rwuq9ny&ttd_tpi=1 HTTP 302
  • https://sync.bfmio.com/sync?pid=106&uid=6c271d26-ee7c-4f60-a0f3-a17ed9d8cc71
Request Chain 394
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=rwuq9ny&ttd_tpi=1 HTTP 302
  • https://sync.bfmio.com/sync?pid=106&uid=6c271d26-ee7c-4f60-a0f3-a17ed9d8cc71
Request Chain 395
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=rwuq9ny&ttd_tpi=1 HTTP 302
  • https://sync.bfmio.com/sync?pid=106&uid=6c271d26-ee7c-4f60-a0f3-a17ed9d8cc71
Request Chain 398
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=NQiL10nPSKy2B-Y_4-MGFA%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 400
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=35088BD7-49CF-48AC-B607-E63FE3E30614&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=35088BD7-49CF-48AC-B607-E63FE3E30614&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 401
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=35088BD7-49CF-48AC-B607-E63FE3E30614&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=35088BD7-49CF-48AC-B607-E63FE3E30614&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=35088BD7-49CF-48AC-B607-E63FE3E30614&addseg=12,35,41
Request Chain 402
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MzUwODhCRDctNDlDRi00OEFDLUI2MDctRTYzRkUzRTMwNjE0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 403
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPDsYiSp81RvcJozSAoZk_Q&google_cver=1
Request Chain 405
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=6c271d26-ee7c-4f60-a0f3-a17ed9d8cc71
Request Chain 406
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3961407956414391064
Request Chain 407
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:916c607e-8165-4f00-b235-a17cf35fe8f8&gdpr=0&gdpr_consent=
Request Chain 408
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7854427346880711005&gdpr=0&gdpr_consent=
Request Chain 409
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=65d94fee-c511-45e9-b056-979136a5c0f5 HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=65d94fee-c511-45e9-b056-979136a5c0f5 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=3646d736-2a55-4499-8418-7a21c75c8cc5&ssp=pubmatic&expires=30&user_group=5&bsw_param=65d94fee-c511-45e9-b056-979136a5c0f5 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=65d94fee-c511-45e9-b056-979136a5c0f5&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 411
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=35088BD7-49CF-48AC-B607-E63FE3E30614&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-A9rNbkNE2uVZ3drvtllJ8H2xnLBIxuQ-~A&gdpr=0&gdpr_consent=
Request Chain 418
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHglkhvdG8qloNCZ9ErK2JI&google_cver=1
Request Chain 421
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=b39f5aea-06eb-4330-958c-825a257d6071
Request Chain 422
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7461959142714306524
Request Chain 423
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:99b2607e-8169-4a00-a233-7977639cc7bf&gdpr=0&gdpr_consent=
Request Chain 425
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1216248373145744966&gdpr=0&gdpr_consent=
Request Chain 426
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=HF8t3veyQIiDH7L6n3Rt0w%3D%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=HF8t3veyQIiDH7L6n3Rt0w%3D%3D&google_tc= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 428
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=1C5F2DDE-F7B2-4088-831F-B2FA9F746DD3&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=1C5F2DDE-F7B2-4088-831F-B2FA9F746DD3&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 429
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=1C5F2DDE-F7B2-4088-831F-B2FA9F746DD3&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=1C5F2DDE-F7B2-4088-831F-B2FA9F746DD3&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=1C5F2DDE-F7B2-4088-831F-B2FA9F746DD3&addseg=12,35,41
Request Chain 430
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MUM1RjJEREUtRjdCMi00MDg4LTgzMUYtQjJGQTlGNzQ2REQz&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MUM1RjJEREUtRjdCMi00MDg4LTgzMUYtQjJGQTlGNzQ2REQz&gdpr=0&gdpr_consent=&google_tc= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 431
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dpubmatic%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dpubmatic%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D&crf=1 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=2f713b19-e10d-516e-a00e-0987c07088ee&ssp=pubmatic&expires=30&user_group=1 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=1c9e1aec-402b-4c7f-a5f7-47f023c4b926&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 433
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=1C5F2DDE-F7B2-4088-831F-B2FA9F746DD3&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-A9rNbkNE2uVZ3drvtllJ8H2xnLBIxuQ-~A&gdpr=0&gdpr_consent=
Request Chain 440
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6953137175575656601
Request Chain 441
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDR2prN0FfUU1BQUNyUng1SVhGZw&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Request Chain 442
  • https://green.erne.co/pubmatic/cm HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=Lg3zPgg8xe0wftE8dBEaWrAb
Request Chain 445
  • https://pixel.onaudience.com/?partner=214&mapped=1C5F2DDE-F7B2-4088-831F-B2FA9F746DD3 HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=440114f7bde64d9fd88011a876b131f9 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
  • https://pixel.onaudience.com/?partner=147&mapped=b39f5aea-06eb-4330-958c-825a257d6071&icm HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=6bf80b6976edacaa HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=eb3bb799-4ea7-4ecc-5ae9-f349da6430bf&reqId=660e4349-9b8f-4a51-66dc-441cbe875d91&zcluid=6bf80b6976edacaa&zdid=1332 HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEBltVV0e0e0NbPedRMPvIm4&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=eb3bb799-4ea7-4ecc-5ae9-f349da6430bf&reqId=660e4349-9b8f-4a51-66dc-441cbe875d91&zcluid=6bf80b6976edacaa&zdid=1332
Request Chain 446
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=99b2607e-8169-4a00-a233-7977639cc7bf
Request Chain 447
  • https://loadm.exelator.com/load/?p=204&g=71&buid=1C5F2DDE-F7B2-4088-831F-B2FA9F746DD3&gdpr=0&gdpr_consent=&j=0 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=71&buid=1C5F2DDE-F7B2-4088-831F-B2FA9F746DD3&gdpr=0&gdpr_consent=&j=0&xl8blockcheck=1
Request Chain 448
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=8s_qpvzO66DpyL-n8M_w8PKcv_Lpz7nw85wo0f_W
Request Chain 449
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8766612524919737281&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 450
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YH6BbAAATFfORQBg HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YH6BbAAATFfORQBg&gdpr=0&gdpr_consent=&_test=YH6BbAAATFfORQBg
Request Chain 451
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:c3b2ced1-d178-4a35-8758-95f68b2d56f9&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 452
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Request Chain 454
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1216248373145744966

453 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
babesinhairland.com/
Redirect Chain
  • http://babesinhairland.com/
  • https://babesinhairland.com/
109 KB
33 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.6 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10006.sucuri.net
Software
nginx /
Resource Hash
359527f78248238f6f0f68a244bc38a6bfc55e2c8fe4d121129a5372c001f019
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
babesinhairland.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
nginx
date
Tue, 20 Apr 2021 07:23:11 GMT
content-type
text/html; charset=UTF-8
x-sucuri-id
13006
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests;
link
<https://babesinhairland.com/wp-json/>; rel="https://api.w.org/"
vary
Accept-Encoding
content-encoding
gzip
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
referrer-policy
x-sucuri-cache
EXPIRED

Redirect headers

Server
Sucuri/Cloudproxy
Date
Tue, 20 Apr 2021 07:23:09 GMT
Content-Type
text/html; charset=iso-8859-1
Content-Length
236
Connection
keep-alive
X-Sucuri-ID
13006
X-XSS-Protection
1; mode=block
X-Frame-Options
SAMEORIGIN
X-Content-Type-Options
nosniff
Location
https://babesinhairland.com/
X-Sucuri-Cache
EXPIRED
cv.css
babesinhairland.com/wp-content/plugins/content-views-query-and-display-post-page/public/assets/css/ 		76 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://babesinhairland.com/wp-content/plugins/content-views-query-and-display-post-page/public/assets/css/cv.css?ver=2.4.0.1
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.6 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10006.sucuri.net
Software
nginx /
Resource Hash
7a8fee0a8096e3de089202f91f26ec7a5fdf7aa08106b35a8e5bc39fbcd978c2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/plugins/content-views-query-and-display-post-page/public/assets/css/cv.css?ver=2.4.0.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
babesinhairland.com
referer
https://babesinhairland.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length
15501
x-xss-protection
1; mode=block
referrer-policy
last-modified
Tue, 16 Mar 2021 03:03:15 GMT
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=315360000
x-sucuri-id
13006
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
sbi-styles.min.css
babesinhairland.com/wp-content/plugins/instagram-feed/css/ 		16 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://babesinhairland.com/wp-content/plugins/instagram-feed/css/sbi-styles.min.css?ver=2.9
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.6 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10006.sucuri.net
Software
nginx /
Resource Hash
df15236d4098113e3479fc540a9bd1046ca6029f5508098e9c4245a0e12fab05
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/plugins/instagram-feed/css/sbi-styles.min.css?ver=2.9
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
babesinhairland.com
referer
https://babesinhairland.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length
3978
x-xss-protection
1; mode=block
referrer-policy
last-modified
Wed, 31 Mar 2021 02:43:04 GMT
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=315360000
x-sucuri-id
13006
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
style.css
babesinhairland.com/wp-content/themes/restored316-divine/ 		58 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://babesinhairland.com/wp-content/themes/restored316-divine/style.css?ver=1.0.4
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.6 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10006.sucuri.net
Software
nginx /
Resource Hash
393e660d33c8d0ae580f2d9029cf6f412c556de3a876e6544cdd3c916898dded
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/themes/restored316-divine/style.css?ver=1.0.4
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
babesinhairland.com
referer
https://babesinhairland.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length
16682
x-xss-protection
1; mode=block
referrer-policy
last-modified
Thu, 14 Sep 2017 01:49:31 GMT
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=315360000
x-sucuri-id
13006
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
style.min.css
babesinhairland.com/wp-includes/css/dist/block-library/ 		57 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://babesinhairland.com/wp-includes/css/dist/block-library/style.min.css?ver=5.7.1
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.6 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10006.sucuri.net
Software
nginx /
Resource Hash
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-includes/css/dist/block-library/style.min.css?ver=5.7.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
babesinhairland.com
referer
https://babesinhairland.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length
11763
x-xss-protection
1; mode=block
referrer-policy
last-modified
Thu, 15 Apr 2021 10:46:18 GMT
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=315360000
x-sucuri-id
13006
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
client.css
babesinhairland.com/wp-content/plugins/jquery-pin-it-button-for-images/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://babesinhairland.com/wp-content/plugins/jquery-pin-it-button-for-images/css/client.css?ver=3.0.6
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.6 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10006.sucuri.net
Software
nginx /
Resource Hash
d5bb8e9097a2f622718cd4922fe78ee9957d7710c58adb81e119a48ce9ed9791
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/plugins/jquery-pin-it-button-for-images/css/client.css?ver=3.0.6
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
babesinhairland.com
referer
https://babesinhairland.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length
686
x-xss-protection
1; mode=block
referrer-policy
last-modified
Wed, 14 Oct 2020 20:29:33 GMT
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=315360000
x-sucuri-id
13006
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/ 		23 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css?ver=5.7.1
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:12 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
632, 617, 617
age
446873
cdn-cachedat
2021-04-13 17:43:42
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
098fc277a400002b713606d000000001
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
3fdcb618c803a6a40893186771073a2f
cf-ray
642ca0390bd72b71-FRA
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
css
fonts.googleapis.com/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Playfair+Display%7CLato%3A400%2C400italic%2C700%2C700italic%7CSource+Serif+Pro%7COswald%3A300%2C400&ver=5.7.1
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7eb1544940a18bbb7ce918d7623649b11958b5335582cf0cfd7751b627f35386
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 20 Apr 2021 07:23:12 GMT
server
ESF
date
Tue, 20 Apr 2021 07:23:12 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 20 Apr 2021 07:23:12 GMT
dashicons.min.css
babesinhairland.com/wp-includes/css/ 		58 KB
35 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://babesinhairland.com/wp-includes/css/dashicons.min.css?ver=5.7.1
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.6 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10006.sucuri.net
Software
nginx /
Resource Hash
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-includes/css/dashicons.min.css?ver=5.7.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
babesinhairland.com
referer
https://babesinhairland.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-xss-protection
1; mode=block
referrer-policy
last-modified
Thu, 15 Apr 2021 10:46:18 GMT
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=315360000
x-sucuri-id
13006
content-security-policy
upgrade-insecure-requests;
expires
Thu, 31 Dec 2037 23:55:55 GMT
style.css
babesinhairland.com/wp-content/plugins/simple-social-icons/css/ 		1 KB
837 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://babesinhairland.com/wp-content/plugins/simple-social-icons/css/style.css?ver=3.0.2
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.6 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10006.sucuri.net
Software
nginx /
Resource Hash
f230538018f9156f925bd667c6ac4f437ae4541b9d421424728592d359b499c8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/plugins/simple-social-icons/css/style.css?ver=3.0.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
babesinhairland.com
referer
https://babesinhairland.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length
447
x-xss-protection
1; mode=block
referrer-policy
last-modified
Tue, 21 Apr 2020 18:29:55 GMT
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=315360000
x-sucuri-id
13006
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
ytprefs.min.css
babesinhairland.com/wp-content/plugins/youtube-embed-plus/styles/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://babesinhairland.com/wp-content/plugins/youtube-embed-plus/styles/ytprefs.min.css?ver=13.4.2
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.6 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10006.sucuri.net
Software
nginx /
Resource Hash
54b16a534f27d39f8edb7dd908ecf182b4be466f86f28ac0f01f415f2ba9d1cf
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/plugins/youtube-embed-plus/styles/ytprefs.min.css?ver=13.4.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
babesinhairland.com
referer
https://babesinhairland.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length
1680
x-xss-protection
1; mode=block
referrer-policy
last-modified
Tue, 16 Mar 2021 03:03:20 GMT
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=315360000
x-sucuri-id
13006
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.min.js
babesinhairland.com/wp-includes/js/jquery/ 		87 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://babesinhairland.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.6 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10006.sucuri.net
Software
nginx /
Resource Hash
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
babesinhairland.com
referer
https://babesinhairland.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-xss-protection
1; mode=block
referrer-policy
last-modified
Wed, 16 Dec 2020 16:27:35 GMT
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-sucuri-id
13006
content-security-policy
upgrade-insecure-requests;
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery-migrate.min.js
babesinhairland.com/wp-includes/js/jquery/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://babesinhairland.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.6 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10006.sucuri.net
Software
nginx /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
babesinhairland.com
referer
https://babesinhairland.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length
4618
x-xss-protection
1; mode=block
referrer-policy
last-modified
Wed, 16 Dec 2020 16:27:35 GMT
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-sucuri-id
13006
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
st_insights.js
ws.sharethis.com/button/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ws.sharethis.com/button/st_insights.js?publisher=4d48b7c5-0ae3-43d4-bfbe-3ff8c17a8ae6&product=simpleshare
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:2400:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
f8284365ba340253ee9c71cfb5efcc37f10a23e8b8b5dd134ec7bbab05073845

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 00:11:55 GMT
content-encoding
gzip
server
nginx/1.16.1
age
198677
etag
W/"60256fd5-676f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 af287426c130b47dba79bf825f91ebbb.cloudfront.net (CloudFront)
cache-control
max-age=259200
x-amz-cf-pop
ZRH50-C1
x-robots-tag
noindex, nofollow
content-length
7567
x-amz-cf-id
7zepXv1oOcTgdbazcnJiwwORmAAFNUNctnyE6EI9VWdQAuKRRW_Mvg==
expires
Wed, 21 Apr 2021 00:11:55 GMT
responsive-menu.js
babesinhairland.com/wp-content/themes/restored316-divine/js/ 		881 B
741 B 		Script
General
Check archive.org
Download Go to
Full URL
https://babesinhairland.com/wp-content/themes/restored316-divine/js/responsive-menu.js?ver=1.0.0
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.6 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10006.sucuri.net
Software
nginx /
Resource Hash
caf9ba0c928dfb166f5f2adea37b154ead7462478f787e1e53ceeda27ae705e1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/themes/restored316-divine/js/responsive-menu.js?ver=1.0.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
babesinhairland.com
referer
https://babesinhairland.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length
341
x-xss-protection
1; mode=block
referrer-policy
last-modified
Mon, 27 Feb 2017 17:08:29 GMT
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-sucuri-id
13006
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
svgxuse.js
babesinhairland.com/wp-content/plugins/simple-social-icons/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://babesinhairland.com/wp-content/plugins/simple-social-icons/svgxuse.js?ver=1.1.21
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.6 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10006.sucuri.net
Software
nginx /
Resource Hash
860e4b944663ab48a4929f7f995379090822e06521ab6321612490be84de42fd
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/plugins/simple-social-icons/svgxuse.js?ver=1.1.21
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
babesinhairland.com
referer
https://babesinhairland.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length
2742
x-xss-protection
1; mode=block
referrer-policy
last-modified
Tue, 21 Apr 2020 18:29:55 GMT
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-sucuri-id
13006
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
ytprefs.min.js
babesinhairland.com/wp-content/plugins/youtube-embed-plus/scripts/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://babesinhairland.com/wp-content/plugins/youtube-embed-plus/scripts/ytprefs.min.js?ver=13.4.2
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.6 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10006.sucuri.net
Software
nginx /
Resource Hash
ddda47b049ec774960fe39b5c0fca40c15abf80158daec17c8e29146d1d1c31e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/plugins/youtube-embed-plus/scripts/ytprefs.min.js?ver=13.4.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
babesinhairland.com
referer
https://babesinhairland.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length
3915
x-xss-protection
1; mode=block
referrer-policy
last-modified
Tue, 16 Mar 2021 03:03:20 GMT
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-sucuri-id
13006
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
17a629-baa3-4516-93c8-2f929a29d754.js
monu.delivery/site/7/5/ 		504 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:333a:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
2ffcc8e642615cf9677270fe57d92d9443fbd4fe9772a3b0aea71bcc6a16780b

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:12 GMT
content-encoding
gzip
x-guploader-uploadid
ABg5-UwQcRqoCZGSvRcoErVFgCPO3gUY335uPGyWO_UcOclSP62wW9uX6A6A0wjidD2Zuv6IFf5zveR1wkE15PeSp3Q
x-cache
MISS
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
clear
last-modified
Tue, 13 Apr 2021 00:17:01 GMT
server
nginx
vary
Accept-Encoding
x-goog-hash
crc32c=/o2eTA==, md5=nOiP/xVpGXWpvIkeQCjOdw==
x-goog-generation
1618273021498841
via
1.1 google
cache-control
max-age=7200
x-goog-stored-content-length
515680
content-type
application/javascript
expires
Tue, 20 Apr 2021 09:23:12 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9b23486dbeecde08b58fc9ef7b743301eeb823cb86e1706323c1d7dcacb0b2e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
vrKmr5rJlq5GAazMf2FYRQ==
cross-origin-resource-policy
cross-origin
expires
Tue, 20 Apr 2021 07:29:01 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1780
x-fb-rlafr
0
x-fb-debug
7OpYGmV7a8hCq/tojZC3DKpziA3VB5+kLbWpC+RobemzSjZrXtqBCSUrM1p7mIkZa0taDqSm6CyXKUbWECcpgA==
x-fb-trip-id
917726464
x-fb-content-md5
19dff9d47b357977b010bc03d354b5da
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Tue, 20 Apr 2021 07:23:12 GMT
x-frame-options
DENY
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"210579aee2638d95701cfab67f9e179d"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
wp-emoji-release.min.js
babesinhairland.com/wp-includes/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://babesinhairland.com/wp-includes/js/wp-emoji-release.min.js?ver=5.7.1
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.6 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10006.sucuri.net
Software
nginx /
Resource Hash
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-includes/js/wp-emoji-release.min.js?ver=5.7.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
babesinhairland.com
referer
https://babesinhairland.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length
4942
x-xss-protection
1; mode=block
referrer-policy
last-modified
Wed, 03 Feb 2021 22:54:04 GMT
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-sucuri-id
13006
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
sdk.js
connect.facebook.net/en_US/ 		217 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=4c69d4eb180dc582bb87d6f0bb27b489&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f9dddc41a018487e3037b7ea33a12624a61028bdaa8f818f8343cca944ede7de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://babesinhairland.com
Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
blMykhCX7H8rbZeMN9GBxA==
cross-origin-resource-policy
cross-origin
expires
Wed, 20 Apr 2022 05:21:44 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
65517
x-fb-rlafr
0
x-fb-debug
fVeN+7D1gLHPIkxUYolBrTtdokXGRmWxRYzI9VRxb6XhmS2ihO0lj3LqfIeIFT0K8c7GjFOVLX/myC4Jal71NQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
cf7eb3ef68fa32534d56ec791fa47306
date
Tue, 20 Apr 2021 07:23:12 GMT
x-frame-options
DENY
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"11ad58cf271971b4609bc87a404e822a"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
profile.png
babesinhairland.com/wp-content/uploads/ 		197 KB
198 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://babesinhairland.com/wp-content/uploads/profile.png
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.6 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10006.sucuri.net
Software
nginx /
Resource Hash
80519b748f4b8535d7d0be4f67ff397bfadf10580f2fabd6eb79fbc608565159
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/uploads/profile.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
babesinhairland.com
referer
https://babesinhairland.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:12 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length
202186
x-xss-protection
1; mode=block
referrer-policy
last-modified
Mon, 27 Feb 2017 19:43:20 GMT
server
nginx
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=315360000
x-sucuri-id
13006
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
YourAdHere3ab.jpg
babesinhairland.com/wp-content/uploads/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://babesinhairland.com/wp-content/uploads/YourAdHere3ab.jpg
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.6 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10006.sucuri.net
Software
nginx /
Resource Hash
01bc53d4891be400d81d52d44a82d21ae53beb7ed6c50c2df137d8a06aeb9bb8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/uploads/YourAdHere3ab.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
babesinhairland.com
referer
https://babesinhairland.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:12 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length
30075
x-xss-protection
1; mode=block
referrer-policy
last-modified
Thu, 02 Mar 2017 04:53:28 GMT
server
nginx
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=315360000
x-sucuri-id
13006
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
BOMB-ad-300x250JPG-1.jpg
babesinhairland.com/wp-content/uploads/ 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://babesinhairland.com/wp-content/uploads/BOMB-ad-300x250JPG-1.jpg
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.6 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10006.sucuri.net
Software
nginx /
Resource Hash
3dfe97f4a77c2c40074e1ba976547598ef1bc1f336d67b35217f68cc729b378a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/uploads/BOMB-ad-300x250JPG-1.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
babesinhairland.com
referer
https://babesinhairland.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:12 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length
59932
x-xss-protection
1; mode=block
referrer-policy
last-modified
Mon, 08 Oct 2018 19:53:54 GMT
server
nginx
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=315360000
x-sucuri-id
13006
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
ChildrenWHairLossAd100x300.jpg
babesinhairland.com/wp-content/uploads/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://babesinhairland.com/wp-content/uploads/ChildrenWHairLossAd100x300.jpg
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.6 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10006.sucuri.net
Software
nginx /
Resource Hash
859a299f6ba1ab8b2f235363828f6f3185e86505e12183832acb764b3ac0029c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/uploads/ChildrenWHairLossAd100x300.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
babesinhairland.com
referer
https://babesinhairland.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:12 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length
31208
x-xss-protection
1; mode=block
referrer-policy
last-modified
Tue, 05 Jan 2016 19:28:25 GMT
server
nginx
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=315360000
x-sucuri-id
13006
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
babesinhairlandblog.jpg
babesinhairland.com/wp-content/uploads/sb-instagram-feed-images/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://babesinhairland.com/wp-content/uploads/sb-instagram-feed-images/babesinhairlandblog.jpg
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.6 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10006.sucuri.net
Software
nginx /
Resource Hash
924f2fb8066b66f4c163d433908df4c2c997250c5146d8a210c917b3e334206f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/uploads/sb-instagram-feed-images/babesinhairlandblog.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
babesinhairland.com
referer
https://babesinhairland.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:12 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length
6326
x-xss-protection
1; mode=block
referrer-policy
last-modified
Tue, 19 May 2020 20:23:54 GMT
server
nginx
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=315360000
x-sucuri-id
13006
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
placeholder.png
babesinhairland.com/wp-content/plugins/instagram-feed/img/ 		176 B
532 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://babesinhairland.com/wp-content/plugins/instagram-feed/img/placeholder.png
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.6 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10006.sucuri.net
Software
nginx /
Resource Hash
f623564c53c2e08780c064012cfbdbde0a80ee56816f4d5d3d52c46ed285cb95
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/plugins/instagram-feed/img/placeholder.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
babesinhairland.com
referer
https://babesinhairland.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:12 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length
176
x-xss-protection
1; mode=block
referrer-policy
last-modified
Wed, 31 Mar 2021 02:43:04 GMT
server
nginx
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=315360000
x-sucuri-id
13006
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
pinit.js
assets.pinterest.com/js/ 		361 B
262 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.pinterest.com/js/pinit.js
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:1b::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:12 GMT
content-encoding
br
x-cdn
fastly
etag
"62d32c28f14783b94192cd8d35bc010d"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=300
content-length
203
access-control-expose-headers
X-CDN
cv.js
babesinhairland.com/wp-content/plugins/content-views-query-and-display-post-page/public/assets/js/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://babesinhairland.com/wp-content/plugins/content-views-query-and-display-post-page/public/assets/js/cv.js?ver=2.4.0.1
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.6 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10006.sucuri.net
Software
nginx /
Resource Hash
8be3ffe5523bec1b0c3336590a969ba5a8a9e93d879558ffe7157f17f248ecbf
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/plugins/content-views-query-and-display-post-page/public/assets/js/cv.js?ver=2.4.0.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
babesinhairland.com
referer
https://babesinhairland.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length
8892
x-xss-protection
1; mode=block
referrer-policy
last-modified
Tue, 16 Mar 2021 03:03:15 GMT
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-sucuri-id
13006
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
jpibfi.client.js
babesinhairland.com/wp-content/plugins/jquery-pin-it-button-for-images/js/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://babesinhairland.com/wp-content/plugins/jquery-pin-it-button-for-images/js/jpibfi.client.js?ver=3.0.6
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.6 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10006.sucuri.net
Software
nginx /
Resource Hash
41ecb8fd0d1474f9c108f5c08824dbbe7d7c81494268d0849abb76e5c6217400
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/plugins/jquery-pin-it-button-for-images/js/jpibfi.client.js?ver=3.0.6
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
babesinhairland.com
referer
https://babesinhairland.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length
6001
x-xss-protection
1; mode=block
referrer-policy
last-modified
Wed, 14 Oct 2020 20:29:33 GMT
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-sucuri-id
13006
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
ssba.js
babesinhairland.com/wp-content/plugins/simple-share-buttons-adder/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://babesinhairland.com/wp-content/plugins/simple-share-buttons-adder/js/ssba.js?ver=5.7.1
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.6 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10006.sucuri.net
Software
nginx /
Resource Hash
76a18f5f0637e0d73ce1afece898ce8b0fa75bb6b1c1990ae4a7ac6b083045ce
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/plugins/simple-share-buttons-adder/js/ssba.js?ver=5.7.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
babesinhairland.com
referer
https://babesinhairland.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length
864
x-xss-protection
1; mode=block
referrer-policy
last-modified
Wed, 06 Jan 2021 18:50:21 GMT
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-sucuri-id
13006
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
fitvids.min.js
babesinhairland.com/wp-content/plugins/youtube-embed-plus/scripts/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://babesinhairland.com/wp-content/plugins/youtube-embed-plus/scripts/fitvids.min.js?ver=13.4.2
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.6 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10006.sucuri.net
Software
nginx /
Resource Hash
aba0ac3c89011196a2c6b54d868991e18ffaf494c8e3afc97451be087b93770c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/plugins/youtube-embed-plus/scripts/fitvids.min.js?ver=13.4.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
babesinhairland.com
referer
https://babesinhairland.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length
1050
x-xss-protection
1; mode=block
referrer-policy
last-modified
Tue, 16 Mar 2021 03:03:20 GMT
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-sucuri-id
13006
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
wp-embed.min.js
babesinhairland.com/wp-includes/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://babesinhairland.com/wp-includes/js/wp-embed.min.js?ver=5.7.1
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.6 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10006.sucuri.net
Software
nginx /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-includes/js/wp-embed.min.js?ver=5.7.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
babesinhairland.com
referer
https://babesinhairland.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length
777
x-xss-protection
1; mode=block
referrer-policy
last-modified
Wed, 03 Feb 2021 22:54:04 GMT
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-sucuri-id
13006
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
sbi-scripts.min.js
babesinhairland.com/wp-content/plugins/instagram-feed/js/ 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://babesinhairland.com/wp-content/plugins/instagram-feed/js/sbi-scripts.min.js?ver=2.9
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.6 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10006.sucuri.net
Software
nginx /
Resource Hash
2717481d28d98b22e3277c45a2a0529b5044aef42d8f262ca7e11e73240c563d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/plugins/instagram-feed/js/sbi-scripts.min.js?ver=2.9
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
babesinhairland.com
referer
https://babesinhairland.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length
9333
x-xss-protection
1; mode=block
referrer-policy
last-modified
Wed, 31 Mar 2021 02:43:04 GMT
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-sucuri-id
13006
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
cc_af.js
tags.crwdcntrl.net/c/13511/ 		37 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/c/13511/cc_af.js
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-47.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
35c73f9c2955390a1ff1e4caf89302da9fd3759caac58aeab47491f238c2e8d6

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 12:09:04 GMT
content-encoding
gzip
etag
W/"2c5bd072799166d50f4c55655290d1e4"
last-modified
Fri, 24 Apr 2020 15:00:16 GMT
server
AmazonS3
age
69249
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
via
1.1 d4ab4520827d99650a0d233539c37425.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
pyTmz9Uj_N-8qa7_pZwrH8uZ15ltKccl1Ut010WFGKO5snebjco7HQ==
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
5210
date
Tue, 20 Apr 2021 05:56:22 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Tue, 20 Apr 2021 07:56:22 GMT
symbol-defs.svg
babesinhairland.com/wp-content/plugins/simple-social-icons/ 		19 KB
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://babesinhairland.com/wp-content/plugins/simple-social-icons/symbol-defs.svg
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.6 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10006.sucuri.net
Software
nginx /
Resource Hash
194388578fe16a8f6d0790e1af9f6f935a03b3ecb8d7620f0ebca642761ebc88
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/plugins/simple-social-icons/symbol-defs.svg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
same-origin
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
babesinhairland.com
referer
https://babesinhairland.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length
8273
x-xss-protection
1; mode=block
referrer-policy
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=315360000
x-sucuri-id
13006
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
header.png
babesinhairland.com/wp-content/uploads/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://babesinhairland.com/wp-content/uploads/header.png
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.6 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10006.sucuri.net
Software
nginx /
Resource Hash
767a2699978d5f976aad931075245e00e525bb26cbc9699148f0ee81791b628f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/uploads/header.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
babesinhairland.com
referer
https://babesinhairland.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:12 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length
28666
x-xss-protection
1; mode=block
referrer-policy
last-modified
Mon, 27 Feb 2017 17:05:45 GMT
server
nginx
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=315360000
x-sucuri-id
13006
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
icon-search.png
babesinhairland.com/wp-content/themes/restored316-divine/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://babesinhairland.com/wp-content/themes/restored316-divine/images/icon-search.png
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/wp-content/themes/restored316-divine/style.css?ver=1.0.4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.6 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10006.sucuri.net
Software
nginx /
Resource Hash
c799c70d3cae050e7292913344ed2b50f1646d2c30b82cf7a8d94497450ef587
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/themes/restored316-divine/images/icon-search.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
babesinhairland.com
referer
https://babesinhairland.com/wp-content/themes/restored316-divine/style.css?ver=1.0.4
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://babesinhairland.com/wp-content/themes/restored316-divine/style.css?ver=1.0.4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:12 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length
1238
x-xss-protection
1; mode=block
referrer-policy
last-modified
Mon, 27 Feb 2017 17:08:29 GMT
server
nginx
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=315360000
x-sucuri-id
13006
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
TK3IWkUHHAIjg75cFRf3bXL8LICs13Fv40pKlN4NNSeSASwcEWlWHYg.woff2
fonts.gstatic.com/s/oswald/v36/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oswald/v36/TK3IWkUHHAIjg75cFRf3bXL8LICs13Fv40pKlN4NNSeSASwcEWlWHYg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Playfair+Display%7CLato%3A400%2C400italic%2C700%2C700italic%7CSource+Serif+Pro%7COswald%3A300%2C400&ver=5.7.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81b683dd9d42cd417d7d9b29ab60b1d30c8f3b6d0cd6dde6587725805559a7d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://babesinhairland.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 01:44:06 GMT
x-content-type-options
nosniff
last-modified
Thu, 28 Jan 2021 20:31:25 GMT
server
sffe
age
20346
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24052
x-xss-protection
0
expires
Wed, 20 Apr 2022 01:44:06 GMT
truncated
/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bc9c387b513b4d43675910f780fa03e92b9a4b58432b402a8f0a801a0d5ae855

Request headers

Origin
https://babesinhairland.com
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8
nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKdFvXDXbtM.woff2
fonts.gstatic.com/s/playfairdisplay/v22/ 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/playfairdisplay/v22/nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKdFvXDXbtM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Playfair+Display%7CLato%3A400%2C400italic%2C700%2C700italic%7CSource+Serif+Pro%7COswald%3A300%2C400&ver=5.7.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c5348e4d76366efc13f2bcb5a5ce138e581e90d570a09d0ec66a8cab4920be6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://babesinhairland.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 10:03:38 GMT
x-content-type-options
nosniff
last-modified
Thu, 28 Jan 2021 20:30:38 GMT
server
sffe
age
163174
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28568
x-xss-protection
0
expires
Mon, 18 Apr 2022 10:03:38 GMT
preview-IMG_3536.jpg
babesinhairland.com/wp-content/uploads/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://babesinhairland.com/wp-content/uploads/preview-IMG_3536.jpg
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.6 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10006.sucuri.net
Software
nginx /
Resource Hash
9397f22f957d47fd7e6b04832ac8f6dfbd41b135749471859d4b30ae9244871c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/uploads/preview-IMG_3536.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
babesinhairland.com
referer
https://babesinhairland.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:12 GMT
x-content-type-options
nosniff
x-sucuri-cache
MISS
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length
7818
x-xss-protection
1; mode=block
referrer-policy
last-modified
Sat, 17 Mar 2012 04:05:22 GMT
server
nginx
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=315360000
x-sucuri-id
13006
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
preview-DSC_1803.jpg
babesinhairland.com/wp-content/uploads/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://babesinhairland.com/wp-content/uploads/preview-DSC_1803.jpg
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.6 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10006.sucuri.net
Software
nginx /
Resource Hash
982c816b9b4f4e365296694a6efa027a21f7f586c697e21fd5b822ea753514a2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/uploads/preview-DSC_1803.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
babesinhairland.com
referer
https://babesinhairland.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:12 GMT
x-content-type-options
nosniff
x-sucuri-cache
MISS
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length
9383
x-xss-protection
1; mode=block
referrer-policy
last-modified
Tue, 01 Jul 2014 13:06:42 GMT
server
nginx
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=315360000
x-sucuri-id
13006
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
Prvw-DSC_2938.jpg
babesinhairland.com/wp-content/uploads/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://babesinhairland.com/wp-content/uploads/Prvw-DSC_2938.jpg
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.6 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10006.sucuri.net
Software
nginx /
Resource Hash
67fd2550ec99c5a6298439c50edb767f965b400f18cd6ec5e8155e6f3c512fbb
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/uploads/Prvw-DSC_2938.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
babesinhairland.com
referer
https://babesinhairland.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:12 GMT
x-content-type-options
nosniff
x-sucuri-cache
MISS
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length
10668
x-xss-protection
1; mode=block
referrer-policy
last-modified
Mon, 08 Sep 2014 18:35:38 GMT
server
nginx
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=315360000
x-sucuri-id
13006
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
preview-IMG_2772.jpg
babesinhairland.com/wp-content/uploads/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://babesinhairland.com/wp-content/uploads/preview-IMG_2772.jpg
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.6 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10006.sucuri.net
Software
nginx /
Resource Hash
3d734de6f7e11c73085a19b188049f84a080b1b1e70cf88f7e422da5673eae6f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/uploads/preview-IMG_2772.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
babesinhairland.com
referer
https://babesinhairland.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:12 GMT
x-content-type-options
nosniff
x-sucuri-cache
MISS
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length
9146
x-xss-protection
1; mode=block
referrer-policy
last-modified
Tue, 17 Dec 2013 04:52:22 GMT
server
nginx
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=315360000
x-sucuri-id
13006
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
Prvw-DSC_3248.jpg
babesinhairland.com/wp-content/uploads/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://babesinhairland.com/wp-content/uploads/Prvw-DSC_3248.jpg
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.6 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10006.sucuri.net
Software
nginx /
Resource Hash
5586cd6c747f16b563943ee3e55a201b0a40a88cb48b561c4a763adc977dd9cb
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/uploads/Prvw-DSC_3248.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
babesinhairland.com
referer
https://babesinhairland.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:12 GMT
x-content-type-options
nosniff
x-sucuri-cache
MISS
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length
9198
x-xss-protection
1; mode=block
referrer-policy
last-modified
Mon, 13 Oct 2014 22:40:32 GMT
server
nginx
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=315360000
x-sucuri-id
13006
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
preview-IMG_8224-four-stran.jpg
babesinhairland.com/wp-content/uploads/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://babesinhairland.com/wp-content/uploads/preview-IMG_8224-four-stran.jpg
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.6 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10006.sucuri.net
Software
nginx /
Resource Hash
1978bd596271024a3d2d3ec23c7411b465bc2c50c4ec996130b17f8d15df847c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/uploads/preview-IMG_8224-four-stran.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
babesinhairland.com
referer
https://babesinhairland.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:12 GMT
x-content-type-options
nosniff
x-sucuri-cache
MISS
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length
7328
x-xss-protection
1; mode=block
referrer-policy
last-modified
Tue, 27 Mar 2012 18:46:15 GMT
server
nginx
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=315360000
x-sucuri-id
13006
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
preview-IMG_8776.jpg
babesinhairland.com/wp-content/uploads/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://babesinhairland.com/wp-content/uploads/preview-IMG_8776.jpg
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.6 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10006.sucuri.net
Software
nginx /
Resource Hash
c48b93fbeac87659b83bca5b14f28e8ebd4d13ea8e4d20183f1540820ef2d593
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/uploads/preview-IMG_8776.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
babesinhairland.com
referer
https://babesinhairland.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:12 GMT
x-content-type-options
nosniff
x-sucuri-cache
MISS
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length
9550
x-xss-protection
1; mode=block
referrer-policy
last-modified
Tue, 29 Jan 2013 15:29:19 GMT
server
nginx
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=315360000
x-sucuri-id
13006
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
preview-IMG_8745.jpg
babesinhairland.com/wp-content/uploads/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://babesinhairland.com/wp-content/uploads/preview-IMG_8745.jpg
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.6 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10006.sucuri.net
Software
nginx /
Resource Hash
48113c9647a9c86a8ccf27e1fb94954e8d1a41907b228ae1f0eb55d3ae7fc46a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/uploads/preview-IMG_8745.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
babesinhairland.com
referer
https://babesinhairland.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:12 GMT
x-content-type-options
nosniff
x-sucuri-cache
MISS
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length
8862
x-xss-protection
1; mode=block
referrer-policy
last-modified
Wed, 02 Jan 2013 20:28:35 GMT
server
nginx
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=315360000
x-sucuri-id
13006
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
preview-IMG_2225.jpg
babesinhairland.com/wp-content/uploads/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://babesinhairland.com/wp-content/uploads/preview-IMG_2225.jpg
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.6 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10006.sucuri.net
Software
nginx /
Resource Hash
0ee8cbcc67e31cfed22f43ee631658c1010f5f6b56aa6bb3a10fca8e31adcde7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/uploads/preview-IMG_2225.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
babesinhairland.com
referer
https://babesinhairland.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:12 GMT
x-content-type-options
nosniff
x-sucuri-cache
MISS
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length
9071
x-xss-protection
1; mode=block
referrer-policy
last-modified
Tue, 29 Oct 2013 03:36:42 GMT
server
nginx
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=315360000
x-sucuri-id
13006
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
preview-IMG_7447-fancy-bun-.jpg
babesinhairland.com/wp-content/uploads/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://babesinhairland.com/wp-content/uploads/preview-IMG_7447-fancy-bun-.jpg
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.6 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10006.sucuri.net
Software
nginx /
Resource Hash
47d28688be8c7e0a67745b0b2fb8f448657191fbe107169c2dcbf5f254ccd7bb
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/uploads/preview-IMG_7447-fancy-bun-.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
babesinhairland.com
referer
https://babesinhairland.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:12 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length
7708
x-xss-protection
1; mode=block
referrer-policy
last-modified
Sat, 24 Mar 2012 19:55:12 GMT
server
nginx
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=315360000
x-sucuri-id
13006
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
preview-IMG_2231B.jpg
babesinhairland.com/wp-content/uploads/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://babesinhairland.com/wp-content/uploads/preview-IMG_2231B.jpg
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.6 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10006.sucuri.net
Software
nginx /
Resource Hash
c1fa9b8336c776f5734a670218bf62b9439c5585e9edb0c8c302dc6a0881ef27
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/uploads/preview-IMG_2231B.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
babesinhairland.com
referer
https://babesinhairland.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:12 GMT
x-content-type-options
nosniff
x-sucuri-cache
MISS
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length
9839
x-xss-protection
1; mode=block
referrer-policy
last-modified
Tue, 17 Jan 2012 21:24:12 GMT
server
nginx
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=315360000
x-sucuri-id
13006
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
2-Prvw-Look-Back-at-2015-YT.jpg
babesinhairland.com/wp-content/uploads/ 		115 KB
115 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://babesinhairland.com/wp-content/uploads/2-Prvw-Look-Back-at-2015-YT.jpg
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.6 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10006.sucuri.net
Software
nginx /
Resource Hash
92ff6a00efba5377195e138251be3aa77a5f3aee06cf1b68c98cfb9bd05dcbe4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/uploads/2-Prvw-Look-Back-at-2015-YT.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
babesinhairland.com
referer
https://babesinhairland.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:12 GMT
x-content-type-options
nosniff
x-sucuri-cache
MISS
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length
117271
x-xss-protection
1; mode=block
referrer-policy
last-modified
Tue, 29 Dec 2015 17:33:35 GMT
server
nginx
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=315360000
x-sucuri-id
13006
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
Prvw-IMG_4055-1.jpg
babesinhairland.com/wp-content/uploads/ 		111 KB
112 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://babesinhairland.com/wp-content/uploads/Prvw-IMG_4055-1.jpg
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.6 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10006.sucuri.net
Software
nginx /
Resource Hash
1d9f06621c8ef5541000902f21b736e209b852b674c9122e600c70b4a0ab3f88
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/uploads/Prvw-IMG_4055-1.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
babesinhairland.com
referer
https://babesinhairland.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:12 GMT
x-content-type-options
nosniff
x-sucuri-cache
MISS
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length
114161
x-xss-protection
1; mode=block
referrer-policy
last-modified
Tue, 04 Oct 2016 17:55:03 GMT
server
nginx
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=315360000
x-sucuri-id
13006
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
preview-IMG_2481.jpg
babesinhairland.com/wp-content/uploads/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://babesinhairland.com/wp-content/uploads/preview-IMG_2481.jpg
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.6 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10006.sucuri.net
Software
nginx /
Resource Hash
f1e0ed146b5c1cf0c09e8a27654a870e6f6f347ccca3926ba810f66cadc4429e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/uploads/preview-IMG_2481.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
babesinhairland.com
referer
https://babesinhairland.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:12 GMT
x-content-type-options
nosniff
x-sucuri-cache
MISS
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length
9239
x-xss-protection
1; mode=block
referrer-policy
last-modified
Sat, 07 Apr 2012 01:29:46 GMT
server
nginx
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=315360000
x-sucuri-id
13006
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
preview-IMG_3387_edited-2.jpg
babesinhairland.com/wp-content/uploads/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://babesinhairland.com/wp-content/uploads/preview-IMG_3387_edited-2.jpg
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.6 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10006.sucuri.net
Software
nginx /
Resource Hash
e6f5639cc492b5942a131857178bb91d5b901c8c7c7b38c8a7442ce969a66a97
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/uploads/preview-IMG_3387_edited-2.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
babesinhairland.com
referer
https://babesinhairland.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:12 GMT
x-content-type-options
nosniff
x-sucuri-cache
MISS
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length
10667
x-xss-protection
1; mode=block
referrer-policy
last-modified
Tue, 24 Jan 2012 04:37:15 GMT
server
nginx
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=315360000
x-sucuri-id
13006
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
PRVW-DSC_3613.jpg
babesinhairland.com/wp-content/uploads/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://babesinhairland.com/wp-content/uploads/PRVW-DSC_3613.jpg
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.6 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10006.sucuri.net
Software
nginx /
Resource Hash
bc5a4d6a431922d103c545ec36c6c5f03cc31d398791065ebfb3b1b055ce3581
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/uploads/PRVW-DSC_3613.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
babesinhairland.com
referer
https://babesinhairland.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:12 GMT
x-content-type-options
nosniff
x-sucuri-cache
MISS
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length
10427
x-xss-protection
1; mode=block
referrer-policy
last-modified
Tue, 11 Nov 2014 14:54:02 GMT
server
nginx
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=315360000
x-sucuri-id
13006
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
previewIMG_2900_edited-1aB.jpg
babesinhairland.com/wp-content/uploads/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://babesinhairland.com/wp-content/uploads/previewIMG_2900_edited-1aB.jpg
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.6 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10006.sucuri.net
Software
nginx /
Resource Hash
1446ac674e5455e1ce0dd049d053a0ab6dcce562add02444b3e79ba20c0eaf22
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/uploads/previewIMG_2900_edited-1aB.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
babesinhairland.com
referer
https://babesinhairland.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:12 GMT
x-content-type-options
nosniff
x-sucuri-cache
MISS
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length
9804
x-xss-protection
1; mode=block
referrer-policy
last-modified
Sat, 21 Jan 2012 05:17:13 GMT
server
nginx
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=315360000
x-sucuri-id
13006
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
preview-IMG_7682-4-strand-b.jpg
babesinhairland.com/wp-content/uploads/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://babesinhairland.com/wp-content/uploads/preview-IMG_7682-4-strand-b.jpg
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.6 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10006.sucuri.net
Software
nginx /
Resource Hash
eb1944d8be76f4a4b163d1d93f9e0d5c4fec0ae1e78f3abb03cd959ecde277a2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/uploads/preview-IMG_7682-4-strand-b.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
babesinhairland.com
referer
https://babesinhairland.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:12 GMT
x-content-type-options
nosniff
x-sucuri-cache
MISS
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length
8544
x-xss-protection
1; mode=block
referrer-policy
last-modified
Sat, 24 Mar 2012 21:35:18 GMT
server
nginx
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=315360000
x-sucuri-id
13006
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
Prvw-IMG_5198-1.jpg
babesinhairland.com/wp-content/uploads/ 		108 KB
109 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://babesinhairland.com/wp-content/uploads/Prvw-IMG_5198-1.jpg
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.6 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10006.sucuri.net
Software
nginx /
Resource Hash
ee86e1e2c98eb558a992424ff0a559d008a43013a6b8bdc4305c39daa2bac594
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/uploads/Prvw-IMG_5198-1.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
babesinhairland.com
referer
https://babesinhairland.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:12 GMT
x-content-type-options
nosniff
x-sucuri-cache
MISS
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length
110666
x-xss-protection
1; mode=block
referrer-policy
last-modified
Tue, 29 Nov 2016 17:38:09 GMT
server
nginx
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=315360000
x-sucuri-id
13006
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
Prvw-Happy-New-Year-400x400.jpg
babesinhairland.com/wp-content/uploads/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://babesinhairland.com/wp-content/uploads/Prvw-Happy-New-Year-400x400.jpg
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.6 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10006.sucuri.net
Software
nginx /
Resource Hash
32dbf9deaf5771e7eae92ff0742d94e8d9220f4e998b0b1e8084d24acc2ee62b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/uploads/Prvw-Happy-New-Year-400x400.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
babesinhairland.com
referer
https://babesinhairland.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:12 GMT
x-content-type-options
nosniff
x-sucuri-cache
MISS
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length
37134
x-xss-protection
1; mode=block
referrer-policy
last-modified
Mon, 27 Feb 2017 21:13:20 GMT
server
nginx
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=315360000
x-sucuri-id
13006
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
preview-IMG_0173-1.jpg
babesinhairland.com/wp-content/uploads/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://babesinhairland.com/wp-content/uploads/preview-IMG_0173-1.jpg
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.6 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10006.sucuri.net
Software
nginx /
Resource Hash
fab024d8514198a87a2ff27556f4912d2315614babc16994af700702b4935e27
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/uploads/preview-IMG_0173-1.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
babesinhairland.com
referer
https://babesinhairland.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:12 GMT
x-content-type-options
nosniff
x-sucuri-cache
MISS
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length
6977
x-xss-protection
1; mode=block
referrer-policy
last-modified
Tue, 02 Apr 2013 03:02:57 GMT
server
nginx
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=315360000
x-sucuri-id
13006
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
preview-IMG_4904.jpg
babesinhairland.com/wp-content/uploads/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://babesinhairland.com/wp-content/uploads/preview-IMG_4904.jpg
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.6 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10006.sucuri.net
Software
nginx /
Resource Hash
b5ac1972ac36ea81767509006f626d4e9a25b9bf64b4d0fc75b3d00e14df2d59
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/uploads/preview-IMG_4904.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
babesinhairland.com
referer
https://babesinhairland.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:12 GMT
x-content-type-options
nosniff
x-sucuri-cache
MISS
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length
10416
x-xss-protection
1; mode=block
referrer-policy
last-modified
Thu, 02 Feb 2012 05:50:48 GMT
server
nginx
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=315360000
x-sucuri-id
13006
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
preview-IMG_3762.jpg
babesinhairland.com/wp-content/uploads/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://babesinhairland.com/wp-content/uploads/preview-IMG_3762.jpg
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.6 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10006.sucuri.net
Software
nginx /
Resource Hash
c942dc0fe5446042e7fd1c29d9cccfac082b7931e6c5675ccfddc7caa422136a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/uploads/preview-IMG_3762.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
babesinhairland.com
referer
https://babesinhairland.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:12 GMT
x-content-type-options
nosniff
x-sucuri-cache
MISS
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length
11864
x-xss-protection
1; mode=block
referrer-policy
last-modified
Wed, 11 Apr 2012 04:36:50 GMT
server
nginx
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=315360000
x-sucuri-id
13006
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
portal-v2.html
c.sharethis.mgr.consensu.org/ Frame 7D85 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c.sharethis.mgr.consensu.org/portal-v2.html
Requested by
Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/st_insights.js?publisher=4d48b7c5-0ae3-43d4-bfbe-3ff8c17a8ae6&product=simpleshare
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:9200:c:a9b7:ddc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
ac84513c4c5ea7e4458e91c46e33ba71b56e19fabf93cc079ffcb01a975c2e3d

Request headers

:method
GET
:authority
c.sharethis.mgr.consensu.org
:scheme
https
:path
/portal-v2.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://babesinhairland.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://babesinhairland.com/

Response headers

content-type
text/html; charset=utf-8
content-encoding
gzip
cache-control
max-age=3600, public
date
Tue, 20 Apr 2021 07:00:14 GMT
etag
W/"83a-K1Ex0xzH2LCxSyRnDnyZEg18N68"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 f0f5607a03d2ae4c43b553dc2cef0c9e.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
aZGfYSoWvn9HFnQkDtsgB9Gb52rUf7VH4A38-5o0eaOu2IYnv4IXgA==
age
1378
1f384.svg
s.w.org/images/core/emoji/13.0.1/svg/ 		0
0
1f332.svg
s.w.org/images/core/emoji/13.0.1/svg/ 		0
0
ats.js
ats.rlcdn.com/ 		184 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-59.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cffabe0948ab31d5e6574c15c4e0d494ecc146d91cd0434d684c9ace31f9c068

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
PU5uQG8k6fF7c8ExjUxBI8zMqnTbvUtK
content-encoding
gzip
etag
W/"535a44cb49d4769cf9ec82fbcba860c8"
last-modified
Fri, 09 Apr 2021 08:07:05 GMT
server
AmazonS3
age
2696
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 a4f3f56409fe4e0b42683dc15dd52ef8.cloudfront.net (CloudFront)
date
Tue, 20 Apr 2021 06:44:23 GMT
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
nT_pkiF-ErJ7Cf18BActdQvACJvnnKFCxJeeDC_wCaLtbyjvmRwoxw==
config.js
confiant-integrations.global.ssl.fastly.net/OOh3bTrtb2nHyOwGk2LTO5SWo54/gpt_and_prebid/ 		150 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/OOh3bTrtb2nHyOwGk2LTO5SWo54/gpt_and_prebid/config.js
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
38c1560e977293999d4924afb5e66ea1959857c0bfe8de178bfe940e69511543

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 20 Apr 2021 07:23:12 GMT
Content-Encoding
gzip
Age
1125
X-Cache
HIT
Connection
keep-alive
Content-Length
33945
x-amz-id-2
GJR4fepYC4feUmRUvTHLVrJGuHdYgDI2RT6pRs/GioXRP2hVgpdL38vb7ihDibHV9JoEei8LVbs=
X-Served-By
cache-hhn4054-HHN
Last-Modified
Tue, 20 Apr 2021 07:00:32 GMT
Server
AmazonS3
X-Timer
S1618903393.631071,VS0,VE0
ETag
"9cd3db8c85d05408e79ccde3fef03da9"
x-amz-request-id
B90KWE629W5XBJEM
Via
1.1 varnish
Cache-Control
public, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
Content-Type
text/javascript
X-Cache-Hits
43
xdomain_cookie.min.js
monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/xdomain_cookie.min.js
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:333a:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
7b0fb27181aa8c2244ab51f28e8b544248585a334184445b1da9b04f89a794ac

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:12 GMT
content-encoding
gzip
age
63
x-guploader-uploadid
ABg5-Uy0YVyIBmTwturyjLqkVcM4dtMzot6OBkZNZ1Pt1qLd2nk364ko5bO-FSzxL9eFGmaSbWL6ONv5Iw4Dam7mTNbmZOodRA
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
last-modified
Tue, 25 Aug 2020 07:36:03 GMT
server
nginx
vary
Accept-Encoding
x-goog-hash
crc32c=PYpHKQ==, md5=thaqbm5dIRiPqROaEv/m/g==
x-goog-generation
1598340963244234
via
1.1 google
cache-control
max-age=31104000, public
x-goog-stored-content-length
4733
content-type
application/javascript
expires
Fri, 15 Apr 2022 07:23:12 GMT
services.js
js.gumgum.com/ 		98 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.gumgum.com/services.js
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-4.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d7c4996a9e54d1abf522750de1582592efea64d40dc74b408cfb666d85013df7

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:13 GMT
content-encoding
gzip
last-modified
Wed, 31 Mar 2021 23:09:15 GMT
server
AmazonS3
x-amz-cf-pop
ZRH50-C1
etag
W/"3c1633391f26fd5af816171638609338"
vary
Accept-Encoding
x-cache
Miss from cloudfront
x-amz-version-id
QLCkDFMNEOTEqLuQEFsSs7ri_QO3wb_o
via
1.1 8455bcb2c0203b0c4ee93b610d75e69b.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-meta-timing-allow-origin
*
x-amz-meta-access-control-allow-origin
*
content-type
application/javascript
x-amz-cf-id
1K0xd6GqZe5DdBrqByaokswdLwpt1q3CNGF9OUbjxczDzliR-XIXlw==
apstag.js
c.amazon-adsystem.com/aax2/ 		125 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.103.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-103-105.zrh50.r.cloudfront.net
Software
Server /
Resource Hash
4905a742ec40bb99e91d6877bae12d79284ba3e1e8a42399f7bb2c3781fd3ae6

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 22:34:16 GMT
content-encoding
gzip
server
Server
age
31735
etag
24ac8c0f0d59670e43bc0b1990070642
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 7245e91891539560c1f484b1e46159c9.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-version-id
bUaPP2RtxjS95_NJgmCVBjhAaNU4P77K
x-amz-cf-id
NAQC41msHBfEWQp_tOiqBxF2_4D3hXLTWea9M0zC9rkPZXHoEEUJDg==
182762-63174106385307.js
js-sec.indexww.com/ht/p/ 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/ht/p/182762-63174106385307.js
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
802a3b18272fce86b7ae5e349963873801db2a682c542ba2a78b673f295ff5e2

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 20 Apr 2021 07:23:13 GMT
Content-Encoding
gzip
Last-Modified
Tue, 20 Apr 2021 07:20:55 GMT
Server
Apache
ETag
"761583-930a-5c062497518da"
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=3588
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
12788
Expires
Tue, 20 Apr 2021 08:23:01 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		62 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
2c7f8b0cbcaabd8324668f5545d2a441e96cbc9c6fb362b064ed4ee306d35dc1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"847 / 581 of 1000 / last-modified: 1618870257"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21086
x-xss-protection
0
expires
Tue, 20 Apr 2021 07:23:12 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1935966837&t=pageview&_s=1&dl=https%3A%2F%2Fbabesinhairland.com%2F&ul=en-us&de=UTF-8&dt=Babes%20In%20Hairland%20-%20Making%20the%20world%20a%20prettier%20place%20~%20One%20head%20of%20hair%20at%20a%20time!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1813351487&gjid=2107619013&cid=1160253821.1618903393&tid=UA-30849097-1&_gid=211410688.1618903393&_r=1&_slc=1&z=2009683420
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://babesinhairland.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
76860594_185976749119410_7106986666272221396_n.jpg
scontent-sjc3-1.cdninstagram.com/v/t51.2885-15/ 		191 KB
191 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-sjc3-1.cdninstagram.com/v/t51.2885-15/76860594_185976749119410_7106986666272221396_n.jpg?_nc_cat=100&ccb=1-3&_nc_sid=8ae9d6&_nc_ohc=oCQomdMbXtUAX_xcw_A&_nc_ht=scontent-sjc3-1.cdninstagram.com&oh=539f37d62f60fd22ac049e03eb49d5cb&oe=60A35BB3
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f231:c5:face:b00c:0:43fe Santa Clara, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e5dc31e395e9ba0e7a32323c76212a27ca6321dc0e78c2f7e0e504d8de1ef010

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum
2607863195
date
Tue, 20 Apr 2021 07:23:12 GMT
x-fb-trip-id
2050670934
last-modified
Wed, 25 Dec 2019 16:05:57 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
3526400071
x-fb-config-version-olb-prod
1078
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
195913
78795352_1426706324159316_426875193349088390_n.jpg
scontent-sjc3-1.cdninstagram.com/v/t51.2885-15/ 		185 KB
185 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-sjc3-1.cdninstagram.com/v/t51.2885-15/78795352_1426706324159316_426875193349088390_n.jpg?_nc_cat=108&ccb=1-3&_nc_sid=8ae9d6&_nc_ohc=8jDeSRz1bdUAX8tgo2c&_nc_ht=scontent-sjc3-1.cdninstagram.com&oh=fc4e0cb7b4534f9f63d95c81b290d9a5&oe=60A4C215
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f231:c5:face:b00c:0:43fe Santa Clara, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
37eee3142be6be85225cd65f4f91bc594881b692aba3f39dfdbb8f8de8624515

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum
811554697
date
Tue, 20 Apr 2021 07:23:12 GMT
x-fb-trip-id
2050670934
last-modified
Tue, 24 Dec 2019 20:20:13 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
1565735123
x-fb-config-version-olb-prod
1078
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
189658
79951002_507654169879202_1773215499231922356_n.jpg
scontent-sjc3-1.cdninstagram.com/v/t51.2885-15/ 		153 KB
154 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-sjc3-1.cdninstagram.com/v/t51.2885-15/79951002_507654169879202_1773215499231922356_n.jpg?_nc_cat=101&ccb=1-3&_nc_sid=8ae9d6&_nc_ohc=mkhfgC3D1SMAX_tYYO4&_nc_ht=scontent-sjc3-1.cdninstagram.com&oh=fcdaff2f07ffbd3add593223acf2f96c&oe=60A5B2D0
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f231:c5:face:b00c:0:43fe Santa Clara, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6d5be1cf7ed69b3f27646a39b4e8c9afac4a13ce6fbedf33404a3e969d24e798

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum
234075956
date
Tue, 20 Apr 2021 07:23:12 GMT
x-fb-trip-id
2050670934
last-modified
Mon, 23 Dec 2019 17:10:01 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
4117004544
x-fb-config-version-olb-prod
1078
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
157174
77432716_168415114259691_7809923488106798953_n.jpg
scontent-sjc3-1.cdninstagram.com/v/t51.2885-15/ 		225 KB
225 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-sjc3-1.cdninstagram.com/v/t51.2885-15/77432716_168415114259691_7809923488106798953_n.jpg?_nc_cat=108&ccb=1-3&_nc_sid=8ae9d6&_nc_ohc=Jax_CXuby4cAX-cevbS&_nc_ht=scontent-sjc3-1.cdninstagram.com&oh=920a3b4f2a116f17a2b5fca10862cbde&oe=60A28AF5
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f231:c5:face:b00c:0:43fe Santa Clara, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1a92bb208274251f43fc39719410f29d4639a29d416b9d27c8083306f05f8e7a

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum
621381636
date
Tue, 20 Apr 2021 07:23:12 GMT
x-fb-trip-id
2050670934
last-modified
Mon, 16 Dec 2019 21:46:31 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
2616209537
x-fb-config-version-olb-prod
1078
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
230390
74601364_174627057021249_1641997034062104669_n.jpg
scontent-sjc3-1.cdninstagram.com/v/t51.2885-15/ 		52 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-sjc3-1.cdninstagram.com/v/t51.2885-15/74601364_174627057021249_1641997034062104669_n.jpg?_nc_cat=108&ccb=1-3&_nc_sid=8ae9d6&_nc_ohc=5_b72LzdgKgAX8aHlBU&_nc_ht=scontent-sjc3-1.cdninstagram.com&oh=16be79ae05d321f7f28cfc7d6c0c2164&oe=60A33699
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f231:c5:face:b00c:0:43fe Santa Clara, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
260212e0acb13706f031e2f619aca9771b9904765989b8e48f3455aeefb9691f

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum
4268180600
date
Tue, 20 Apr 2021 07:23:12 GMT
x-fb-trip-id
2050670934
last-modified
Wed, 27 Nov 2019 23:46:16 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
563856012
x-fb-config-version-olb-prod
1078
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
53492
74531930_479537676307631_8407627592128265781_n.jpg
scontent-sjc3-1.cdninstagram.com/v/t51.2885-15/ 		148 KB
148 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-sjc3-1.cdninstagram.com/v/t51.2885-15/74531930_479537676307631_8407627592128265781_n.jpg?_nc_cat=108&ccb=1-3&_nc_sid=8ae9d6&_nc_ohc=4Veq6w-Vau4AX8YyPSH&_nc_oc=AQkUQb3g0eU_ZW7dfJPhF0nR-l6t0qnKCnl2GXpmh-6ZTlXPa0Clou_8Ic4fOfVdLMc&_nc_ht=scontent-sjc3-1.cdninstagram.com&oh=3ae1c60c7e7750a68a1ea8952a362c8b&oe=60A451DD
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f231:c5:face:b00c:0:43fe Santa Clara, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b68a57ef12aa892428ab8cddf579df161ffdcf3ce08d043e722389bb822b413f

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum
3614668999
date
Tue, 20 Apr 2021 07:23:12 GMT
x-fb-trip-id
2050670934
last-modified
Mon, 25 Nov 2019 20:15:22 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
1176716696
x-fb-config-version-olb-prod
1078
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
151791
72575443_569209330288837_5557142559230859461_n.jpg
scontent-sjc3-1.cdninstagram.com/v/t51.2885-15/ 		144 KB
144 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-sjc3-1.cdninstagram.com/v/t51.2885-15/72575443_569209330288837_5557142559230859461_n.jpg?_nc_cat=102&ccb=1-3&_nc_sid=8ae9d6&_nc_ohc=7031b_XfIusAX-bNnMk&_nc_ht=scontent-sjc3-1.cdninstagram.com&oh=3ea457d1f2363812cc7a223a3b845ef0&oe=60A334D3
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f231:c5:face:b00c:0:43fe Santa Clara, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
78d00d28d5e9614aabd17c85e08b0f3048d26bdc9d263fd503bf78a470d393cb

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum
178086623
date
Tue, 20 Apr 2021 07:23:13 GMT
x-fb-trip-id
2050670934
last-modified
Fri, 08 Nov 2019 02:37:51 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
3099942208
x-fb-config-version-olb-prod
1078
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
147721
74611878_494760484453465_4282114128014529382_n.jpg
scontent-sjc3-1.cdninstagram.com/v/t51.2885-15/ 		477 KB
477 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-sjc3-1.cdninstagram.com/v/t51.2885-15/74611878_494760484453465_4282114128014529382_n.jpg?_nc_cat=104&ccb=1-3&_nc_sid=8ae9d6&_nc_ohc=joswkZhcHKYAX_AqIsX&_nc_ht=scontent-sjc3-1.cdninstagram.com&oh=04d180a1736e2729967c96c0ed00a7c1&oe=60A270E3
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f231:c5:face:b00c:0:43fe Santa Clara, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
179e097e74eb709f774a541e8d199490ef290f650264b14ecddf6b1a090da2be

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum
3628147049
date
Tue, 20 Apr 2021 07:23:13 GMT
x-fb-trip-id
2050670934
last-modified
Tue, 29 Oct 2019 23:09:43 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
4279752291
x-fb-config-version-olb-prod
1078
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
488464
70523040_754375591681571_3568500529940775419_n.jpg
scontent-sjc3-1.cdninstagram.com/v/t51.2885-15/ 		337 KB
337 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-sjc3-1.cdninstagram.com/v/t51.2885-15/70523040_754375591681571_3568500529940775419_n.jpg?_nc_cat=107&ccb=1-3&_nc_sid=8ae9d6&_nc_ohc=yfp4aIroYT8AX93vmWM&_nc_ht=scontent-sjc3-1.cdninstagram.com&oh=c1bfb331c183337f67d8fb13a18cc2ab&oe=60A27140
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f231:c5:face:b00c:0:43fe Santa Clara, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6b2e634aa420c8d558ab6fc13942c11617f3e834464e28a2a2737c2ae3ac5335

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum
383379063
date
Tue, 20 Apr 2021 07:23:13 GMT
x-fb-trip-id
2050670934
last-modified
Tue, 08 Oct 2019 20:53:09 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
4121644722
x-fb-config-version-olb-prod
1078
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
345230
pinit_main.js
assets.pinterest.com/js/ 		68 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.pinterest.com/js/pinit_main.js?0.11916835607197385
Requested by
Host: assets.pinterest.com
URL: https://assets.pinterest.com/js/pinit.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:1b::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
eb51506c619bb5ea0d447dc5a08683c9b73ecbe1e65dce794674622cd2e56f58

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:12 GMT
content-encoding
br
x-cdn
fastly
etag
"2424d1362506bd5cb853b5162df0158b"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=300
content-length
18804
access-control-expose-headers
X-CDN
pview
l.sharethis.com/ 		0
341 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://l.sharethis.com/pview?event=pview&version=st_insights.js&lang=en&sessionID=1618903392246.51763&hostname=babesinhairland.com&location=%2F&product=simpleshare&fcmp=false&fcmpv2=false&publisher=4d48b7c5-0ae3-43d4-bfbe-3ff8c17a8ae6&bsamesite=true&consent_cookie_duration=368&consent_duration=368&gdpr_domain=.consensu.org&gdpr_method=cookie&url=https%3A%2F%2Fbabesinhairland.com%2F&title=Babes%20In%20Hairland%20-%20Making%20the%20world%20a%20prettier%20place%20~%20One%20head%20of%20hair%20at%20a%20time!&sop=false&description=Making%20the%20world%20a%20prettier%20place%20~%20One%20head%20of%20hair%20at%20a%20time!
Requested by
Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/st_insights.js?publisher=4d48b7c5-0ae3-43d4-bfbe-3ff8c17a8ae6&product=simpleshare
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.26.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-26-231.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 20 Apr 2021 07:23:12 GMT
Access-Control-Max-Age
1728000
Access-Control-Allow-Origin
https://babesinhairland.com
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
xdomain_cookie.html
monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/ Frame 9DD5 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/xdomain_cookie.html
Requested by
Host: monu.delivery
URL: https://monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/xdomain_cookie.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:333a:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
2164ccda35ef9f1994988c3854e7941905fffa2b6edf0a2f32826ada9b4c3ed0

Request headers

:method
GET
:authority
monu.delivery
:scheme
https
:path
/assets/scripts/vendors/xdomain/1.0.8a/xdomain_cookie.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://babesinhairland.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://babesinhairland.com/

Response headers

server
nginx
date
Tue, 20 Apr 2021 07:23:12 GMT
content-type
text/html
vary
Accept-Encoding
x-guploader-uploadid
ABg5-UxMRtF04R55aZ8oOSEP7K7Wzp74wqsUy2oNz3H2omOQk8gmy22SJ8c3kgVPSUSnMpj73pxY67KhWumL5LYzSgSoAbyr4A
expires
Fri, 15 Apr 2022 07:23:12 GMT
last-modified
Tue, 25 Aug 2020 07:36:09 GMT
x-goog-generation
1598340969597109
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
3440
x-goog-hash
crc32c=84qDrg== md5=UK93eCDb5GkYdLDTqpa2gw==
x-goog-storage-class
STANDARD
cache-control
max-age=31104000 public
age
0
x-cache
HIT
content-encoding
gzip
via
1.1 google
alt-svc
clear
mmt.gif
imps.monu.delivery/ 		37 B
497 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=6f1eb64d-98de-44ae-822a-11d1ad39ee16&a=p.l&u=7517a629-baa3-4516-93c8-2f929a29d754
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 06:43:13 GMT
age
2399
x-guploader-uploadid
ABg5-UzVPSvIzzt5NuIH7fdJx_bUR9rBAlaUeodl9S9VpASlE_m14NjfiH5YbmMC7-5qayL5xewCi6cU6VQklbq84IfEZbgOXA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation
1499850799559224
cache-control
public, max-age=3600
x-goog-stored-content-length
37
accept-ranges
bytes
content-type
image/gif
expires
Tue, 20 Apr 2021 07:43:13 GMT
wrap.js
confiant-integrations.global.ssl.fastly.net/gpt/202104191159/ 		198 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/gpt/202104191159/wrap.js
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/OOh3bTrtb2nHyOwGk2LTO5SWo54/gpt_and_prebid/config.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
505e05a2fcc6f07732a4023946b9f1a3c15dfeaf2d79cfbf692d2fd44d118984

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 20 Apr 2021 07:23:12 GMT
Content-Encoding
gzip
Age
363
X-Cache
HIT
Connection
keep-alive
Content-Length
60645
x-amz-id-2
qFFZE4lh84stNNeyngpZoDI3w+kTGSsw7Ap+XcGLVyRC+gZlj/dKOX/QReFuC4WqlCidX06YpyI=
X-Served-By
cache-hhn4054-HHN
Last-Modified
Mon, 19 Apr 2021 16:00:48 GMT
Server
AmazonS3
X-Timer
S1618903393.733151,VS0,VE0
ETag
"d22da8383257ef20a53375af81013cdb"
x-amz-request-id
SB8K2YA5FKGYTSYQ
Via
1.1 varnish
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
X-Cache-Hits
429
wrap.js
confiant-integrations.global.ssl.fastly.net/prebid/202104191159/ 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/prebid/202104191159/wrap.js
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/OOh3bTrtb2nHyOwGk2LTO5SWo54/gpt_and_prebid/config.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3df1afc123fd19da2af7da5bf66c8dab25c986dcf467b2aa7d6409e389b0ebb8

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 20 Apr 2021 07:23:12 GMT
Content-Encoding
gzip
Age
376
X-Cache
HIT
Connection
keep-alive
Content-Length
27811
x-amz-id-2
rkC9kpG+zjLFX2mM0iVMDDJk0eBNElHdQEC0R6m87xPb8nR01mcQoSI+gQNqI0rXgW4gK+1bTQ4=
X-Served-By
cache-hhn4054-HHN
Last-Modified
Mon, 19 Apr 2021 16:00:50 GMT
Server
AmazonS3
X-Timer
S1618903393.787260,VS0,VE0
ETag
"7cd92ec21ed79fdb0dea417e7a5ce83d"
x-amz-request-id
6ZKMPD7JD794BPFJ
Via
1.1 varnish
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
X-Cache-Hits
481
pubads_impl_2021041501.js
securepubads.g.doubleclick.net/gpt/ 		299 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
21684099693050fe6fecb937bb35c94dac2dc990158ed38a53d44ae28fd9c6e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 15 Apr 2021 08:41:55 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
107555
x-xss-protection
0
expires
Tue, 20 Apr 2021 07:23:12 GMT
/
widgets.pinterest.com/v3/pidgets/users/babesinhairland/pins/ 		68 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.pinterest.com/v3/pidgets/users/babesinhairland/pins/?sub=www&base_scheme=https&callback=PIN_1618903392746.f.callback[0]
Requested by
Host: assets.pinterest.com
URL: https://assets.pinterest.com/js/pinit_main.js?0.11916835607197385
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.112.84 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1cb74caa0838d47536bc1acc6f03647525540c5d5f60293fe570321677c667ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-pinterest-sli-response-type
success
content-encoding
gzip
x-content-type-options
nosniff
pinterest-version
c8faafa
date
Tue, 20 Apr 2021 07:23:13 GMT
x-frame-options
DENY
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
pinterest-generated-by
coreapp-ngwidgets-prod-0a018c66
x-pinterest-direct
true
x-envoy-upstream-service-time
174
accept-ranges
bytes
vary
Accept-Encoding
x-pinterest-rid
1711675401205684
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.103.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-103-105.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
eEYYOb32LZFr6yGAi8hXG4401uAIPew2
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
x-amz-cf-pop
ZRH50-C1
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Wed, 07 Apr 2021 05:49:36 GMT
server
AmazonS3
date
Tue, 20 Apr 2021 07:23:12 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 110750d14d1d900cd5c76d0ac872f5dd.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-id
JzWbQRhH4M89nioVsJM6mt_g8vtSNOr51phqqgbN-0_GrRZqaqDq5A==
pview
l.sharethis.com/ 		0
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l.sharethis.com/pview?event=pview&version=st_insights.js&lang=en&sessionID=1618903392246.51763&hostname=babesinhairland.com&location=%2F&product=simpleshare&fcmp=false&fcmpv2=false&publisher=4d48b7c5-0ae3-43d4-bfbe-3ff8c17a8ae6&bsamesite=true&consent_cookie_duration=368&consent_duration=368&gdpr_domain=.consensu.org&gdpr_method=cookie&url=https%3A%2F%2Fbabesinhairland.com%2F&title=Babes%20In%20Hairland%20-%20Making%20the%20world%20a%20prettier%20place%20~%20One%20head%20of%20hair%20at%20a%20time!&sop=false&description=Making%20the%20world%20a%20prettier%20place%20~%20One%20head%20of%20hair%20at%20a%20time!&gdpr_domain=.consensu.org&gdpr_method=cookie&description=Making%20the%20world%20a%20prettier%20place%20~%20One%20head%20of%20hair%20at%20a%20time!&img_pview=true
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.26.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-26-231.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 20 Apr 2021 07:23:12 GMT
Access-Control-Max-Age
1728000
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
/
geo.privacymanager.io/ 		31 B
603 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-102.zrh50.r.cloudfront.net
Software
/
Resource Hash
f83f76df011834495b7b1ee6077815feae857dc551fbfe552c0a15e0a49531f9

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 05:55:49 GMT
via
1.1 987c00b911316df568db602f83876a8e.cloudfront.net (CloudFront), 1.1 8455bcb2c0203b0c4ee93b610d75e69b.cloudfront.net (CloudFront)
age
5244
x-amzn-requestid
07eb9e3d-2e1c-47bd-8f96-5f7a50510652
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-607e6ce5-2992addf3ee0e9535311efb9;Sampled=0
x-cache
Hit from cloudfront
x-amz-cf-pop
DUS51-C1, ZRH50-C1
x-amz-apigw-id
eEXz4G_sjoEF4Ow=
content-length
31
x-amz-cf-id
szIAo4USmzR3iSjX18KR9AbKOtu89mytZgwFJD_ADMkSfTKea42YyQ==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
identity
api.rlcdn.com/api/ 		44 B
330 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/182762-63174106385307.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Tue, 20 Apr 2021 07:23:13 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods
GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://babesinhairland.com
access-control-allow-credentials
true
alt-svc
clear
content-length
44
rid
match.adsrvr.org/track/ 		109 B
546 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=182762
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/182762-63174106385307.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.21.254 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-21-254.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
611c27ae62a7e6b052e53819a868e72361a1497bf29182043ae63f07cc2b624e

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Tue, 20 Apr 2021 07:23:13 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://babesinhairland.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Thu, 20 May 2021 07:23:13 GMT
b70246e57038014a52981beb9446a492.jpg
i.pinimg.com/60x60_RS/b7/02/46/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.pinimg.com/60x60_RS/b7/02/46/b70246e57038014a52981beb9446a492.jpg
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:1b::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e62a33aa8ce3b6670e2e0dac0f116ca4732b389be4d7033ffbb499b481554683

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:13 GMT
x-cdn
fastly
etag
"0b92c9a9e5d25c46fd14beadd53e4373"
vary
Origin
content-type
image/jpeg
cache-control
max-age=31536000, immutable
accept-ranges
bytes
content-length
1509
f42c74aab6a51d30e4963499db51eb0d.jpg
i.pinimg.com/237x/f4/2c/74/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.pinimg.com/237x/f4/2c/74/f42c74aab6a51d30e4963499db51eb0d.jpg
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:1b::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6afc129e9a01d2e26245157dd83c234c868d38f9a9920936264db79c3c87645b

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:13 GMT
x-cdn
fastly
etag
"0b4b9d31091429da77f813f0a0f4a1da"
vary
Origin
content-type
image/jpeg
cache-control
max-age=31536000, immutable
accept-ranges
bytes
content-length
10388
296277c4bcf7700e48d160339832ad42.jpg
i.pinimg.com/237x/29/62/77/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.pinimg.com/237x/29/62/77/296277c4bcf7700e48d160339832ad42.jpg
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:1b::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
eacf80a59970025a895879880b174f7ecca299b6de4ff8cc23d1a9a415e483f5

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:13 GMT
x-pinterest-cache
HIT
x-cdn
fastly
etag
"31f6a174830c5bd8e8db54db1a23a349"
vary
Origin
content-type
image/jpeg
cache-control
max-age=31536000, immutable
accept-ranges
bytes
content-length
13720
20930152bd10cc5215c2c84f4e35dd3f.jpg
i.pinimg.com/237x/20/93/01/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.pinimg.com/237x/20/93/01/20930152bd10cc5215c2c84f4e35dd3f.jpg
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:1b::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c3c54ff47290bfa569249f470660410315a7fa8282a0ac501bda19bba3068098

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:13 GMT
x-cdn
fastly
etag
"a1bd6967bb4ce8b419047ce6a34e2af0"
vary
Origin
content-type
image/jpeg
cache-control
max-age=31536000, immutable
accept-ranges
bytes
content-length
36604
066418b87b6f71196f067a1ac6360e2e.jpg
i.pinimg.com/237x/06/64/18/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.pinimg.com/237x/06/64/18/066418b87b6f71196f067a1ac6360e2e.jpg
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:1b::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
046c9c9dd226e31d63fcd322f7caf9f9de63b898c4f29c6df36dd24c9f9fe35c

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:13 GMT
x-cdn
fastly
etag
"b9eae390b8d407a5b0470140c4f622af"
vary
Origin
content-type
image/jpeg
cache-control
max-age=31536000, immutable
accept-ranges
bytes
content-length
23874
c26aff1d70c8e66a2c6974f6c4abc331.jpg
i.pinimg.com/237x/c2/6a/ff/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.pinimg.com/237x/c2/6a/ff/c26aff1d70c8e66a2c6974f6c4abc331.jpg
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:1b::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9e1f1ef7172400a022ce88960359048cd55a49ec3774f52d4a1f4bcb59cddb20

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:13 GMT
x-cdn
fastly
etag
"c59f6ac72816a3f25cb8be0925538fb9"
vary
Origin
content-type
image/jpeg
cache-control
max-age=31536000, immutable
accept-ranges
bytes
content-length
28898
2b197c7da3f46af1e574f3de343b52e3.jpg
i.pinimg.com/237x/2b/19/7c/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.pinimg.com/237x/2b/19/7c/2b197c7da3f46af1e574f3de343b52e3.jpg
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:1b::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
561747fbaee4ab8fc34641af932e2697eabd08ba310039414f10162ea58edee8

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:13 GMT
x-cdn
fastly
etag
"fedec335c708e5517e2166ffea1ee153"
vary
Origin
content-type
image/jpeg
cache-control
max-age=31536000, immutable
accept-ranges
bytes
content-length
20614
34d5ce20cdc8c8a28e1f36861cb0cf54.jpg
i.pinimg.com/237x/34/d5/ce/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.pinimg.com/237x/34/d5/ce/34d5ce20cdc8c8a28e1f36861cb0cf54.jpg
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:1b::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e00b6494ed1f20fd79d438233767307905c04d6da43a9dfa72623b3dff435931

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:13 GMT
x-cdn
fastly
etag
"bce69c0646dafd47ecb7ec94479a86e9"
vary
Origin
content-type
image/jpeg
cache-control
max-age=31536000, immutable
accept-ranges
bytes
content-length
14308
3bb1f5bd3fde25e15a4e61a3f3b2956e.jpg
i.pinimg.com/237x/3b/b1/f5/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.pinimg.com/237x/3b/b1/f5/3bb1f5bd3fde25e15a4e61a3f3b2956e.jpg
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:1b::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c5f4f0627b7e14e9557378d8c87d2628e2f4ed6234b95ee45f01ecfc53ad476d

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:13 GMT
x-cdn
fastly
etag
"ff77e52bd7c34a03e981733662b38070"
vary
Origin
content-type
image/jpeg
cache-control
max-age=31536000, immutable
accept-ranges
bytes
content-length
32326
e644cc924c1d7227f7493e92411b8544.jpg
i.pinimg.com/237x/e6/44/cc/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.pinimg.com/237x/e6/44/cc/e644cc924c1d7227f7493e92411b8544.jpg
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:1b::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ce8b3dc7792f065b336d3b71011510c4d4f5a385402f10436f821cdb6d8be2b7

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:13 GMT
x-cdn
fastly
etag
"84e225ab0313fa04a412c63a8c1a0477"
vary
Origin
content-type
image/jpeg
cache-control
max-age=31536000, immutable
accept-ranges
bytes
content-length
25774
ad3b042fa7970a9498425e73a9ef570f.jpg
i.pinimg.com/237x/ad/3b/04/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.pinimg.com/237x/ad/3b/04/ad3b042fa7970a9498425e73a9ef570f.jpg
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:1b::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
aa1f5c79753ed4168ff0e27fdd56b67639889dec21fce1b28b0e2e0e5653f6ba

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:13 GMT
x-cdn
fastly
etag
"cc56df15f1e8755187c608d3a2e21c7d"
vary
Origin
content-type
image/jpeg
cache-control
max-age=31536000, immutable
accept-ranges
bytes
content-length
15667
bd715d06a8bac4269918c54a5c5225da.jpg
i.pinimg.com/237x/bd/71/5d/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.pinimg.com/237x/bd/71/5d/bd715d06a8bac4269918c54a5c5225da.jpg
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:1b::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
129226b7f1f0a431034a959856825b66fb2cd310f83557de4b7fb17e53873423

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:13 GMT
x-cdn
fastly
etag
"614a4687171405615f61adc2bb045c68"
vary
Origin
content-type
image/jpeg
cache-control
max-age=31536000, immutable
accept-ranges
bytes
content-length
7507
a04af54ec0d6537cd98f20f634c5653d.jpg
i.pinimg.com/237x/a0/4a/f5/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.pinimg.com/237x/a0/4a/f5/a04af54ec0d6537cd98f20f634c5653d.jpg
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:1b::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b273893bf2b88f5a3144322a462363124a5608979cec217e87423e5964596aef

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:13 GMT
x-cdn
fastly
etag
"71531f4588ab9378646c62183c0c9910"
vary
Origin
content-type
image/jpeg
cache-control
max-age=31536000, immutable
accept-ranges
bytes
content-length
17194
14fd86acee5ecd459d38520fbbfa98b0.jpg
i.pinimg.com/237x/14/fd/86/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.pinimg.com/237x/14/fd/86/14fd86acee5ecd459d38520fbbfa98b0.jpg
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:1b::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9549f6c6acb1b8fa18fe4ba4b93fdb1dbcd2442c80e946edc27b6690dbd53468

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:13 GMT
x-cdn
fastly
etag
"e6d051ff8f3eacb81fd352f678b9e8e3"
vary
Origin
content-type
image/jpeg
cache-control
max-age=31536000, immutable
accept-ranges
bytes
content-length
14607
b5a49db60a877ba5ff26a9072f3ae1da.jpg
i.pinimg.com/237x/b5/a4/9d/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.pinimg.com/237x/b5/a4/9d/b5a49db60a877ba5ff26a9072f3ae1da.jpg
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:1b::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2fc241e18f44195283812644db32e1af77e15c9c760a404e464efbfe64b37f78

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:13 GMT
x-cdn
fastly
etag
"7545b289945b3e46aadda9488d72dde8"
vary
Origin
content-type
image/jpeg
cache-control
max-age=31536000, immutable
accept-ranges
bytes
content-length
12626
6aefb48f2436b44f315a8a40df8c6b91.jpg
i.pinimg.com/237x/6a/ef/b4/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.pinimg.com/237x/6a/ef/b4/6aefb48f2436b44f315a8a40df8c6b91.jpg
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:1b::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7e2a71c4f1e76241ab937d39639ac78027aea87cda22f5960699598d4c5372a9

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:13 GMT
x-cdn
fastly
etag
"d902d6f3a40b567d88e2c270c2f346b6"
vary
Origin
content-type
image/jpeg
cache-control
max-age=31536000, immutable
accept-ranges
bytes
content-length
11766
6c7a4b1464308051d96b221757dbccb0.jpg
i.pinimg.com/237x/6c/7a/4b/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.pinimg.com/237x/6c/7a/4b/6c7a4b1464308051d96b221757dbccb0.jpg
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:1b::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c46b02cf2f04aabceec69cff28e8113b374ded8a7597c41dd3ee8d7091950aad

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:13 GMT
x-cdn
fastly
etag
"ed52dc61d8c644db2f44719e0cc43cee"
vary
Origin
content-type
image/jpeg
cache-control
max-age=31536000, immutable
accept-ranges
bytes
content-length
13878
71fc513ab223d4b565ea987ada489d9f.jpg
i.pinimg.com/237x/71/fc/51/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.pinimg.com/237x/71/fc/51/71fc513ab223d4b565ea987ada489d9f.jpg
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:1b::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a0b35ef5b54ba1bde29360928fc986c7bfe8b0da9198d9c4520b5004f5f023d9

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:13 GMT
x-cdn
fastly
etag
"ed28f45fa0d3e351addc79e89680c040"
vary
Origin
content-type
image/jpeg
cache-control
max-age=31536000, immutable
accept-ranges
bytes
content-length
9759
95b6cce7cb73661b5a05702a7beef6f4.jpg
i.pinimg.com/237x/95/b6/cc/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.pinimg.com/237x/95/b6/cc/95b6cce7cb73661b5a05702a7beef6f4.jpg
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:1b::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d914d3cb757b46af612bf883391c1bcb8503d09339e3c50a2df02e93657a97e2

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:13 GMT
x-cdn
fastly
etag
"f9473521634ea25cb0b04886cecff3f6"
vary
Origin
content-type
image/jpeg
cache-control
max-age=31536000, immutable
accept-ranges
bytes
content-length
11150
856f543145d298b92050bc4c89dd5434.jpg
i.pinimg.com/237x/85/6f/54/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.pinimg.com/237x/85/6f/54/856f543145d298b92050bc4c89dd5434.jpg
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:1b::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b29954a61fb85c954bc5b6128adb4ad258d27b18b43632f4a243a8ac97da0d86

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:13 GMT
x-cdn
fastly
etag
"89b1157d328c2ffd93f9cbf8c18c3eb3"
vary
Origin
content-type
image/jpeg
cache-control
max-age=31536000, immutable
accept-ranges
bytes
content-length
15691
7121ac491d46a54da80b7bed1d888d07.jpg
i.pinimg.com/237x/71/21/ac/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.pinimg.com/237x/71/21/ac/7121ac491d46a54da80b7bed1d888d07.jpg
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:1b::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cbd1a970b98c920e5be1e77d2e3421f0382d398009e88ca7f5fd9e2f52c12541

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:13 GMT
x-cdn
fastly
etag
"7ab2ed9bb9189f28db37993fa3d44f65"
vary
Origin
content-type
image/jpeg
cache-control
max-age=31536000, immutable
accept-ranges
bytes
content-length
25813
cd266c4b2eeb08cab7550367f8808047.jpg
i.pinimg.com/237x/cd/26/6c/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.pinimg.com/237x/cd/26/6c/cd266c4b2eeb08cab7550367f8808047.jpg
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:1b::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c6719049b4abb3e0fde4b147f5165c6cee4765594f2933d21c56e0069a008cc5

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:13 GMT
x-cdn
fastly
etag
"39c54a9582c78d211b0246e3b17a5efa"
vary
Origin
content-type
image/jpeg
cache-control
max-age=31536000, immutable
accept-ranges
bytes
content-length
29868
1520c025f6b1e7e4ee723c24ad2591a8.jpg
i.pinimg.com/237x/15/20/c0/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.pinimg.com/237x/15/20/c0/1520c025f6b1e7e4ee723c24ad2591a8.jpg
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:1b::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1cd2d4a8fdd3cd7854869ed88200088dbade95d2b3aaeeb5d5d1391232dfd86e

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:13 GMT
x-cdn
fastly
etag
"596c1d9acf7f69a9bb184fcf7c209007"
vary
Origin
content-type
image/jpeg
cache-control
max-age=31536000, immutable
accept-ranges
bytes
content-length
24986
00bb00234b7f2b8d5c914ececf3d8f06.jpg
i.pinimg.com/237x/00/bb/00/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.pinimg.com/237x/00/bb/00/00bb00234b7f2b8d5c914ececf3d8f06.jpg
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:1b::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
65811929ff85715160ca21d13ddbebac0d3e4a1bf9ede506845b9d7181327377

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:13 GMT
x-cdn
fastly
etag
"59a48df848266cca1226eb64363160c0"
vary
Origin
content-type
image/jpeg
cache-control
max-age=31536000, immutable
accept-ranges
bytes
content-length
29137
e59a58a4d704530e3a113f53c2277495.jpg
i.pinimg.com/237x/e5/9a/58/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.pinimg.com/237x/e5/9a/58/e59a58a4d704530e3a113f53c2277495.jpg
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:1b::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
054f5df8abdc34b2db30d11e8ea01eb6fd8ab0e350082494581a21a820053ff8

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:13 GMT
x-cdn
fastly
etag
"4b0214175e0f2112110007affbfaa259"
vary
Origin
content-type
image/jpeg
cache-control
max-age=31536000, immutable
accept-ranges
bytes
content-length
13787
ab91ff1fcddc5b8deecd741531d9ed59.jpg
i.pinimg.com/237x/ab/91/ff/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.pinimg.com/237x/ab/91/ff/ab91ff1fcddc5b8deecd741531d9ed59.jpg
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:1b::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1b810b507cefa9ebf6eec323ec72e7d4e27800b6d46bab0c4df0d42a1b6cf938

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:13 GMT
x-cdn
fastly
etag
"b83b0e9a83ff1fa773bfca9711fd26eb"
vary
Origin
content-type
image/jpeg
cache-control
max-age=31536000, immutable
accept-ranges
bytes
content-length
16060
c99617fa7898a8fd14880ca839d8240c.jpg
i.pinimg.com/237x/c9/96/17/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.pinimg.com/237x/c9/96/17/c99617fa7898a8fd14880ca839d8240c.jpg
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:1b::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fd8daa9185ee21208eec36103b532a995a7eb635e1b696cf384fb0392f0d40f6

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:13 GMT
x-cdn
fastly
etag
"1b9f4b40879572e72f35b3ac52fe0f42"
vary
Origin
content-type
image/jpeg
cache-control
max-age=31536000, immutable
accept-ranges
bytes
content-length
19610
8ef150c934ab397a9692f9851ce01df1.jpg
i.pinimg.com/237x/8e/f1/50/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.pinimg.com/237x/8e/f1/50/8ef150c934ab397a9692f9851ce01df1.jpg
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:1b::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d4c930cf3b113474406d0e7401596df6b8aab4c0d805def0f0c23ad9cc758af6

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:13 GMT
x-cdn
fastly
etag
"f7c259e222501273878352bd5f669527"
vary
Origin
content-type
image/jpeg
cache-control
max-age=31536000, immutable
accept-ranges
bytes
content-length
32796
b7edcd266a2a377f582fbcb11b254d87.jpg
i.pinimg.com/237x/b7/ed/cd/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.pinimg.com/237x/b7/ed/cd/b7edcd266a2a377f582fbcb11b254d87.jpg
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:1b::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
986a033d12c7403fa18201513e4396dba72e54e80e2f838b4222f2a8710ab6dd

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:13 GMT
x-cdn
fastly
etag
"67552ea74a3f233dbf985c19dc2d2e5f"
vary
Origin
content-type
image/jpeg
cache-control
max-age=31536000, immutable
accept-ranges
bytes
content-length
32304
1647ecc1a64b8d0f91598635bf12c03a.jpg
i.pinimg.com/237x/16/47/ec/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.pinimg.com/237x/16/47/ec/1647ecc1a64b8d0f91598635bf12c03a.jpg
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:1b::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f7485e293d4aa2733983180b494810000dc3b99dd87e1b695f09af5503c85428

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:13 GMT
x-cdn
fastly
etag
"4da76dfbd49e67f64f4b53af8c62c24d"
vary
Origin
content-type
image/jpeg
cache-control
max-age=31536000, immutable
accept-ranges
bytes
content-length
45823
e39a94c39c6f20f06d26ece563f10b14.jpg
i.pinimg.com/237x/e3/9a/94/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.pinimg.com/237x/e3/9a/94/e39a94c39c6f20f06d26ece563f10b14.jpg
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:1b::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1bef073a89db7bf80b0cceabac6ec16985b2d1ed977f4d0340322969bde7f452

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:13 GMT
x-cdn
fastly
etag
"8058ec656d5262e0657f7309daa04f6b"
vary
Origin
content-type
image/jpeg
cache-control
max-age=31536000, immutable
accept-ranges
bytes
content-length
17219
b7feb676fc3293cf57a2c503e550a811.jpg
i.pinimg.com/237x/b7/fe/b6/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.pinimg.com/237x/b7/fe/b6/b7feb676fc3293cf57a2c503e550a811.jpg
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:1b::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8c7bb16840d7dfa3f39968aafc366ad8dc617544cc41e40baa3c3924155ff6a8

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:13 GMT
x-cdn
fastly
etag
"1ebd3d92335efc95db3a44854b096563"
vary
Origin
content-type
image/jpeg
cache-control
max-age=31536000, immutable
accept-ranges
bytes
content-length
16464
a378d6e9fb7982016688ad80352644b2.jpg
i.pinimg.com/237x/a3/78/d6/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.pinimg.com/237x/a3/78/d6/a378d6e9fb7982016688ad80352644b2.jpg
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:1b::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2460e265f7b3a7d6dbf740f755c5dbb2fdff6c14127f04b25da65ac88e0aea80

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:13 GMT
x-cdn
fastly
etag
"a3d71af6e3caa8b38c6545e907d266fa"
vary
Origin
content-type
image/jpeg
cache-control
max-age=31536000, immutable
accept-ranges
bytes
content-length
10046
338e0d72f20f08e2f9064be6b9e1e1ab.jpg
i.pinimg.com/237x/33/8e/0d/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.pinimg.com/237x/33/8e/0d/338e0d72f20f08e2f9064be6b9e1e1ab.jpg
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:1b::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
27daf5cac11d4ee2245a4ed1c3bbd12c177a4e36cb1ea232ecd150d4b73b3a9f

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:13 GMT
x-cdn
fastly
etag
"b5f7f562d430d54e737edbeb7d4e5abe"
vary
Origin
content-type
image/jpeg
cache-control
max-age=31536000, immutable
accept-ranges
bytes
content-length
20967
09d0b6ebf8670f2b0f16a38c24241434.jpg
i.pinimg.com/237x/09/d0/b6/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.pinimg.com/237x/09/d0/b6/09d0b6ebf8670f2b0f16a38c24241434.jpg
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:1b::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0b0ead5d4f4f31252da3aaeed8a1862327c28a184e09b6501893ba9f37be5b45

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:13 GMT
x-cdn
fastly
etag
"01c63298707b4e74299094818a1655e9"
vary
Origin
content-type
image/jpeg
cache-control
max-age=31536000, immutable
accept-ranges
bytes
content-length
9602
bf34dad67cb5396bdd23607cd3abb491.jpg
i.pinimg.com/237x/bf/34/da/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.pinimg.com/237x/bf/34/da/bf34dad67cb5396bdd23607cd3abb491.jpg
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:1b::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a0192ca2b242aa948c52d4d21d0ba72fb05f69060d3fde28f8371f6a114f114a

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:13 GMT
x-cdn
fastly
etag
"c2517a1ed6f1cad82f8df242cdb26b44"
vary
Origin
content-type
image/jpeg
cache-control
max-age=31536000, immutable
accept-ranges
bytes
content-length
30320
c12f76c453df7aa5f892763126beb08f.jpg
i.pinimg.com/237x/c1/2f/76/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.pinimg.com/237x/c1/2f/76/c12f76c453df7aa5f892763126beb08f.jpg
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:1b::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ef0ad40fa45b9dc51f10ab7194105007b2f5cd260e7990ceaf27e51583ade9bd

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:13 GMT
x-pinterest-cache
HIT
x-cdn
fastly
etag
"10a158bd7df3eedb483761b425af55cb"
vary
Origin
content-type
image/jpeg
cache-control
max-age=31536000, immutable
accept-ranges
bytes
content-length
29691
5294e7507e400ee60bfa76bae01b6c0d.jpg
i.pinimg.com/237x/52/94/e7/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.pinimg.com/237x/52/94/e7/5294e7507e400ee60bfa76bae01b6c0d.jpg
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:1b::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2d6bd710b8a8747bbb6a1a20d4a7a15762b4bb639c75901c719d17e827f6f02b

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:13 GMT
x-cdn
fastly
etag
"90015a084840794345f3f40c18a552e1"
vary
Origin
content-type
image/jpeg
cache-control
max-age=31536000, immutable
accept-ranges
bytes
content-length
21964
021907626e465260314baef122bdb787.jpg
i.pinimg.com/237x/02/19/07/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.pinimg.com/237x/02/19/07/021907626e465260314baef122bdb787.jpg
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:1b::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1581a98c7cf9bf2b0299819f56357fbfa08a13626f000f204aea0e14cbca5b41

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:13 GMT
x-cdn
fastly
etag
"400bfa28380bbd58926372da405daea6"
vary
Origin
content-type
image/jpeg
cache-control
max-age=31536000, immutable
accept-ranges
bytes
content-length
24826
10d8ee93c2b315eca6f75036c3bc4d95.jpg
i.pinimg.com/237x/10/d8/ee/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.pinimg.com/237x/10/d8/ee/10d8ee93c2b315eca6f75036c3bc4d95.jpg
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:1b::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
afa07ffd0316f93d7980df193475bb8348d83c74faaabdd445dddc288518f48d

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:13 GMT
x-cdn
fastly
etag
"ed7eb598883eab0a3cb3798bd277835e"
vary
Origin
content-type
image/jpeg
cache-control
max-age=31536000, immutable
accept-ranges
bytes
content-length
7396
e6684a8f9a85768f5734b1f2663b81b3.jpg
i.pinimg.com/237x/e6/68/4a/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.pinimg.com/237x/e6/68/4a/e6684a8f9a85768f5734b1f2663b81b3.jpg
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:1b::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8dcba7b2b2f675c472efc594b7be7cb28fa05157895d601882df91de4b6b8c9f

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:13 GMT
x-cdn
fastly
etag
"34ad3afd3627688418a5894d867d08ac"
vary
Origin
content-type
image/jpeg
cache-control
max-age=31536000, immutable
accept-ranges
bytes
content-length
20618
3d097af73b4769b359b8ed1087f757af.jpg
i.pinimg.com/237x/3d/09/7a/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.pinimg.com/237x/3d/09/7a/3d097af73b4769b359b8ed1087f757af.jpg
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:1b::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4776c46535052e39fc27cb2a91b9c759afc4541486e4ef8540287e308f3647ff

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:13 GMT
x-cdn
fastly
etag
"846ba2fce3c4887449ebd7f4e21545e7"
vary
Origin
content-type
image/jpeg
cache-control
max-age=31536000, immutable
accept-ranges
bytes
content-length
8143
6d06fb7af8ae9733763f53442be63433.jpg
i.pinimg.com/237x/6d/06/fb/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.pinimg.com/237x/6d/06/fb/6d06fb7af8ae9733763f53442be63433.jpg
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:1b::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3766d93ee6f48931ccd1ebd736c77e4c1179925d456c9df26f13639e660ec4d2

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:13 GMT
x-cdn
fastly
etag
"c6f05b9928b50ef8631710100f38ca32"
vary
Origin
content-type
image/jpeg
cache-control
max-age=31536000, immutable
accept-ranges
bytes
content-length
38173
95afa7220b58207ba474b57e7bc322e9.jpg
i.pinimg.com/237x/95/af/a7/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.pinimg.com/237x/95/af/a7/95afa7220b58207ba474b57e7bc322e9.jpg
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:1b::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
27ace02c9feb618341f3af57cde6c101efc0c7274adaaec3f87d17f6d062252e

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:13 GMT
x-cdn
fastly
etag
"f7370480e4570a78b91f76df8b363476"
vary
Origin
content-type
image/jpeg
cache-control
max-age=31536000, immutable
accept-ranges
bytes
content-length
31056
c5306bc78426fed6c6b6171e3b2124df.jpg
i.pinimg.com/237x/c5/30/6b/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.pinimg.com/237x/c5/30/6b/c5306bc78426fed6c6b6171e3b2124df.jpg
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:1b::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e0af4ed368c1e4e168b14916ed2c851b5e30393d0aae6927cd4022cbe9d46f2d

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:13 GMT
x-cdn
fastly
etag
"1c5c78cfe4c5558ae7073a10a4e1116d"
vary
Origin
content-type
image/jpeg
cache-control
max-age=31536000, immutable
accept-ranges
bytes
content-length
48729
956e4271f1f1765c951bddbc19113b13.jpg
i.pinimg.com/237x/95/6e/42/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.pinimg.com/237x/95/6e/42/956e4271f1f1765c951bddbc19113b13.jpg
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:1b::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5d25b73ed4010f9278e6b31c3d686b01745e63a806cbebb183c1b41a83ea63b9

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:13 GMT
x-cdn
fastly
etag
"1adc16c7446e1f0d0f1a77d70a70df75"
vary
Origin
content-type
image/jpeg
cache-control
max-age=31536000, immutable
accept-ranges
bytes
content-length
8811
556ef1a6c5bd3ca436000c4f43c88af8.jpg
i.pinimg.com/237x/55/6e/f1/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.pinimg.com/237x/55/6e/f1/556ef1a6c5bd3ca436000c4f43c88af8.jpg
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:1b::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
66c53c50b033ac5fd2a9ee8ba13bc3d9df5af078bd440a05a4b0973648a7a224

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:13 GMT
x-cdn
fastly
etag
"4b307c0341119a757ae72b82b0a578f9"
vary
Origin
content-type
image/jpeg
cache-control
max-age=31536000, immutable
accept-ranges
bytes
content-length
15996
8bf4db506666326b4b4c9a2dd442c9ed.jpg
i.pinimg.com/237x/8b/f4/db/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.pinimg.com/237x/8b/f4/db/8bf4db506666326b4b4c9a2dd442c9ed.jpg
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:1b::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
08a36909c9b505f7c4c6ec4ed9097cbddc7cfc2ce19daccad1bd3f698c54bdfe

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:13 GMT
x-cdn
fastly
etag
"5b8c9f8014a12347d2a5b303534687f7"
vary
Origin
content-type
image/jpeg
cache-control
max-age=31536000, immutable
accept-ranges
bytes
content-length
14557
0524c855f9511129d4ce880776d9c7bc.jpg
i.pinimg.com/237x/05/24/c8/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.pinimg.com/237x/05/24/c8/0524c855f9511129d4ce880776d9c7bc.jpg
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:1b::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5f6aa9abb1aab348b81ef9b912a0b0fc30d1e15730a17096f7c8fcf078fe9246

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:13 GMT
x-cdn
fastly
etag
"c4eed926ebb82038b631f747ac838502"
vary
Origin
content-type
image/jpeg
cache-control
max-age=31536000, immutable
accept-ranges
bytes
content-length
37013
c9fe0c3590e135d3ff6be73365bb2a12.jpg
i.pinimg.com/237x/c9/fe/0c/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.pinimg.com/237x/c9/fe/0c/c9fe0c3590e135d3ff6be73365bb2a12.jpg
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:1b::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
655456c1291413d52a034f03b6b3a0d7c21e42c7e8ac99882711bbe8fc925955

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:13 GMT
x-cdn
fastly
etag
"3f94020f124b53ff276162179b1361e7"
vary
Origin
content-type
image/jpeg
cache-control
max-age=31536000, immutable
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
18335
d001b1fc9b32a334ccbdcfedc9f1b828.jpg
i.pinimg.com/237x/d0/01/b1/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.pinimg.com/237x/d0/01/b1/d001b1fc9b32a334ccbdcfedc9f1b828.jpg
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:1b::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
26077fd27523045b7ac6c4f8058556e7210003f8be330c36ad960cdc7c2b568a

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:13 GMT
x-cdn
fastly
etag
"7c5124f8931e9fa7a763936aab345901"
vary
Origin
content-type
image/jpeg
cache-control
max-age=31536000, immutable
accept-ranges
bytes
content-length
8648
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fa79b39de9e8642d83b281055cb5c154d6f6bac1308c216887dbb306ac3cabb8

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
headerstats
as-sec.casalemedia.com/ 		0
317 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/headerstats?s=504384&u=https%3A%2F%2Fbabesinhairland.com%2F&v=3
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/182762-63174106385307.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Tue, 20 Apr 2021 07:23:13 GMT
Server
Apache
Access-Control-Allow-Origin
https://babesinhairland.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Tue, 20 Apr 2021 07:23:13 GMT
/
log.pinterest.com/ 		0
271 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.pinterest.com/?type=pidget&guid=6LF4vYg4tgxe&tv=2021040501&event=init&sub=www&button_count=0&follow_count=0&pin_count=0&profile_count=1&board_count=0&section_count=0&lang=en&nvl=en-US&via=https%3A%2F%2Fbabesinhairland.com%2F&viaSrc=canonical
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.112.84 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:13 GMT
via
1.1 varnish
x-cache
MISS
x-envoy-upstream-service-time
1
x-cache-hits
0
content-length
0
x-served-by
cache-hhn4032-HHN
pragma
no-cache
server
envoy
x-timer
S1618903394.764408,VS0,VE98
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache,no-store,must-revalidate,max-age=0
x-pinterest-rid
1384756709609021
accept-ranges
bytes
expires
Sat, 01 Jan 2000 00:00:00 GMT
74611878_494760484453465_4282114128014529382_nlow.jpg
babesinhairland.com/wp-content/uploads/sb-instagram-feed-images/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://babesinhairland.com/wp-content/uploads/sb-instagram-feed-images/74611878_494760484453465_4282114128014529382_nlow.jpg
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.6 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10006.sucuri.net
Software
nginx /
Resource Hash
06d5a416d6b7be6b75d935d8a06f05d628032d4ab45547c65cdc5f82e847d302
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/uploads/sb-instagram-feed-images/74611878_494760484453465_4282114128014529382_nlow.jpg
pragma
no-cache
cookie
_lr_geo_location=FR
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
babesinhairland.com
referer
https://babesinhairland.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:14 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length
28458
x-xss-protection
1; mode=block
referrer-policy
last-modified
Tue, 18 Feb 2020 04:11:03 GMT
server
nginx
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=315360000
x-sucuri-id
13006
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
rt=ifr
bcp.crwdcntrl.net/5/ct=y/c=13511/rand=331327543/pv=y/int=%23OpR%2385908%23Total%20Site%20Traffic%20%3A%20babesinhairland.com/ Frame 4126
Redirect Chain
  • https://bcp.crwdcntrl.net/5/c=13511/rand=331327543/pv=y/int=%23OpR%2385908%23Total%20Site%20Traffic%20%3A%20babesinhairland.com/rt=ifr
  • https://bcp.crwdcntrl.net/5/ct=y/c=13511/rand=331327543/pv=y/int=%23OpR%2385908%23Total%20Site%20Traffic%20%3A%20babesinhairland.com/rt=ifr
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/5/ct=y/c=13511/rand=331327543/pv=y/int=%23OpR%2385908%23Total%20Site%20Traffic%20%3A%20babesinhairland.com/rt=ifr
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/c/13511/cc_af.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.109.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-109-165.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a7159f0c0656c77757e0cc4ba3feab9ee8adca7f3bf9e19e488096acee8cc4f9

Request headers

:method
GET
:authority
bcp.crwdcntrl.net
:scheme
https
:path
/5/ct=y/c=13511/rand=331327543/pv=y/int=%23OpR%2385908%23Total%20Site%20Traffic%20%3A%20babesinhairland.com/rt=ifr
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://babesinhairland.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
_cc_cc=ctst
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://babesinhairland.com/

Response headers

date
Tue, 20 Apr 2021 07:23:14 GMT
content-type
text/html;charset=UTF-8
content-length
1280
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control
no-cache
pragma
no-cache
expires
0
x-server
10.45.13.138
set-cookie
_cc_dc=1;Path=/;Domain=crwdcntrl.net;Expires=Sat, 15-Jan-2022 07:01:00 GMT;SameSite=None;Secure _cc_id=440114f7bde64d9fd88011a876b131f9;Path=/;Domain=crwdcntrl.net;Expires=Sat, 15-Jan-2022 07:01:00 GMT;SameSite=None;Secure _cc_cc="ACZ4XmNQMDExMDQ0STNPSkk1M0mxTEuxsAAKJFqYmyUZGhumWTIAQUJdYxKIhgDuRW8bZRmPZzL8Z2RkeLdkDguMfe7oIWYYe%2Fe%2BywIw9syPljDmwXVPuWHsw4sRWi%2BcVIcJfzxxSgPG%2FrtxCtz0Z0jKAStEOo0%3D";Version=1;Path=/;Domain=crwdcntrl.net;Expires=Sat, 15-Jan-2022 07:01:00 GMT;Max-Age=23328000;SameSite=None;Secure _cc_aud="ABR4XmNgYGBIqGtMAlIQwMzAwDUDxGQXzIBQIDkATjoDYQ%3D%3D";Version=1;Path=/;Domain=crwdcntrl.net;Expires=Sat, 15-Jan-2022 07:01:00 GMT;Max-Age=23328000;SameSite=None;Secure
access-control-allow-origin
*

Redirect headers

date
Tue, 20 Apr 2021 07:23:14 GMT
content-length
0
location
https://bcp.crwdcntrl.net/5/ct=y/c=13511/rand=331327543/pv=y/int=%23OpR%2385908%23Total%20Site%20Traffic%20%3A%20babesinhairland.com/rt=ifr
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control
no-cache
pragma
no-cache
expires
0
x-server
10.45.23.143
set-cookie
_cc_cc=ctst;Path=/;Domain=crwdcntrl.net;SameSite=None;Secure
tpid=76002866104254000772068111150778939524
sync.crwdcntrl.net/map/c=9828/tp=ADBE/ Frame 4126
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=121998&dpuuid=440114f7bde64d9fd88011a876b131f9&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=121998&dpuuid=440114f7bde64d9fd88011a876b131f9&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D
  • https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=76002866104254000772068111150778939524
49 B
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=76002866104254000772068111150778939524
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=13511/rand=331327543/pv=y/int=%23OpR%2385908%23Total%20Site%20Traffic%20%3A%20babesinhairland.com/rt=ifr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.109.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-109-165.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:14 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.13.138
content-type
image/gif
content-length
49
expires
0

Redirect headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
kYIV3ZUEQn4=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=76002866104254000772068111150778939524
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tpid=no-consent
sync.crwdcntrl.net/map/c=1389/tp=STSC/ Frame 4126
Redirect Chain
  • https://pixel-sync.sitescout.com/connectors/lotame/usersync?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID
  • https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=no-consent
49 B
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=no-consent
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=13511/rand=331327543/pv=y/int=%23OpR%2385908%23Total%20Site%20Traffic%20%3A%20babesinhairland.com/rt=ifr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.109.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-109-165.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:14 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.16.177
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:13 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=no-consent
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
tpid=450766b5-a1a9-11eb-a0c6-265e6e83e438
sync.crwdcntrl.net/map/c=10158/tp=TPAD/ Frame 4126
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=440114f7bde64d9fd88011a876b131f9&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftp...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=LOTAME&partner_device_id=440114f7bde64d9fd88011a876b131f9&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPA...
  • https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=450766b5-a1a9-11eb-a0c6-265e6e83e438
49 B
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=450766b5-a1a9-11eb-a0c6-265e6e83e438
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=13511/rand=331327543/pv=y/int=%23OpR%2385908%23Total%20Site%20Traffic%20%3A%20babesinhairland.com/rt=ifr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.109.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-109-165.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:14 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.18.133
content-type
image/gif
content-length
49
expires
0

Redirect headers

date
Tue, 20 Apr 2021 07:23:14 GMT
via
1.1 google
server
Jetty(9.4.28.v20200408)
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=450766b5-a1a9-11eb-a0c6-265e6e83e438
alt-svc
clear
content-length
0
generic
match.adsrvr.org/track/cmf/ Frame 4126 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=1
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=13511/rand=331327543/pv=y/int=%23OpR%2385908%23Total%20Site%20Traffic%20%3A%20babesinhairland.com/rt=ifr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.21.254 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-21-254.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:14 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usermatch.gif
beacon.krxd.net/ Frame 4126 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=lotame&partner_uid=440114f7bde64d9fd88011a876b131f9
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=13511/rand=331327543/pv=y/int=%23OpR%2385908%23Total%20Site%20Traffic%20%3A%20babesinhairland.com/rt=ifr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.35.129.75 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-35-129-75.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:14 GMT
cache-control
private, no-cache, no-store
x-request-time
D=23 t=1618903394
x-served-by
beacon-n017-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
tpid=2536668354284520938
sync.crwdcntrl.net/map/c=10915/tp=TRNN/ Frame 4126
Redirect Chain
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/440114f7bde64d9fd88011a876b131f9/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D
  • https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=2536668354284520938
49 B
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=2536668354284520938
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=13511/rand=331327543/pv=y/int=%23OpR%2385908%23Total%20Site%20Traffic%20%3A%20babesinhairland.com/rt=ifr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.109.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-109-165.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:14 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.25.184
content-type
image/gif
content-length
49
expires
0

Redirect headers

location
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=2536668354284520938
pragma
no-cache
date
Tue, 20 Apr 2021 07:23:14 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
geo.json
ipwatch.monu.delivery/ 		206 B
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ipwatch.monu.delivery/geo.json
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a01:7e00:1::b24f:afb0 London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
fc6fc86fc7d7d99f2caeeec7793c328aa2119c668b5e4df580da7f694077f684

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:14 GMT
server
nginx
content-type
application/json, application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600, public, no-transform
connection
close
content-length
206
expires
Tue, 20 Apr 2021 08:23:14 GMT
auction
prebid.adnxs.com/pbs/v1/ 		57 B
405 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.adnxs.com/pbs/v1/auction
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.252.161.190 Shepherds Bush, United Kingdom, ASN29990 (ASN-APPNEX, US),
Reverse DNS
prebid.ams1.adnexus.net
Software
nginx/1.19.0 /
Resource Hash
326504a785a2ef7de18eaba88656f28f55e7b7eeb8a940c265cff232b68a2bd9

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 20 Apr 2021 07:23:14 GMT
Server
nginx/1.19.0
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://babesinhairland.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
57
Expires
0
prebid_display
display.bfmio.com/ 		138 B
568 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://display.bfmio.com/prebid_display
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.243.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-243-141.compute-1.amazonaws.com
Software
/
Resource Hash
a85716c58ccf4de0545cbca107167a0abd8e1ea1174e5706585b1126ba6dca83
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Vary
Accept-Encoding, User-Agent
Content-Type
text/plain;charset=iso-8859-1
Access-Control-Allow-Origin
https://babesinhairland.com
Access-Control-Expose-Headers
location
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
147
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
479 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694ed0175757569cd8f4d621f0b3d&pos=babesinhairland.com_desktop_atf_728x90&cmd=bid&req=https%3A%2F%2Fbabesinhairland.com%2F&req(url)=https%3A%2F%2Fbabesinhairland.com%2F&secure=1
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
842a782edf80c77490125a4ce437517d3996d41687a776e1d897b99b7f0d357c

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 20 Apr 2021 07:23:14 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://babesinhairland.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
translator
hbopenbid.pubmatic.com/ 		0
118 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://babesinhairland.com
date
Tue, 20 Apr 2021 07:23:14 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ads.yieldmo.com/exchange/ 		0
226 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=4.33.0&p=%5B%7B%22placement_id%22%3A%22mmt-f6cee4b6-725c-4034-b6d3-d5c12b845ec7%22%2C%22callback_id%22%3A%2210b5a72a8d38b27%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222568922370718770014%22%7D%5D&page_url=https%3A%2F%2Fbabesinhairland.com%2F&bust=1618903394578&pr=https%3A%2F%2Fbabesinhairland.com%2F&scrd=1&dnt=false&description=Making%20the%20world%20a%20prettier%20place%20~%20One%20head%20of%20hair%20at%20a%20time!&title=Babes%20In%20Hairland%20-%20Making%20the%20world%20a%20prettier%20place%20~%20One%20head%20of%20hair%20at%20a%20time!&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%227517a629-baa3-4516-93c8-2f929a29d754%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.74.153.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-74-153-15.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://babesinhairland.com
pragma
no-cache
date
Tue, 20 Apr 2021 07:23:14 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
v1
dmx.districtm.io/b/ 		0
428 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 20 Apr 2021 07:23:14 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
https://babesinhairland.com
access-control-allow-credentials
true
cf-ray
642ca0487c7f32c4-CDG
access-control-allow-headers
Content-Type, Origin
cf-request-id
098fc28149000032c49793c000000001
bid
ap.lijit.com/rtb/ 		24 B
760 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.33.0
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx /
Resource Hash
27a0b78fb3492fe299dff14c81faa3e882e990dd6022a0a6375bf279af516639

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 20 Apr 2021 07:23:14 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://babesinhairland.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
trinity.json
apex.go.sonobi.com/ 		95 B
734 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2216ad67d401b3ceb%22%3A%224038e93c4d4c13bc38d7%7C728x90%22%7D&ref=https%3A%2F%2Fbabesinhairland.com%2F&s=73a1f54c-0e01-4424-b1e3-9b81dfd9456d&pv=5233cdfb-38a5-45a7-bf77-fc444e55ae39&vp=desktop&lib_name=prebid&lib_v=4.33.0&us=5&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%227517a629-baa3-4516-93c8-2f929a29d754%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
c041fb9b56b657e2232543e18327edf4cf429b24befc1b5f9ab9aa0e982f20f4
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 20 Apr 2021 07:23:14 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://babesinhairland.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
120
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
116 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.167.149 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://babesinhairland.com
date
Tue, 20 Apr 2021 07:23:14 GMT
access-control-allow-credentials
true
vary
Origin
arj
bloggernetwork-d.openx.net/w/1.0/ 		174 B
562 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bloggernetwork-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fbabesinhairland.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=d662c0d2-8ead-4b9a-b7cb-8fb1f4666ee2&nocache=1618903394583&schain=1.0%2C1!monumetric.com%2C7517a629-baa3-4516-93c8-2f929a29d754%2C1%2C%2C%2C&aus=728x90&divIds=mmt-f6cee4b6-725c-4034-b6d3-d5c12b845ec7&auid=539370378
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
77dc37a7edb7674b50949555df7c896a8cef625223b3a31618bcf501b842e632

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:14 GMT
content-encoding
gzip
server
OXGW/16.205.4
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://babesinhairland.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
164
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
imp
g2.gumgum.com/hbid/ 		2 B
359 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=95549&pi=3&bf=728x90&schain=1.0%2C1!monumetric.com%2C7517a629-baa3-4516-93c8-2f929a29d754%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fbabesinhairland.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.33.0%22%7D&ogu=https%3A%2F%2Fbabesinhairland.com%2F&ns=9830
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.72.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-72-47.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:14 GMT
content-type
application/json;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://babesinhairland.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
content-length
2
expires
0
prebid
ib.adnxs.com/ut/v3/ 		19 B
713 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.178 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
824.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 20 Apr 2021 07:23:14 GMT
X-Proxy-Origin
82.102.18.114; 82.102.18.114; 824.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.9:80
AN-X-Request-Uuid
1d50dabb-927a-4cf9-8cf9-5abbc50b8d84
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://babesinhairland.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
hb
ssc.33across.com/api/v1/ 		66 B
644 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=bFQb0ON20r6RjGaKlId8sQ
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.4.152.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/ 33Across
Resource Hash
e0e52fe07e3f126ede57a06809d9550356bc9c34a0e0cf2c70206022f5e1dba9

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 20 Apr 2021 07:23:14 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://babesinhairland.com
access-control-allow-credentials
true
geo.json
ipwatch.monu.delivery/ 		206 B
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ipwatch.monu.delivery/geo.json
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a01:7e00:1::b24f:afb0 London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
fc6fc86fc7d7d99f2caeeec7793c328aa2119c668b5e4df580da7f694077f684

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:14 GMT
server
nginx
content-type
application/json, application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600, public, no-transform
connection
close
content-length
206
expires
Tue, 20 Apr 2021 08:23:14 GMT
auction
prebid.adnxs.com/pbs/v1/ 		57 B
405 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.adnxs.com/pbs/v1/auction
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.252.161.190 Shepherds Bush, United Kingdom, ASN29990 (ASN-APPNEX, US),
Reverse DNS
prebid.ams1.adnexus.net
Software
nginx/1.19.0 /
Resource Hash
326504a785a2ef7de18eaba88656f28f55e7b7eeb8a940c265cff232b68a2bd9

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 20 Apr 2021 07:23:14 GMT
Server
nginx/1.19.0
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://babesinhairland.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
57
Expires
0
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
479 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694ed0175757569cd8f4d621f0b3d&pos=babesinhairland.com_desktop_atf_300x250&cmd=bid&req=https%3A%2F%2Fbabesinhairland.com%2F&req(url)=https%3A%2F%2Fbabesinhairland.com%2F&secure=1
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
88d9ff02a9684819673ab106fed898d7ff117701d765892d3a574cb96c071776

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 20 Apr 2021 07:23:14 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://babesinhairland.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
479 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694ed0175757569cd8f4d621f0b3d&pos=babesinhairland.com_desktop_atf_300x600&cmd=bid&req=https%3A%2F%2Fbabesinhairland.com%2F&req(url)=https%3A%2F%2Fbabesinhairland.com%2F&secure=1
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
7f6e5468ecaf07c803f2b1dfa2a13d5baaa5cfaa1ad21d372c45c75e49ac097f

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 20 Apr 2021 07:23:14 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://babesinhairland.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
479 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694ed0175757569cd8f4d621f0b3d&pos=babesinhairland.com_desktop_atf_160x600&cmd=bid&req=https%3A%2F%2Fbabesinhairland.com%2F&req(url)=https%3A%2F%2Fbabesinhairland.com%2F&secure=1
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
978c87e304f7dd8445d2365141b7377d2c1ef54f9d0b855d245320ac5a392664

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 20 Apr 2021 07:23:14 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://babesinhairland.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
trinity.json
apex.go.sonobi.com/ 		135 B
778 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2235dce5fe79a7fe%22%3A%22177369c437c672237248%7C300x250%2C300x600%2C160x600%22%2C%223634c59fa72d17%22%3A%22dcc4cd9596e80d497120%7C300x250%2C300x600%2C160x600%22%2C%2237c73a625e34ef3%22%3A%22d23fc2fbe929165f22f9%7C300x250%2C300x600%2C160x600%22%7D&ref=https%3A%2F%2Fbabesinhairland.com%2F&s=90675e01-f411-4cd2-ad5c-aea4c4d241da&pv=5233cdfb-38a5-45a7-bf77-fc444e55ae39&vp=desktop&lib_name=prebid&lib_v=4.33.0&us=5&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%227517a629-baa3-4516-93c8-2f929a29d754%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
c0ed47bcf3fee54998aab59e079bf171b4a3e62fd1e435a88800738858305221
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 20 Apr 2021 07:23:14 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://babesinhairland.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
160
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
prebid
ads.yieldmo.com/exchange/ 		0
227 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=4.33.0&p=%5B%7B%22placement_id%22%3A%22mmt-59c0ac00-7764-4c60-b309-726d8ae832b7%22%2C%22callback_id%22%3A%22391c198ff25c4d3%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%2C%5B160%2C600%5D%5D%2C%22ym_placement_id%22%3A%222568922370718770014%22%7D%5D&page_url=https%3A%2F%2Fbabesinhairland.com%2F&bust=1618903394593&pr=https%3A%2F%2Fbabesinhairland.com%2F&scrd=1&dnt=false&description=Making%20the%20world%20a%20prettier%20place%20~%20One%20head%20of%20hair%20at%20a%20time!&title=Babes%20In%20Hairland%20-%20Making%20the%20world%20a%20prettier%20place%20~%20One%20head%20of%20hair%20at%20a%20time!&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%227517a629-baa3-4516-93c8-2f929a29d754%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.74.153.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-74-153-15.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://babesinhairland.com
pragma
no-cache
date
Tue, 20 Apr 2021 07:23:14 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
prebid
ib.adnxs.com/ut/v3/ 		19 B
714 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.178 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
824.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 20 Apr 2021 07:23:14 GMT
X-Proxy-Origin
82.102.18.114; 82.102.18.114; 824.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.82:80
AN-X-Request-Uuid
dc1380f1-9b23-49c4-8498-65c055447a94
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://babesinhairland.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://babesinhairland.com
date
Tue, 20 Apr 2021 07:23:14 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
arj
bloggernetwork-d.openx.net/w/1.0/ 		175 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bloggernetwork-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fbabesinhairland.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=77160ba7-7f8e-4795-8424-099dd53aecd1&nocache=1618903394598&schain=1.0%2C1!monumetric.com%2C7517a629-baa3-4516-93c8-2f929a29d754%2C1%2C%2C%2C&aus=300x250%2C300x600%2C160x600&divIds=mmt-59c0ac00-7764-4c60-b309-726d8ae832b7&auid=539370378
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
ca4af1ff8c77ca6ee121a106f3a79e4b55e710e26e595c36ce0eac86973a907f

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:14 GMT
content-encoding
gzip
server
OXGW/16.205.4
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://babesinhairland.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
165
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid_display
display.bfmio.com/ 		138 B
568 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://display.bfmio.com/prebid_display
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.243.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-243-141.compute-1.amazonaws.com
Software
/
Resource Hash
8f64c8e04c5b5317ce51da7c2ae36ec81c59933fd592ab4c0757eb197e206920
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Vary
Accept-Encoding, User-Agent
Content-Type
text/plain;charset=iso-8859-1
Access-Control-Allow-Origin
https://babesinhairland.com
Access-Control-Expose-Headers
location
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
147
imp
g2.gumgum.com/hbid/ 		2 B
360 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=95544&pi=3&bf=300x250%2C300x600%2C160x600&schain=1.0%2C1!monumetric.com%2C7517a629-baa3-4516-93c8-2f929a29d754%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fbabesinhairland.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.33.0%22%7D&ogu=https%3A%2F%2Fbabesinhairland.com%2F&ns=9830
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.72.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-72-47.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:14 GMT
content-type
application/json;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://babesinhairland.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
content-length
2
expires
0
imp
g2.gumgum.com/hbid/ 		2 B
359 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=95542&pi=3&bf=300x250%2C300x600%2C160x600&schain=1.0%2C1!monumetric.com%2C7517a629-baa3-4516-93c8-2f929a29d754%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fbabesinhairland.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.33.0%22%7D&ogu=https%3A%2F%2Fbabesinhairland.com%2F&ns=9830
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.72.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-72-47.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:14 GMT
content-type
application/json;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://babesinhairland.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
content-length
2
expires
0
imp
g2.gumgum.com/hbid/ 		2 B
359 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=95545&pi=3&bf=300x250%2C300x600%2C160x600&schain=1.0%2C1!monumetric.com%2C7517a629-baa3-4516-93c8-2f929a29d754%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fbabesinhairland.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.33.0%22%7D&ogu=https%3A%2F%2Fbabesinhairland.com%2F&ns=9830
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.72.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-72-47.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:14 GMT
content-type
application/json;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://babesinhairland.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
content-length
2
expires
0
bid
ap.lijit.com/rtb/ 		24 B
760 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.33.0
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx /
Resource Hash
a555196d4d553492044b1579f515d14dd9f2483594f82ac5faf89fea19c30e9c

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 20 Apr 2021 07:23:14 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://babesinhairland.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
v1
dmx.districtm.io/b/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 20 Apr 2021 07:23:14 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
https://babesinhairland.com
access-control-allow-credentials
true
cf-ray
642ca0487c8132c4-CDG
access-control-allow-headers
Content-Type, Origin
cf-request-id
098fc2814c000032c4ee11e000000001
hb
ssc.33across.com/api/v1/ 		66 B
637 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=bFQb0ON20r6RjGaKlId8sQ
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.4.152.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/ 33Across
Resource Hash
0a9a9dae3790a857a6469e98003bbc942600f409e3f8b492944d80a39690e65b

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 20 Apr 2021 07:23:14 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://babesinhairland.com
access-control-allow-credentials
true
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.167.149 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://babesinhairland.com
date
Tue, 20 Apr 2021 07:23:14 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.167.149 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://babesinhairland.com
date
Tue, 20 Apr 2021 07:23:14 GMT
access-control-allow-credentials
true
vary
Origin
geo.json
ipwatch.monu.delivery/ 		206 B
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ipwatch.monu.delivery/geo.json
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a01:7e00:1::b24f:afb0 London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
fc6fc86fc7d7d99f2caeeec7793c328aa2119c668b5e4df580da7f694077f684

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:14 GMT
server
nginx
content-type
application/json, application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600, public, no-transform
connection
close
content-length
206
expires
Tue, 20 Apr 2021 08:23:14 GMT
geo.json
ipwatch.monu.delivery/ 		206 B
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ipwatch.monu.delivery/geo.json
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a01:7e00:1::b24f:afb0 London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
fc6fc86fc7d7d99f2caeeec7793c328aa2119c668b5e4df580da7f694077f684

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:14 GMT
server
nginx
content-type
application/json, application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600, public, no-transform
connection
close
content-length
206
expires
Tue, 20 Apr 2021 08:23:14 GMT
geo.json
ipwatch.monu.delivery/ 		206 B
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ipwatch.monu.delivery/geo.json
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a01:7e00:1::b24f:afb0 London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
fc6fc86fc7d7d99f2caeeec7793c328aa2119c668b5e4df580da7f694077f684

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:14 GMT
server
nginx
content-type
application/json, application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600, public, no-transform
connection
close
content-length
206
expires
Tue, 20 Apr 2021 08:23:14 GMT
geo.json
ipwatch.monu.delivery/ 		206 B
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ipwatch.monu.delivery/geo.json
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a01:7e00:1::b24f:afb0 London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
fc6fc86fc7d7d99f2caeeec7793c328aa2119c668b5e4df580da7f694077f684

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:14 GMT
server
nginx
content-type
application/json, application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600, public, no-transform
connection
close
content-length
206
expires
Tue, 20 Apr 2021 08:23:14 GMT
geo.json
ipwatch.monu.delivery/ 		206 B
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ipwatch.monu.delivery/geo.json
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a01:7e00:1::b24f:afb0 London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
fc6fc86fc7d7d99f2caeeec7793c328aa2119c668b5e4df580da7f694077f684

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:14 GMT
server
nginx
content-type
application/json, application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600, public, no-transform
connection
close
content-length
206
expires
Tue, 20 Apr 2021 08:23:14 GMT
geo.json
ipwatch.monu.delivery/ 		206 B
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ipwatch.monu.delivery/geo.json
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a01:7e00:1::b24f:afb0 London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
fc6fc86fc7d7d99f2caeeec7793c328aa2119c668b5e4df580da7f694077f684

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:14 GMT
server
nginx
content-type
application/json, application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600, public, no-transform
connection
close
content-length
206
expires
Tue, 20 Apr 2021 08:23:14 GMT
geo.json
ipwatch.monu.delivery/ 		206 B
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ipwatch.monu.delivery/geo.json
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a01:7e00:1::b24f:afb0 London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
fc6fc86fc7d7d99f2caeeec7793c328aa2119c668b5e4df580da7f694077f684

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:14 GMT
server
nginx
content-type
application/json, application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600, public, no-transform
connection
close
content-length
206
expires
Tue, 20 Apr 2021 08:23:14 GMT
geo.json
ipwatch.monu.delivery/ 		206 B
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ipwatch.monu.delivery/geo.json
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a01:7e00:1::b24f:afb0 London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
fc6fc86fc7d7d99f2caeeec7793c328aa2119c668b5e4df580da7f694077f684

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:14 GMT
server
nginx
content-type
application/json, application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600, public, no-transform
connection
close
content-length
206
expires
Tue, 20 Apr 2021 08:23:14 GMT
geo.json
ipwatch.monu.delivery/ 		206 B
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ipwatch.monu.delivery/geo.json
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a01:7e00:1::b24f:afb0 London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
fc6fc86fc7d7d99f2caeeec7793c328aa2119c668b5e4df580da7f694077f684

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:14 GMT
server
nginx
content-type
application/json, application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600, public, no-transform
connection
close
content-length
206
expires
Tue, 20 Apr 2021 08:23:14 GMT
geo.json
ipwatch.monu.delivery/ 		206 B
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ipwatch.monu.delivery/geo.json
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a01:7e00:1::b24f:afb0 London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
fc6fc86fc7d7d99f2caeeec7793c328aa2119c668b5e4df580da7f694077f684

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:14 GMT
server
nginx
content-type
application/json, application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600, public, no-transform
connection
close
content-length
206
expires
Tue, 20 Apr 2021 08:23:14 GMT
mmt.gif
imps.monu.delivery/ 		37 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=6f1eb64d-98de-44ae-822a-11d1ad39ee16&a=s.d&u=f6cee4b6-725c-4034-b6d3-d5c12b845ec7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 06:43:13 GMT
age
2401
x-guploader-uploadid
ABg5-UzVPSvIzzt5NuIH7fdJx_bUR9rBAlaUeodl9S9VpASlE_m14NjfiH5YbmMC7-5qayL5xewCi6cU6VQklbq84IfEZbgOXA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation
1499850799559224
cache-control
public, max-age=3600
x-goog-stored-content-length
37
accept-ranges
bytes
content-type
image/gif
expires
Tue, 20 Apr 2021 07:43:13 GMT
mmt.gif
imps.monu.delivery/ 		37 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=6f1eb64d-98de-44ae-822a-11d1ad39ee16&a=s.d&u=59c0ac00-7764-4c60-b309-726d8ae832b7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 06:43:13 GMT
age
2401
x-guploader-uploadid
ABg5-UzVPSvIzzt5NuIH7fdJx_bUR9rBAlaUeodl9S9VpASlE_m14NjfiH5YbmMC7-5qayL5xewCi6cU6VQklbq84IfEZbgOXA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation
1499850799559224
cache-control
public, max-age=3600
x-goog-stored-content-length
37
accept-ranges
bytes
content-type
image/gif
expires
Tue, 20 Apr 2021 07:43:13 GMT
mmt.gif
imps.monu.delivery/ 		37 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=6f1eb64d-98de-44ae-822a-11d1ad39ee16&a=s.d&u=168c2501-db28-4f81-a42c-421822f063eb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 06:43:13 GMT
age
2401
x-guploader-uploadid
ABg5-UzVPSvIzzt5NuIH7fdJx_bUR9rBAlaUeodl9S9VpASlE_m14NjfiH5YbmMC7-5qayL5xewCi6cU6VQklbq84IfEZbgOXA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation
1499850799559224
cache-control
public, max-age=3600
x-goog-stored-content-length
37
accept-ranges
bytes
content-type
image/gif
expires
Tue, 20 Apr 2021 07:43:13 GMT
mmt.gif
imps.monu.delivery/ 		37 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=6f1eb64d-98de-44ae-822a-11d1ad39ee16&a=s.d&u=80284279-b7da-4f76-b2aa-5bea9f07f95b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 06:43:13 GMT
age
2401
x-guploader-uploadid
ABg5-UzVPSvIzzt5NuIH7fdJx_bUR9rBAlaUeodl9S9VpASlE_m14NjfiH5YbmMC7-5qayL5xewCi6cU6VQklbq84IfEZbgOXA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation
1499850799559224
cache-control
public, max-age=3600
x-goog-stored-content-length
37
accept-ranges
bytes
content-type
image/gif
expires
Tue, 20 Apr 2021 07:43:13 GMT
mmt.gif
imps.monu.delivery/ 		37 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=6f1eb64d-98de-44ae-822a-11d1ad39ee16&a=s.d&u=df98e700-2954-4a18-a169-750c006510ee
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 06:43:13 GMT
age
2401
x-guploader-uploadid
ABg5-UzVPSvIzzt5NuIH7fdJx_bUR9rBAlaUeodl9S9VpASlE_m14NjfiH5YbmMC7-5qayL5xewCi6cU6VQklbq84IfEZbgOXA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation
1499850799559224
cache-control
public, max-age=3600
x-goog-stored-content-length
37
accept-ranges
bytes
content-type
image/gif
expires
Tue, 20 Apr 2021 07:43:13 GMT
mmt.gif
imps.monu.delivery/ 		37 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=6f1eb64d-98de-44ae-822a-11d1ad39ee16&a=s.d&u=b6ca773d-eea7-4536-92fe-b03c0d8e826c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 06:43:13 GMT
age
2401
x-guploader-uploadid
ABg5-UzVPSvIzzt5NuIH7fdJx_bUR9rBAlaUeodl9S9VpASlE_m14NjfiH5YbmMC7-5qayL5xewCi6cU6VQklbq84IfEZbgOXA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation
1499850799559224
cache-control
public, max-age=3600
x-goog-stored-content-length
37
accept-ranges
bytes
content-type
image/gif
expires
Tue, 20 Apr 2021 07:43:13 GMT
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
374 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fbabesinhairland.com%2F&pid=SLREmt2Hu8BCL&cb=0&ws=1600x1200&v=7.63.00&t=2100&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F20842576%2FAUU01M%2FAUU01M-DDP.C%22%7D%5D&cfgv=0&schain=1.0%2C1!monumetric.com%2C7517a629-baa3-4516-93c8-2f929a29d754%2C1%2C%2C%2C&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.103.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-103-105.zrh50.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:14 GMT
via
1.1 7245e91891539560c1f484b1e46159c9.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
ZRH50-C1
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://babesinhairland.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
SRKCQERtenzYZDF_SaBR60np8iqZEcQ2YN-VJ8GdmFH5UTP1OACAkA==
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fbabesinhairland.com%2F&pid=SLREmt2Hu8BCL&cb=1&ws=1600x1200&v=7.63.00&t=2100&slots=%5B%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22160x600%22%5D%2C%22sn%22%3A%22%2F20842576%2FAUU01M%2FAUU01M-DDS.B%22%7D%5D&cfgv=0&schain=1.0%2C1!monumetric.com%2C7517a629-baa3-4516-93c8-2f929a29d754%2C1%2C%2C%2C&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.103.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-103-105.zrh50.r.cloudfront.net
Software
Server /
Resource Hash
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:14 GMT
via
1.1 7245e91891539560c1f484b1e46159c9.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
ZRH50-C1
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://babesinhairland.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
efxPpLotuW-atQEpYnCz-r-wlDfsbmbsmmyHFuvw5GkNGsX4lmM9Og==
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fbabesinhairland.com%2F&pid=SLREmt2Hu8BCL&cb=2&ws=1600x1200&v=7.63.00&t=2100&slots=%5B%7B%22sd%22%3A%222%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22160x600%22%5D%2C%22sn%22%3A%22%2F20842576%2FAUU01M%2FAUU01M-DDS.C%22%7D%5D&cfgv=0&schain=1.0%2C1!monumetric.com%2C7517a629-baa3-4516-93c8-2f929a29d754%2C1%2C%2C%2C&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.103.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-103-105.zrh50.r.cloudfront.net
Software
Server /
Resource Hash
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:14 GMT
via
1.1 7245e91891539560c1f484b1e46159c9.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
ZRH50-C1
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://babesinhairland.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
c292axyexGXeQDYOBAZcN5p3cJEhevyZBHVj72JKtbIoMRpYGj_M4Q==
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fbabesinhairland.com%2F&pid=SLREmt2Hu8BCL&cb=3&ws=1600x1200&v=7.63.00&t=2100&slots=%5B%7B%22sd%22%3A%223%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22160x600%22%5D%2C%22sn%22%3A%22%2F20842576%2FAUU01M%2FAUU01M-DDT.E%22%7D%5D&cfgv=0&schain=1.0%2C1!monumetric.com%2C7517a629-baa3-4516-93c8-2f929a29d754%2C1%2C%2C%2C&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.103.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-103-105.zrh50.r.cloudfront.net
Software
Server /
Resource Hash
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:14 GMT
via
1.1 7245e91891539560c1f484b1e46159c9.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
ZRH50-C1
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://babesinhairland.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
3VGCVh3Jq2dnYklU2wj5emo69ffPvsfYb3p3iY-zOTPNdNviKKGGFg==
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fbabesinhairland.com%2F&pid=SLREmt2Hu8BCL&cb=4&ws=1600x1200&v=7.63.00&t=2100&slots=%5B%7B%22sd%22%3A%224%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F20842576%2FAUU01M%2FAUU01M-DDA.B%22%7D%5D&cfgv=0&schain=1.0%2C1!monumetric.com%2C7517a629-baa3-4516-93c8-2f929a29d754%2C1%2C%2C%2C&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.103.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-103-105.zrh50.r.cloudfront.net
Software
Server /
Resource Hash
6139dddd3b6b6b847bccd476918dc8fb4f4f5a10908e5707c704f155e0918e84

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:14 GMT
via
1.1 7245e91891539560c1f484b1e46159c9.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
ZRH50-C1
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://babesinhairland.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
uGqEbEm1dkmmPq1tyYz48cI1dtyuwuUND5-MyiCC9LGF-JpG82R34g==
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fbabesinhairland.com%2F&pid=SLREmt2Hu8BCL&cb=5&ws=1600x1200&v=7.63.00&t=2100&slots=%5B%7B%22sd%22%3A%225%22%2C%22s%22%3A%5B%22300x250%22%2C%22160x600%22%5D%2C%22sn%22%3A%22%2F20842576%2FAUU01M%2FAUU01M-DDR.A%22%7D%5D&cfgv=0&schain=1.0%2C1!monumetric.com%2C7517a629-baa3-4516-93c8-2f929a29d754%2C1%2C%2C%2C&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.103.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-103-105.zrh50.r.cloudfront.net
Software
Server /
Resource Hash
111041158b9290ae7cc0c6da69d7c4f5600e8a73b4c7399d675df7f15ba7b063

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:14 GMT
via
1.1 7245e91891539560c1f484b1e46159c9.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
ZRH50-C1
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://babesinhairland.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
ihYXChsxjCJdTAQwTjMTlc7dk35ssiz8alyHmK_0ZK4_CCdt8foKNA==
otSDKStub.js
cmp-cdn.cookielaw.org/scripttemplates/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp-cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2598fd0548d38d4414901e577ef33247f82a30acdb68a74236496143f7077192
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 20 Apr 2021 07:23:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
JVAndnKaGjIy3NFOrT6xPQ==
age
900
cf-polished
origSize=13478
last-modified
Fri, 05 Feb 2021 17:39:07 GMT
vary
Accept-Encoding
cf-request-id
098fc2818200002bade0239000000001
x-ms-lease-status
unlocked
cf-bgj
minify
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
d1352dcd-f01e-0038-4fe5-fb7016000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
cf-ray
642ca048cdd72bad-FRA
expires
Tue, 20 Apr 2021 11:23:14 GMT
bottom-center-default-global.json
cmp-cdn.cookielaw.org/consent/bottom-center-default-global/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmp-cdn.cookielaw.org/consent/bottom-center-default-global/bottom-center-default-global.json
Requested by
Host: cmp-cdn.cookielaw.org
URL: https://cmp-cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8cd5a36d529b5f6a615bb91c1db7804e803fa6c9844b58f991410ce13993316b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 20 Apr 2021 07:23:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-md5
tXBT16ktnX7ktreh09r26A==
cf-request-id
098fc281b800002c3a1a8a7000000001
x-ms-lease-status
unlocked
last-modified
Fri, 05 Feb 2021 17:34:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
af5ff928-301e-0045-13b6-350135000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
cf-ray
642ca04928ee2c3a-FRA
bottom-center-default-global.json
cmp-cdn.cookielaw.org/consent/bottom-center-default-global/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmp-cdn.cookielaw.org/consent/bottom-center-default-global/bottom-center-default-global.json
Requested by
Host: cmp-cdn.cookielaw.org
URL: https://cmp-cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8cd5a36d529b5f6a615bb91c1db7804e803fa6c9844b58f991410ce13993316b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 20 Apr 2021 07:23:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-md5
tXBT16ktnX7ktreh09r26A==
cf-request-id
098fc281b900002c3a513fa000000001
x-ms-lease-status
unlocked
last-modified
Fri, 05 Feb 2021 17:34:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
5365205e-001e-002c-0eb6-353879000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
cf-ray
642ca04928f32c3a-FRA
bottom-center-default-global.json
cmp-cdn.cookielaw.org/consent/bottom-center-default-global/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmp-cdn.cookielaw.org/consent/bottom-center-default-global/bottom-center-default-global.json
Requested by
Host: cmp-cdn.cookielaw.org
URL: https://cmp-cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8cd5a36d529b5f6a615bb91c1db7804e803fa6c9844b58f991410ce13993316b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 20 Apr 2021 07:23:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-md5
tXBT16ktnX7ktreh09r26A==
cf-request-id
098fc281ba00002c3ae6bd0000000001
x-ms-lease-status
unlocked
last-modified
Fri, 05 Feb 2021 17:34:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
191d250e-501e-001e-07b6-35380e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
cf-ray
642ca04928f42c3a-FRA
bottom-center-default-global.json
cmp-cdn.cookielaw.org/consent/bottom-center-default-global/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmp-cdn.cookielaw.org/consent/bottom-center-default-global/bottom-center-default-global.json
Requested by
Host: cmp-cdn.cookielaw.org
URL: https://cmp-cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8cd5a36d529b5f6a615bb91c1db7804e803fa6c9844b58f991410ce13993316b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 20 Apr 2021 07:23:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-md5
tXBT16ktnX7ktreh09r26A==
cf-request-id
098fc281bb00002c3a4119c000000001
x-ms-lease-status
unlocked
last-modified
Fri, 05 Feb 2021 17:34:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
49a153b9-401e-0060-0fb6-35a849000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
cf-ray
642ca04928f52c3a-FRA
bottom-center-default-global.json
cmp-cdn.cookielaw.org/consent/bottom-center-default-global/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmp-cdn.cookielaw.org/consent/bottom-center-default-global/bottom-center-default-global.json
Requested by
Host: cmp-cdn.cookielaw.org
URL: https://cmp-cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8cd5a36d529b5f6a615bb91c1db7804e803fa6c9844b58f991410ce13993316b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 20 Apr 2021 07:23:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-md5
tXBT16ktnX7ktreh09r26A==
cf-request-id
098fc281b800002c3a0cae9000000001
x-ms-lease-status
unlocked
last-modified
Fri, 05 Feb 2021 17:34:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
d127f99b-801e-0040-2db6-35d3ee000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
cf-ray
642ca04928f12c3a-FRA
bottom-center-default-global.json
cmp-cdn.cookielaw.org/consent/bottom-center-default-global/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmp-cdn.cookielaw.org/consent/bottom-center-default-global/bottom-center-default-global.json
Requested by
Host: cmp-cdn.cookielaw.org
URL: https://cmp-cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8cd5a36d529b5f6a615bb91c1db7804e803fa6c9844b58f991410ce13993316b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 20 Apr 2021 07:23:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-md5
tXBT16ktnX7ktreh09r26A==
cf-request-id
098fc281bb00002c3a51bca000000001
x-ms-lease-status
unlocked
last-modified
Fri, 05 Feb 2021 17:34:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
1dbcafd5-901e-0011-24b6-354e62000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
cf-ray
642ca04928f82c3a-FRA
otSDKStub.js
cmp-cdn.cookielaw.org/scripttemplates/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp-cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2598fd0548d38d4414901e577ef33247f82a30acdb68a74236496143f7077192
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 20 Apr 2021 07:23:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
JVAndnKaGjIy3NFOrT6xPQ==
age
900
cf-polished
origSize=13478
last-modified
Fri, 05 Feb 2021 17:39:07 GMT
vary
Accept-Encoding
cf-request-id
098fc281b100002badfa154000000001
x-ms-lease-status
unlocked
cf-bgj
minify
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
d1352dcd-f01e-0038-4fe5-fb7016000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
cf-ray
642ca0491e4c2bad-FRA
expires
Tue, 20 Apr 2021 11:23:14 GMT
bottom-center-default-global.json
cmp-cdn.cookielaw.org/consent/bottom-center-default-global/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmp-cdn.cookielaw.org/consent/bottom-center-default-global/bottom-center-default-global.json
Requested by
Host: cmp-cdn.cookielaw.org
URL: https://cmp-cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8cd5a36d529b5f6a615bb91c1db7804e803fa6c9844b58f991410ce13993316b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 20 Apr 2021 07:23:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-md5
tXBT16ktnX7ktreh09r26A==
cf-request-id
098fc281c400002c3a35a8c000000001
x-ms-lease-status
unlocked
last-modified
Fri, 05 Feb 2021 17:34:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
f437d3a5-f01e-0038-5bb6-357016000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
cf-ray
642ca04939162c3a-FRA
bottom-center-default-global.json
cmp-cdn.cookielaw.org/consent/bottom-center-default-global/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmp-cdn.cookielaw.org/consent/bottom-center-default-global/bottom-center-default-global.json
Requested by
Host: cmp-cdn.cookielaw.org
URL: https://cmp-cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8cd5a36d529b5f6a615bb91c1db7804e803fa6c9844b58f991410ce13993316b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 20 Apr 2021 07:23:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-md5
tXBT16ktnX7ktreh09r26A==
cf-request-id
098fc281c500002c3a0caea000000001
x-ms-lease-status
unlocked
last-modified
Fri, 05 Feb 2021 17:34:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
86252b40-d01e-004d-6eb6-351b3a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
cf-ray
642ca049391b2c3a-FRA
otSDKStub.js
cmp-cdn.cookielaw.org/scripttemplates/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp-cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2598fd0548d38d4414901e577ef33247f82a30acdb68a74236496143f7077192
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 20 Apr 2021 07:23:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
JVAndnKaGjIy3NFOrT6xPQ==
age
900
cf-polished
origSize=13478
last-modified
Fri, 05 Feb 2021 17:39:07 GMT
vary
Accept-Encoding
cf-request-id
098fc281d300002baddf2fe000000001
x-ms-lease-status
unlocked
cf-bgj
minify
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
d1352dcd-f01e-0038-4fe5-fb7016000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
cf-ray
642ca0495ebc2bad-FRA
expires
Tue, 20 Apr 2021 11:23:14 GMT
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		197 B
556 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cmp-cdn.cookielaw.org
URL: https://cmp-cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b25aa5eb92fee08d51add083e5c4fa22516e9d1ab61179734fbb1e27fb7f8063
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:14 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
642ca04999162c4a-FRA
cf-request-id
098fc281fe00002c4a92837000000001
auction
prebid.adnxs.com/pbs/v1/ 		57 B
405 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.adnxs.com/pbs/v1/auction
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.252.161.190 Shepherds Bush, United Kingdom, ASN29990 (ASN-APPNEX, US),
Reverse DNS
prebid.ams1.adnexus.net
Software
nginx/1.19.0 /
Resource Hash
326504a785a2ef7de18eaba88656f28f55e7b7eeb8a940c265cff232b68a2bd9

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 20 Apr 2021 07:23:14 GMT
Server
nginx/1.19.0
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://babesinhairland.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
57
Expires
0
prebid
ads.yieldmo.com/exchange/ 		0
226 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=4.33.0&p=%5B%7B%22placement_id%22%3A%22mmt-168c2501-db28-4f81-a42c-421822f063eb%22%2C%22callback_id%22%3A%226935efbc6b994b6%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%2C%5B160%2C600%5D%5D%2C%22ym_placement_id%22%3A%222568922370718770014%22%7D%5D&page_url=https%3A%2F%2Fbabesinhairland.com%2F&bust=1618903394792&pr=https%3A%2F%2Fbabesinhairland.com%2F&scrd=1&dnt=false&description=Making%20the%20world%20a%20prettier%20place%20~%20One%20head%20of%20hair%20at%20a%20time!&title=Babes%20In%20Hairland%20-%20Making%20the%20world%20a%20prettier%20place%20~%20One%20head%20of%20hair%20at%20a%20time!&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%227517a629-baa3-4516-93c8-2f929a29d754%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.74.153.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-74-153-15.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://babesinhairland.com
pragma
no-cache
date
Tue, 20 Apr 2021 07:23:14 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
v1
dmx.districtm.io/b/ 		0
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 20 Apr 2021 07:23:14 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
https://babesinhairland.com
access-control-allow-credentials
true
cf-ray
642ca0498e9832c4-CDG
access-control-allow-headers
Content-Type, Origin
cf-request-id
098fc281f4000032c4d2110000000001
bid
ap.lijit.com/rtb/ 		25 B
761 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.33.0
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx /
Resource Hash
723e23baa6a59cdc3a7224f860d2d083c1f7a36711a417cec6940c6b45d72c92

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 20 Apr 2021 07:23:14 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://babesinhairland.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
trinity.json
apex.go.sonobi.com/ 		137 B
690 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2277d0b1993f131f4%22%3A%22177369c437c672237248%7C300x250%2C300x600%2C160x600%22%2C%227848effd697e0ad%22%3A%22dcc4cd9596e80d497120%7C300x250%2C300x600%2C160x600%22%2C%2279771507de965f6%22%3A%22d23fc2fbe929165f22f9%7C300x250%2C300x600%2C160x600%22%7D&ref=https%3A%2F%2Fbabesinhairland.com%2F&s=8a299c1c-fdf6-4d1e-92f3-93358b275695&pv=5233cdfb-38a5-45a7-bf77-fc444e55ae39&vp=desktop&lib_name=prebid&lib_v=4.33.0&us=5&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%227517a629-baa3-4516-93c8-2f929a29d754%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
943e945fe580c2f73bb2aa74975847f582af4d2417d108fd7777464520f80766
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 20 Apr 2021 07:23:14 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://babesinhairland.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
162
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
imp
g2.gumgum.com/hbid/ 		2 B
359 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=95544&pi=3&bf=300x250%2C300x600%2C160x600&schain=1.0%2C1!monumetric.com%2C7517a629-baa3-4516-93c8-2f929a29d754%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fbabesinhairland.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.33.0%22%7D&ogu=https%3A%2F%2Fbabesinhairland.com%2F&ns=9830
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.72.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-72-47.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:14 GMT
content-type
application/json;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://babesinhairland.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
content-length
2
expires
0
imp
g2.gumgum.com/hbid/ 		2 B
359 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=95542&pi=3&bf=300x250%2C300x600%2C160x600&schain=1.0%2C1!monumetric.com%2C7517a629-baa3-4516-93c8-2f929a29d754%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fbabesinhairland.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.33.0%22%7D&ogu=https%3A%2F%2Fbabesinhairland.com%2F&ns=9830
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.72.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-72-47.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:14 GMT
content-type
application/json;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://babesinhairland.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
content-length
2
expires
0
imp
g2.gumgum.com/hbid/ 		2 B
359 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=95545&pi=3&bf=300x250%2C300x600%2C160x600&schain=1.0%2C1!monumetric.com%2C7517a629-baa3-4516-93c8-2f929a29d754%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fbabesinhairland.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.33.0%22%7D&ogu=https%3A%2F%2Fbabesinhairland.com%2F&ns=9830
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.72.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-72-47.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:14 GMT
content-type
application/json;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://babesinhairland.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
content-length
2
expires
0
prebid_display
display.bfmio.com/ 		138 B
567 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://display.bfmio.com/prebid_display
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.243.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-243-141.compute-1.amazonaws.com
Software
/
Resource Hash
a549d04368a80efbf3486c0df2a376c16203df2cefb64dc7dc98420ef5dc8af4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Vary
Accept-Encoding, User-Agent
Content-Type
text/plain;charset=iso-8859-1
Access-Control-Allow-Origin
https://babesinhairland.com
Access-Control-Expose-Headers
location
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
146
translator
hbopenbid.pubmatic.com/ 		0
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://babesinhairland.com
date
Tue, 20 Apr 2021 07:23:14 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
arj
bloggernetwork-d.openx.net/w/1.0/ 		174 B
356 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bloggernetwork-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fbabesinhairland.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=e6a044bc-e4a0-4f3f-967c-f3ef7f24c2dd&nocache=1618903394795&schain=1.0%2C1!monumetric.com%2C7517a629-baa3-4516-93c8-2f929a29d754%2C1%2C%2C%2C&aus=300x250%2C300x600%2C160x600&divIds=mmt-168c2501-db28-4f81-a42c-421822f063eb&auid=539370378
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
281a0e2c992f5172b4222eca2c81b80126899a04c290f0c27b45fe37c23ea45f

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:14 GMT
content-encoding
gzip
server
OXGW/16.205.4
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://babesinhairland.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
164
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		19 B
715 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.178 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
824.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 20 Apr 2021 07:23:14 GMT
X-Proxy-Origin
82.102.18.114; 82.102.18.114; 824.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.150:80
AN-X-Request-Uuid
3adefe80-ea45-46fa-b614-4ccf3be33c55
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://babesinhairland.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.167.149 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://babesinhairland.com
date
Tue, 20 Apr 2021 07:23:14 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.167.149 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://babesinhairland.com
date
Tue, 20 Apr 2021 07:23:14 GMT
access-control-allow-credentials
true
vary
Origin
hb
ssc.33across.com/api/v1/ 		66 B
642 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=bFQb0ON20r6RjGaKlId8sQ
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.4.152.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/ 33Across
Resource Hash
2c8e53a32e8386684c95a1f6f35d599ae9b70db72a124693a77af8931551023e

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 20 Apr 2021 07:23:14 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://babesinhairland.com
access-control-allow-credentials
true
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
479 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694ed0175757569cd8f4d621f0b3d&pos=babesinhairland.com_desktop_atf_300x250&cmd=bid&req=https%3A%2F%2Fbabesinhairland.com%2F&req(url)=https%3A%2F%2Fbabesinhairland.com%2F&secure=1
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
277f73f71ca0ad7284d5692e5d5efcccad6a721f9f61c41da5c141ee3d478e7a

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 20 Apr 2021 07:23:14 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://babesinhairland.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
479 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694ed0175757569cd8f4d621f0b3d&pos=babesinhairland.com_desktop_atf_300x600&cmd=bid&req=https%3A%2F%2Fbabesinhairland.com%2F&req(url)=https%3A%2F%2Fbabesinhairland.com%2F&secure=1
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
5cc0e548f20050a35a221b5db2818e9e8c285af9c04470b2d0a46d5ff287aa4e

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 20 Apr 2021 07:23:14 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://babesinhairland.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
479 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694ed0175757569cd8f4d621f0b3d&pos=babesinhairland.com_desktop_atf_160x600&cmd=bid&req=https%3A%2F%2Fbabesinhairland.com%2F&req(url)=https%3A%2F%2Fbabesinhairland.com%2F&secure=1
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
22fcc44b0bccf4dfeec16bf65e04f0ec4297a26c520da19410f3480bc1cd5853

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 20 Apr 2021 07:23:14 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://babesinhairland.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
bottom-center-default-global.json
cmp-cdn.cookielaw.org/consent/bottom-center-default-global/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmp-cdn.cookielaw.org/consent/bottom-center-default-global/bottom-center-default-global.json
Requested by
Host: cmp-cdn.cookielaw.org
URL: https://cmp-cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8cd5a36d529b5f6a615bb91c1db7804e803fa6c9844b58f991410ce13993316b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 20 Apr 2021 07:23:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-md5
tXBT16ktnX7ktreh09r26A==
cf-request-id
098fc281f400002c3a16357000000001
x-ms-lease-status
unlocked
last-modified
Fri, 05 Feb 2021 17:34:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
191d2534-501e-001e-2ab6-35380e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
cf-ray
642ca04989982c3a-FRA
bottom-center-default-global.json
cmp-cdn.cookielaw.org/consent/bottom-center-default-global/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmp-cdn.cookielaw.org/consent/bottom-center-default-global/bottom-center-default-global.json
Requested by
Host: cmp-cdn.cookielaw.org
URL: https://cmp-cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8cd5a36d529b5f6a615bb91c1db7804e803fa6c9844b58f991410ce13993316b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 20 Apr 2021 07:23:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-md5
tXBT16ktnX7ktreh09r26A==
cf-request-id
098fc281f600002c3a35a90000000001
x-ms-lease-status
unlocked
last-modified
Fri, 05 Feb 2021 17:34:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
f437d3c4-f01e-0038-79b6-357016000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
cf-ray
642ca049899b2c3a-FRA
bottom-center-default-global.json
cmp-cdn.cookielaw.org/consent/bottom-center-default-global/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmp-cdn.cookielaw.org/consent/bottom-center-default-global/bottom-center-default-global.json
Requested by
Host: cmp-cdn.cookielaw.org
URL: https://cmp-cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8cd5a36d529b5f6a615bb91c1db7804e803fa6c9844b58f991410ce13993316b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 20 Apr 2021 07:23:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-md5
tXBT16ktnX7ktreh09r26A==
cf-request-id
098fc281f600002c3a0ba99000000001
x-ms-lease-status
unlocked
last-modified
Fri, 05 Feb 2021 17:34:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
d127f9b9-801e-0040-4ab6-35d3ee000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
cf-ray
642ca049899d2c3a-FRA
bottom-center-default-global.json
cmp-cdn.cookielaw.org/consent/bottom-center-default-global/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmp-cdn.cookielaw.org/consent/bottom-center-default-global/bottom-center-default-global.json
Requested by
Host: cmp-cdn.cookielaw.org
URL: https://cmp-cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8cd5a36d529b5f6a615bb91c1db7804e803fa6c9844b58f991410ce13993316b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 20 Apr 2021 07:23:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-md5
tXBT16ktnX7ktreh09r26A==
cf-request-id
098fc281f700002c3aee926000000001
x-ms-lease-status
unlocked
last-modified
Fri, 05 Feb 2021 17:34:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
46ffcaec-801e-001d-45b6-35d96a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
cf-ray
642ca04989a12c3a-FRA
otBannerSdk.js
cmp-cdn.cookielaw.org/scripttemplates/6.13.0/ 		366 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp-cdn.cookielaw.org/scripttemplates/6.13.0/otBannerSdk.js
Requested by
Host: cmp-cdn.cookielaw.org
URL: https://cmp-cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3e760afd8b413ecb7bd30370d4e5e2bfd5a847e8dc2c0f0e39d7621eba92c4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 20 Apr 2021 07:23:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
2hymstrqSFu7c4C3tsoodg==
age
897
cf-polished
origSize=374787
last-modified
Fri, 05 Feb 2021 17:39:17 GMT
vary
Accept-Encoding
cf-request-id
098fc2821f00002badd822c000000001
x-ms-lease-status
unlocked
cf-bgj
minify
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
434e5d5f-201e-002b-21e5-fb541a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
cf-ray
642ca049cfa62bad-FRA
expires
Tue, 20 Apr 2021 11:23:14 GMT
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		197 B
257 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cmp-cdn.cookielaw.org
URL: https://cmp-cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b25aa5eb92fee08d51add083e5c4fa22516e9d1ab61179734fbb1e27fb7f8063
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:14 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
642ca049d9a42c4a-FRA
cf-request-id
098fc2822300002c4af4b08000000001
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		197 B
257 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cmp-cdn.cookielaw.org
URL: https://cmp-cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b25aa5eb92fee08d51add083e5c4fa22516e9d1ab61179734fbb1e27fb7f8063
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:14 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
642ca049f9dd2c4a-FRA
cf-request-id
098fc2823700002c4ad5226000000001
en.json
cmp-cdn.cookielaw.org/consent/bottom-center-default-global/d3a41f70-70b4-4dcf-8a71-84c30d7fbc6c/ 		37 KB
10 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cmp-cdn.cookielaw.org/consent/bottom-center-default-global/d3a41f70-70b4-4dcf-8a71-84c30d7fbc6c/en.json
Requested by
Host: cmp-cdn.cookielaw.org
URL: https://cmp-cdn.cookielaw.org/scripttemplates/6.13.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dbafb4fa88edf10e79c8a8361b4eb2f365b5d5af700354e140af131ed2bcd208
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 20 Apr 2021 07:23:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-md5
6aAZFzb6UKpVDwi1VwLGeA==
cf-request-id
098fc2824600002c3a4e044000000001
x-ms-lease-status
unlocked
last-modified
Fri, 05 Feb 2021 17:34:07 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
49a153ce-401e-0060-24b6-35a849000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
cf-ray
642ca04a0ace2c3a-FRA
iab2Data.json
cdn.cookielaw.org/vendorlist/ 		241 KB
34 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/vendorlist/iab2Data.json
Requested by
Host: cmp-cdn.cookielaw.org
URL: https://cmp-cdn.cookielaw.org/scripttemplates/6.13.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1629917fd28fa6bb5444260b3aadb823992794ccd366e98c71c70076de433419
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 20 Apr 2021 07:23:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
D/8bNn1WfA9YvMG31KczTA==
age
970
vary
Accept-Encoding
content-length
34026
cf-request-id
098fc2824a00002c3a0909a000000001
x-ms-lease-status
unlocked
last-modified
Tue, 20 Apr 2021 06:50:57 GMT
server
cloudflare
etag
0x8D903C8A68E8145
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
77470a11-e01e-013e-55b3-352892000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
642ca04a0adb2c3a-FRA
otTCF.js
cmp-cdn.cookielaw.org/scripttemplates/6.13.0/ 		67 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp-cdn.cookielaw.org/scripttemplates/6.13.0/otTCF.js
Requested by
Host: cmp-cdn.cookielaw.org
URL: https://cmp-cdn.cookielaw.org/scripttemplates/6.13.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a394d231cf4239d223b519366211f838236e4a3c2b76037e013bf8dabd43a749
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 20 Apr 2021 07:23:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
KgOdlQGhgiHAfAnDQiJaFQ==
age
944
cf-polished
origSize=68680
last-modified
Fri, 05 Feb 2021 17:39:14 GMT
vary
Accept-Encoding
cf-request-id
098fc2824600002badc6102000000001
x-ms-lease-status
unlocked
cf-bgj
minify
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
1622a196-001e-002c-17a4-2c3879000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
cf-ray
642ca04a081e2bad-FRA
expires
Tue, 20 Apr 2021 11:23:14 GMT
services
g2.gumgum.com/zones/7ce595b2/ 		424 B
897 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/zones/7ce595b2/services?dp=https%3A%2F%2Fbabesinhairland.com%2F&pu=https%3A%2F%2Fbabesinhairland.com%2F&ogu=https%3A%2F%2Fbabesinhairland.com%2F&rf=&r=3.82.7&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A2%2C%22ren%22%3A2%2C%22fc%22%3A0%2C%22ctx%22%3A%5B2%5D%2C%22jsv%22%3A%223.82.7%22%2C%22pbv%22%3A%220.0.0%22%7D&ns=9830&bf=9817fedb5be462d49a60039995f085b2f602fcc6&ce=true&fs=false&dpr=1&sch=1200&scw=1600&lt=1618903394904&to=-120&vpii=false&vph=1200&vpw=1600&gdprApplies=0
Requested by
Host: js.gumgum.com
URL: https://js.gumgum.com/services.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.72.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-72-47.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
82564739dc8134f4f80a955969b27252ae98d88147fcaea20ccd8a612b4f8231

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 20 Apr 2021 07:23:14 GMT
content-encoding
gzip
server
nginx
etag
W/"0453596721876a36e5300b11a78437cdc"
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://babesinhairland.com
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
otBannerSdk.js
cmp-cdn.cookielaw.org/scripttemplates/6.13.0/ 		366 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp-cdn.cookielaw.org/scripttemplates/6.13.0/otBannerSdk.js
Requested by
Host: cmp-cdn.cookielaw.org
URL: https://cmp-cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3e760afd8b413ecb7bd30370d4e5e2bfd5a847e8dc2c0f0e39d7621eba92c4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 20 Apr 2021 07:23:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
2hymstrqSFu7c4C3tsoodg==
age
897
cf-polished
origSize=374787
last-modified
Fri, 05 Feb 2021 17:39:17 GMT
vary
Accept-Encoding
cf-request-id
098fc2825f00002badeb273000000001
x-ms-lease-status
unlocked
cf-bgj
minify
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
434e5d5f-201e-002b-21e5-fb541a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
cf-ray
642ca04a385d2bad-FRA
expires
Tue, 20 Apr 2021 11:23:14 GMT
auction
prebid.adnxs.com/pbs/v1/ 		57 B
405 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.adnxs.com/pbs/v1/auction
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.252.161.190 Shepherds Bush, United Kingdom, ASN29990 (ASN-APPNEX, US),
Reverse DNS
prebid.ams1.adnexus.net
Software
nginx/1.19.0 /
Resource Hash
326504a785a2ef7de18eaba88656f28f55e7b7eeb8a940c265cff232b68a2bd9

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 20 Apr 2021 07:23:14 GMT
Server
nginx/1.19.0
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://babesinhairland.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
57
Expires
0
prebid
ads.yieldmo.com/exchange/ 		0
226 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=4.33.0&p=%5B%7B%22placement_id%22%3A%22mmt-80284279-b7da-4f76-b2aa-5bea9f07f95b%22%2C%22callback_id%22%3A%2210608f63ae14be73%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%2C%5B160%2C600%5D%5D%2C%22ym_placement_id%22%3A%222568922370718770014%22%7D%5D&page_url=https%3A%2F%2Fbabesinhairland.com%2F&bust=1618903394932&pr=https%3A%2F%2Fbabesinhairland.com%2F&scrd=1&dnt=false&description=Making%20the%20world%20a%20prettier%20place%20~%20One%20head%20of%20hair%20at%20a%20time!&title=Babes%20In%20Hairland%20-%20Making%20the%20world%20a%20prettier%20place%20~%20One%20head%20of%20hair%20at%20a%20time!&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%227517a629-baa3-4516-93c8-2f929a29d754%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.74.153.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-74-153-15.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://babesinhairland.com
pragma
no-cache
date
Tue, 20 Apr 2021 07:23:14 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
translator
hbopenbid.pubmatic.com/ 		0
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://babesinhairland.com
date
Tue, 20 Apr 2021 07:23:13 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
hb
ssc.33across.com/api/v1/ 		67 B
636 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=bFQb0ON20r6RjGaKlId8sQ
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.4.152.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/ 33Across
Resource Hash
10c208996555e867923a5bf28dc860df1d99d8f0ec12d8debe7cdb63e91d65c0

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 20 Apr 2021 07:23:14 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://babesinhairland.com
access-control-allow-credentials
true
prebid_display
display.bfmio.com/ 		138 B
568 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://display.bfmio.com/prebid_display
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.243.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-243-141.compute-1.amazonaws.com
Software
/
Resource Hash
eb72596ff941865104cb4a616de0342bffae3ed2b43873aeb940d3d32d7aab32
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Vary
Accept-Encoding, User-Agent
Content-Type
text/plain;charset=iso-8859-1
Access-Control-Allow-Origin
https://babesinhairland.com
Access-Control-Expose-Headers
location
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
147
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.167.149 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://babesinhairland.com
date
Tue, 20 Apr 2021 07:23:14 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.167.149 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://babesinhairland.com
date
Tue, 20 Apr 2021 07:23:14 GMT
access-control-allow-credentials
true
vary
Origin
prebid
ib.adnxs.com/ut/v3/ 		19 B
715 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.178 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
824.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 20 Apr 2021 07:23:14 GMT
X-Proxy-Origin
82.102.18.114; 82.102.18.114; 824.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.107:80
AN-X-Request-Uuid
6026b9a1-d68c-4211-8462-d0288b23a9b3
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://babesinhairland.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
imp
g2.gumgum.com/hbid/ 		2 B
359 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=95544&pi=3&bf=300x250%2C300x600%2C160x600&schain=1.0%2C1!monumetric.com%2C7517a629-baa3-4516-93c8-2f929a29d754%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fbabesinhairland.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.33.0%22%7D&ogu=https%3A%2F%2Fbabesinhairland.com%2F&ns=9830
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.72.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-72-47.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:14 GMT
content-type
application/json;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://babesinhairland.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
content-length
2
expires
0
imp
g2.gumgum.com/hbid/ 		2 B
359 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=95542&pi=3&bf=300x250%2C300x600%2C160x600&schain=1.0%2C1!monumetric.com%2C7517a629-baa3-4516-93c8-2f929a29d754%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fbabesinhairland.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.33.0%22%7D&ogu=https%3A%2F%2Fbabesinhairland.com%2F&ns=9830
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.72.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-72-47.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:14 GMT
content-type
application/json;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://babesinhairland.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
content-length
2
expires
0
imp
g2.gumgum.com/hbid/ 		2 B
359 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=95545&pi=3&bf=300x250%2C300x600%2C160x600&schain=1.0%2C1!monumetric.com%2C7517a629-baa3-4516-93c8-2f929a29d754%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fbabesinhairland.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.33.0%22%7D&ogu=https%3A%2F%2Fbabesinhairland.com%2F&ns=9830
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.72.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-72-47.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:14 GMT
content-type
application/json;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://babesinhairland.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
content-length
2
expires
0
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
479 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694ed0175757569cd8f4d621f0b3d&pos=babesinhairland.com_desktop_atf_300x250&cmd=bid&req=https%3A%2F%2Fbabesinhairland.com%2F&req(url)=https%3A%2F%2Fbabesinhairland.com%2F&secure=1
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
06024719e6fc9f5301fd594ca0a11531f05b614e3cdc2cb529dae236edd3802a

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 20 Apr 2021 07:23:15 GMT
Server
ATS/7.1.2.128
Age
1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://babesinhairland.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
479 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694ed0175757569cd8f4d621f0b3d&pos=babesinhairland.com_desktop_atf_300x600&cmd=bid&req=https%3A%2F%2Fbabesinhairland.com%2F&req(url)=https%3A%2F%2Fbabesinhairland.com%2F&secure=1
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
e913699c81ef24d6eefbf5e3a66dcc21b6668211b4f77442c8f302144d8f8357

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 20 Apr 2021 07:23:15 GMT
Server
ATS/7.1.2.128
Age
1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://babesinhairland.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
479 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694ed0175757569cd8f4d621f0b3d&pos=babesinhairland.com_desktop_atf_160x600&cmd=bid&req=https%3A%2F%2Fbabesinhairland.com%2F&req(url)=https%3A%2F%2Fbabesinhairland.com%2F&secure=1
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
309bd02330efee1918ad8b53c4b03311946b36fc8cda689eadc78cb393790eac

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 20 Apr 2021 07:23:15 GMT
Server
ATS/7.1.2.128
Age
1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://babesinhairland.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
trinity.json
apex.go.sonobi.com/ 		140 B
695 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22129d01fe2d2b0cdb%22%3A%22177369c437c672237248%7C300x250%2C300x600%2C160x600%22%2C%221301941c0e457aec%22%3A%22dcc4cd9596e80d497120%7C300x250%2C300x600%2C160x600%22%2C%22131a40a28daa8dc8%22%3A%22d23fc2fbe929165f22f9%7C300x250%2C300x600%2C160x600%22%7D&ref=https%3A%2F%2Fbabesinhairland.com%2F&s=1b6453ca-bfa8-4d9f-8b27-fba9d81b1ffc&pv=5233cdfb-38a5-45a7-bf77-fc444e55ae39&vp=desktop&lib_name=prebid&lib_v=4.33.0&us=5&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%227517a629-baa3-4516-93c8-2f929a29d754%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
cb593a6e6068dcfc7ce077d3d56abe9132df9ef8dc522c20b3ff4aea80aa39b8
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 20 Apr 2021 07:23:15 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://babesinhairland.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
165
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
bid
ap.lijit.com/rtb/ 		25 B
761 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.33.0
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx /
Resource Hash
cbdad3d67118021621550eb7d9faf5f04b12f3803403f77faac8778da2267ef8

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 20 Apr 2021 07:23:14 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://babesinhairland.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
v1
dmx.districtm.io/b/ 		0
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 20 Apr 2021 07:23:14 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
https://babesinhairland.com
access-control-allow-credentials
true
cf-ray
642ca04a785b32c4-CDG
access-control-allow-headers
Content-Type, Origin
cf-request-id
098fc28286000032c4988ea000000001
arj
bloggernetwork-d.openx.net/w/1.0/ 		174 B
356 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bloggernetwork-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fbabesinhairland.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=9535bd2c-fda2-4eb9-993f-a385a1eef701&nocache=1618903394942&schain=1.0%2C1!monumetric.com%2C7517a629-baa3-4516-93c8-2f929a29d754%2C1%2C%2C%2C&aus=300x250%2C300x600%2C160x600&divIds=mmt-80284279-b7da-4f76-b2aa-5bea9f07f95b&auid=539370378
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
240c9c58d543a7898fa192bd3cea7953925f6c9bc7e7021cf9c85492aca89aae

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:15 GMT
content-encoding
gzip
server
OXGW/16.205.4
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://babesinhairland.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
164
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
en.json
cmp-cdn.cookielaw.org/consent/bottom-center-default-global/d3a41f70-70b4-4dcf-8a71-84c30d7fbc6c/ 		37 KB
9 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cmp-cdn.cookielaw.org/consent/bottom-center-default-global/d3a41f70-70b4-4dcf-8a71-84c30d7fbc6c/en.json
Requested by
Host: cmp-cdn.cookielaw.org
URL: https://cmp-cdn.cookielaw.org/scripttemplates/6.13.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dbafb4fa88edf10e79c8a8361b4eb2f365b5d5af700354e140af131ed2bcd208
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 20 Apr 2021 07:23:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-md5
6aAZFzb6UKpVDwi1VwLGeA==
cf-request-id
098fc2829300002c3a24229000000001
x-ms-lease-status
unlocked
last-modified
Fri, 05 Feb 2021 17:34:07 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
46ffcb21-801e-001d-77b6-35d96a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
cf-ray
642ca04a8bbd2c3a-FRA
iab2Data.json
cdn.cookielaw.org/vendorlist/ 		241 KB
33 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/vendorlist/iab2Data.json
Requested by
Host: cmp-cdn.cookielaw.org
URL: https://cmp-cdn.cookielaw.org/scripttemplates/6.13.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1629917fd28fa6bb5444260b3aadb823992794ccd366e98c71c70076de433419
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 20 Apr 2021 07:23:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
D/8bNn1WfA9YvMG31KczTA==
age
970
vary
Accept-Encoding
content-length
34026
cf-request-id
098fc2829300002c3a2832a000000001
x-ms-lease-status
unlocked
last-modified
Tue, 20 Apr 2021 06:50:57 GMT
server
cloudflare
etag
0x8D903C8A68E8145
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
77470a11-e01e-013e-55b3-352892000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
642ca04a8bc02c3a-FRA
otTCF.js
cmp-cdn.cookielaw.org/scripttemplates/6.13.0/ 		67 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp-cdn.cookielaw.org/scripttemplates/6.13.0/otTCF.js
Requested by
Host: cmp-cdn.cookielaw.org
URL: https://cmp-cdn.cookielaw.org/scripttemplates/6.13.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a394d231cf4239d223b519366211f838236e4a3c2b76037e013bf8dabd43a749
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 20 Apr 2021 07:23:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
KgOdlQGhgiHAfAnDQiJaFQ==
age
944
cf-polished
origSize=68680
last-modified
Fri, 05 Feb 2021 17:39:14 GMT
vary
Accept-Encoding
cf-request-id
098fc2829300002badeda78000000001
x-ms-lease-status
unlocked
cf-bgj
minify
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
1622a196-001e-002c-17a4-2c3879000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
cf-ray
642ca04a88df2bad-FRA
expires
Tue, 20 Apr 2021 11:23:14 GMT
otFlat.json
cmp-cdn.cookielaw.org/scripttemplates/6.13.0/assets/ 		12 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cmp-cdn.cookielaw.org/scripttemplates/6.13.0/assets/otFlat.json
Requested by
Host: cmp-cdn.cookielaw.org
URL: https://cmp-cdn.cookielaw.org/scripttemplates/6.13.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8388718f670ddb4c773f542fef40257fd020ae066966c2ca33b0814eab04a74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 20 Apr 2021 07:23:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-md5
IQRggZnL4QDFwfiXP8gbfQ==
content-length
2822
cf-request-id
098fc282c900002c3a2b17a000000001
x-ms-lease-status
unlocked
last-modified
Fri, 05 Feb 2021 17:39:03 GMT
server
cloudflare
etag
0x8D8C9FCEDFA3E76
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
8e0a3fd6-d01e-0000-6db6-35d4d6000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
cf-ray
642ca04adc412c3a-FRA
otPcCenter.json
cmp-cdn.cookielaw.org/scripttemplates/6.13.0/assets/v2/ 		47 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cmp-cdn.cookielaw.org/scripttemplates/6.13.0/assets/v2/otPcCenter.json
Requested by
Host: cmp-cdn.cookielaw.org
URL: https://cmp-cdn.cookielaw.org/scripttemplates/6.13.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c604b3a9a3f1464144a15ce0ae7853500a51074eafb1e6ab4221e29a9986813a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 20 Apr 2021 07:23:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-md5
6SSYYj+cvj/lp8HQvP6bVA==
content-length
11379
cf-request-id
098fc282ca00002c3a1e0ac000000001
x-ms-lease-status
unlocked
last-modified
Fri, 05 Feb 2021 17:39:05 GMT
server
cloudflare
etag
0x8D8C9FCEF4A85A1
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
49a153fe-401e-0060-54b6-35a849000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
cf-ray
642ca04adc432c3a-FRA
otCookieSettingsButton.json
cmp-cdn.cookielaw.org/scripttemplates/6.13.0/assets/ 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cmp-cdn.cookielaw.org/scripttemplates/6.13.0/assets/otCookieSettingsButton.json
Requested by
Host: cmp-cdn.cookielaw.org
URL: https://cmp-cdn.cookielaw.org/scripttemplates/6.13.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd44041e27f78770fced39f58e54ff661a452abda8f8541577caed06934f813d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 20 Apr 2021 07:23:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-md5
CaGQ5l/lz/RAB/LfzD6w5A==
content-length
2178
cf-request-id
098fc282ce00002c3a5da10000000001
x-ms-lease-status
unlocked
last-modified
Fri, 05 Feb 2021 17:39:05 GMT
server
cloudflare
etag
0x8D8C9FCEF05A5C6
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
d127fa18-801e-0040-1db6-35d3ee000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
cf-ray
642ca04adc452c3a-FRA
inscreen
g2.gumgum.com/ 		521 B
737 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/inscreen?pu=https%3A%2F%2Fbabesinhairland.com%2F&ogu=https%3A%2F%2Fbabesinhairland.com%2F&rf=&pv=4834b171-798b-47f3-bf5e-4d94fb1d6a1a&r=3.82.7&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A2%2C%22ren%22%3A2%2C%22fc%22%3A0%2C%22ctx%22%3A%5B2%5D%2C%22jsv%22%3A%223.82.7%22%2C%22pbv%22%3A%220.0.0%22%7D&ns=9830&bf=9817fedb5be462d49a60039995f085b2f602fcc6&ce=true&fs=false&dpr=1&sch=1200&scw=1600&lt=1618903395023&to=-120&vpii=false&vph=1200&vpw=1600&t=7ce595b2&gdprApplies=1&gdprConsent=CPE8Q3ePE8Q3eAcABBENBWCgAAAAAH_AACiQAAAPaAJMNS-ACzEscGSaNKoUQIQrCQ6AUAFFCMLRNYQMrgp2VwEeoIGACE1ARgRAgxBRiwCAAQCAJCIgJADwQCIAiAQAAgBUgIQAEbAILACwMAgAFANCxAigCECQgyOCo5TAgIkWignsrAEou9jTCEMosAKBR_RUYCJQggWBkIAA.YAAAD_gAAAAA&sqc=1
Requested by
Host: js.gumgum.com
URL: https://js.gumgum.com/services.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.72.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-72-47.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
ee013a777bad8f043c20fe4551913efc95ac398751c32c367d171737bc338dd0

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 20 Apr 2021 07:23:15 GMT
content-encoding
gzip
server
nginx
etag
W/"059324d46317f6a733d5690f0d3e47a93"
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://babesinhairland.com
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
p2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/p?c1=8&c2=15039634&c3=16&c4=7ce595b2&c7=https%3A%2F%2Fbabesinhairland.com%2F&c8=Babes%20In%20Hairland%20-%20Making%20the%20world%20a%20prettier%20place%20~%20One%20...
  • https://sb.scorecardresearch.com/p2?c1=8&c2=15039634&c3=16&c4=7ce595b2&c7=https%3A%2F%2Fbabesinhairland.com%2F&c8=Babes%20In%20Hairland%20-%20Making%20the%20world%20a%20prettier%20place%20~%20One%2...
64 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p2?c1=8&c2=15039634&c3=16&c4=7ce595b2&c7=https%3A%2F%2Fbabesinhairland.com%2F&c8=Babes%20In%20Hairland%20-%20Making%20the%20world%20a%20prettier%20place%20~%20One%20head%20of%20hair%20at%20a%20time!&c9=&cv=2.0&cj=1&ns__t=1618903395026
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-122.zrh50.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:15 GMT
via
1.1 7245e91891539560c1f484b1e46159c9.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
GttQqwFxvaYFkEXhcixfbSv6E1u50uxGUPkQVF40q_5IGY31NduByg==

Redirect headers

date
Tue, 20 Apr 2021 07:23:15 GMT
via
1.1 7245e91891539560c1f484b1e46159c9.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/p2?c1=8&c2=15039634&c3=16&c4=7ce595b2&c7=https%3A%2F%2Fbabesinhairland.com%2F&c8=Babes%20In%20Hairland%20-%20Making%20the%20world%20a%20prettier%20place%20~%20One%20head%20of%20hair%20at%20a%20time!&c9=&cv=2.0&cj=1&ns__t=1618903395026
content-length
289
x-amz-cf-id
2gUov0FnkeWTlRgZ4NGLDaQBxqSRBA_McG7IH6U3aWJYJdel_25VWQ==
auction
prebid.adnxs.com/pbs/v1/ 		57 B
405 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.adnxs.com/pbs/v1/auction
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.252.161.190 Shepherds Bush, United Kingdom, ASN29990 (ASN-APPNEX, US),
Reverse DNS
prebid.ams1.adnexus.net
Software
nginx/1.19.0 /
Resource Hash
326504a785a2ef7de18eaba88656f28f55e7b7eeb8a940c265cff232b68a2bd9

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 20 Apr 2021 07:23:15 GMT
Server
nginx/1.19.0
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://babesinhairland.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
57
Expires
0
arj
bloggernetwork-d.openx.net/w/1.0/ 		174 B
356 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bloggernetwork-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fbabesinhairland.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=25b0d9ed-5362-43aa-8cee-1dabd2c9534e&nocache=1618903395031&schain=1.0%2C1!monumetric.com%2C7517a629-baa3-4516-93c8-2f929a29d754%2C1%2C%2C%2C&aus=728x90&divIds=mmt-df98e700-2954-4a18-a169-750c006510ee&auid=539370378
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4be5686fb4401f38ea8da68d6aaaf4a041a5ce1d98e32eeabc720b2c08b63742

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:15 GMT
content-encoding
gzip
server
OXGW/16.205.4
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://babesinhairland.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
164
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
imp
g2.gumgum.com/hbid/ 		434 B
697 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?t=7ce595b2&pi=2&schain=1.0%2C1!monumetric.com%2C7517a629-baa3-4516-93c8-2f929a29d754%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fbabesinhairland.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.33.0%22%7D&ogu=https%3A%2F%2Fbabesinhairland.com%2F&ns=9830
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.72.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-72-47.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
ef97fc267aeec903e7663ad7cee3f64c55faf9ef03a6b0a8364401361fcf0222

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:15 GMT
content-encoding
gzip
server
nginx
timing-allow-origin
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://babesinhairland.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
expires
0
prebid_display
display.bfmio.com/ 		138 B
568 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://display.bfmio.com/prebid_display
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.243.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-243-141.compute-1.amazonaws.com
Software
/
Resource Hash
d43a266832b78e29d07468eb3dd8f82d6cf97b1aed3ec5f35dd01410efec3136
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Vary
Accept-Encoding, User-Agent
Content-Type
text/plain;charset=iso-8859-1
Access-Control-Allow-Origin
https://babesinhairland.com
Access-Control-Expose-Headers
location
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
147
hb
ssc.33across.com/api/v1/ 		67 B
639 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=bFQb0ON20r6RjGaKlId8sQ
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.4.152.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/ 33Across
Resource Hash
459505ae58f3d08592e3ad684b6b933267771a6194e69899e5f0f2a59f92a6ad

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 20 Apr 2021 07:23:15 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://babesinhairland.com
access-control-allow-credentials
true
trinity.json
apex.go.sonobi.com/ 		96 B
651 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22151cf35f3dc00b4c%22%3A%224038e93c4d4c13bc38d7%7C728x90%22%7D&ref=https%3A%2F%2Fbabesinhairland.com%2F&s=ecdcd2d1-6c10-49cf-b586-bc03d602463b&pv=5233cdfb-38a5-45a7-bf77-fc444e55ae39&vp=desktop&lib_name=prebid&lib_v=4.33.0&us=5&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%227517a629-baa3-4516-93c8-2f929a29d754%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
76a3570939ecf98ef0ae1a7fccbb5487ee729bdea733d6520c90f99e293b587b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 20 Apr 2021 07:23:15 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://babesinhairland.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
121
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
v1
dmx.districtm.io/b/ 		0
191 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 20 Apr 2021 07:23:15 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
https://babesinhairland.com
access-control-allow-credentials
true
cf-ray
642ca04b098232c4-CDG
access-control-allow-headers
Content-Type, Origin
cf-request-id
098fc282e2000032c4f5285000000001
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
479 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694ed0175757569cd8f4d621f0b3d&pos=babesinhairland.com_desktop_atf_728x90&cmd=bid&req=https%3A%2F%2Fbabesinhairland.com%2F&req(url)=https%3A%2F%2Fbabesinhairland.com%2F&secure=1
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
536fd36e9fce9d909a2631404c5631e65a0a3f329475f0bb5141d11a1193e5d1

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 20 Apr 2021 07:23:15 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://babesinhairland.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
prebid
ads.yieldmo.com/exchange/ 		0
226 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=4.33.0&p=%5B%7B%22placement_id%22%3A%22mmt-df98e700-2954-4a18-a169-750c006510ee%22%2C%22callback_id%22%3A%22157043f0992af60a%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222568922370718770014%22%7D%5D&page_url=https%3A%2F%2Fbabesinhairland.com%2F&bust=1618903395034&pr=https%3A%2F%2Fbabesinhairland.com%2F&scrd=1&dnt=false&description=Making%20the%20world%20a%20prettier%20place%20~%20One%20head%20of%20hair%20at%20a%20time!&title=Babes%20In%20Hairland%20-%20Making%20the%20world%20a%20prettier%20place%20~%20One%20head%20of%20hair%20at%20a%20time!&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%227517a629-baa3-4516-93c8-2f929a29d754%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.74.153.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-74-153-15.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://babesinhairland.com
pragma
no-cache
date
Tue, 20 Apr 2021 07:23:15 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
prebid
ib.adnxs.com/ut/v3/ 		19 B
714 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.178 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
824.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 20 Apr 2021 07:23:15 GMT
X-Proxy-Origin
82.102.18.114; 82.102.18.114; 824.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.43:80
AN-X-Request-Uuid
7cb27104-ca11-433e-a94e-7e08211171be
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://babesinhairland.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://babesinhairland.com
date
Tue, 20 Apr 2021 07:23:14 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bid
ap.lijit.com/rtb/ 		25 B
761 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.33.0
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx /
Resource Hash
6848e153bdec172d05c7356959586c952d1ce7813c7e37bd82fd41c745ecc63d

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 20 Apr 2021 07:23:15 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://babesinhairland.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
otFlat.json
cmp-cdn.cookielaw.org/scripttemplates/6.13.0/assets/ 		12 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cmp-cdn.cookielaw.org/scripttemplates/6.13.0/assets/otFlat.json
Requested by
Host: cmp-cdn.cookielaw.org
URL: https://cmp-cdn.cookielaw.org/scripttemplates/6.13.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8388718f670ddb4c773f542fef40257fd020ae066966c2ca33b0814eab04a74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 20 Apr 2021 07:23:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-md5
IQRggZnL4QDFwfiXP8gbfQ==
content-length
2822
cf-request-id
098fc2832100002c3a4b9a3000000001
x-ms-lease-status
unlocked
last-modified
Fri, 05 Feb 2021 17:39:03 GMT
server
cloudflare
etag
0x8D8C9FCEDFA3E76
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
b4377cad-601e-002a-57b6-350bc6000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
cf-ray
642ca04b6d472c3a-FRA
otPcCenter.json
cmp-cdn.cookielaw.org/scripttemplates/6.13.0/assets/v2/ 		47 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cmp-cdn.cookielaw.org/scripttemplates/6.13.0/assets/v2/otPcCenter.json
Requested by
Host: cmp-cdn.cookielaw.org
URL: https://cmp-cdn.cookielaw.org/scripttemplates/6.13.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c604b3a9a3f1464144a15ce0ae7853500a51074eafb1e6ab4221e29a9986813a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 20 Apr 2021 07:23:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-md5
6SSYYj+cvj/lp8HQvP6bVA==
content-length
11379
cf-request-id
098fc2832200002c3a1e0b3000000001
x-ms-lease-status
unlocked
last-modified
Fri, 05 Feb 2021 17:39:05 GMT
server
cloudflare
etag
0x8D8C9FCEF4A85A1
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
49a1541d-401e-0060-6eb6-35a849000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
cf-ray
642ca04b6d4a2c3a-FRA
otCookieSettingsButton.json
cmp-cdn.cookielaw.org/scripttemplates/6.13.0/assets/ 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cmp-cdn.cookielaw.org/scripttemplates/6.13.0/assets/otCookieSettingsButton.json
Requested by
Host: cmp-cdn.cookielaw.org
URL: https://cmp-cdn.cookielaw.org/scripttemplates/6.13.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd44041e27f78770fced39f58e54ff661a452abda8f8541577caed06934f813d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 20 Apr 2021 07:23:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-md5
CaGQ5l/lz/RAB/LfzD6w5A==
content-length
2178
cf-request-id
098fc2832300002c3a4e054000000001
x-ms-lease-status
unlocked
last-modified
Fri, 05 Feb 2021 17:39:05 GMT
server
cloudflare
etag
0x8D8C9FCEF05A5C6
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
af5ff98b-301e-0045-6fb6-350135000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
cf-ray
642ca04b6d4e2c3a-FRA
quant.js
secure.quantserve.com/ Frame 439F 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2546655864072944e9422c8b24897b097652a4af2c499ae9cdd91a25f34abcff

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:15 GMT
content-encoding
gzip
etag
"9RlLmuIKdNbmR7Vwrq8Y0A=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Tue, 27 Apr 2021 07:23:15 GMT
auction
prebid.adnxs.com/pbs/v1/ 		57 B
405 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.adnxs.com/pbs/v1/auction
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.252.161.190 Shepherds Bush, United Kingdom, ASN29990 (ASN-APPNEX, US),
Reverse DNS
prebid.ams1.adnexus.net
Software
nginx/1.19.0 /
Resource Hash
326504a785a2ef7de18eaba88656f28f55e7b7eeb8a940c265cff232b68a2bd9

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 20 Apr 2021 07:23:15 GMT
Server
nginx/1.19.0
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://babesinhairland.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
57
Expires
0
v1
dmx.districtm.io/b/ 		0
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 20 Apr 2021 07:23:15 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
https://babesinhairland.com
access-control-allow-credentials
true
cf-ray
642ca04bab0232c4-CDG
access-control-allow-headers
Content-Type, Origin
cf-request-id
098fc2834b000032c4d29ee000000001
hb
ssc.33across.com/api/v1/ 		67 B
639 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=bFQb0ON20r6RjGaKlId8sQ
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.4.152.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/ 33Across
Resource Hash
1600c12e923d3bec3aa5719266d28dac34303edb4b8ebc86c25514200c34c25e

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 20 Apr 2021 07:23:15 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://babesinhairland.com
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		19 B
715 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.178 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
824.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 20 Apr 2021 07:23:15 GMT
X-Proxy-Origin
82.102.18.114; 82.102.18.114; 824.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.183:80
AN-X-Request-Uuid
58fc0a8f-6384-49fd-9e49-ac61ad64b566
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://babesinhairland.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
ap.lijit.com/rtb/ 		25 B
761 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.33.0
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx /
Resource Hash
18fc909cd3b3944e9e10d8e26b8c08742a4b290746e2a0a45f36651310afbbc0

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 20 Apr 2021 07:23:15 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://babesinhairland.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
prebid_display
display.bfmio.com/ 		138 B
568 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://display.bfmio.com/prebid_display
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.243.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-243-141.compute-1.amazonaws.com
Software
/
Resource Hash
6258053189ddb43ce622348756b727d9042a495f31815e5b418d660269dd550d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Vary
Accept-Encoding, User-Agent
Content-Type
text/plain;charset=iso-8859-1
Access-Control-Allow-Origin
https://babesinhairland.com
Access-Control-Expose-Headers
location
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
147
prebid
ads.yieldmo.com/exchange/ 		0
226 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=4.33.0&p=%5B%7B%22placement_id%22%3A%22mmt-b6ca773d-eea7-4536-92fe-b03c0d8e826c%22%2C%22callback_id%22%3A%221780f25e09a3058e%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B160%2C600%5D%5D%2C%22ym_placement_id%22%3A%222568922370718770014%22%7D%5D&page_url=https%3A%2F%2Fbabesinhairland.com%2F&bust=1618903395141&pr=https%3A%2F%2Fbabesinhairland.com%2F&scrd=1&dnt=false&description=Making%20the%20world%20a%20prettier%20place%20~%20One%20head%20of%20hair%20at%20a%20time!&title=Babes%20In%20Hairland%20-%20Making%20the%20world%20a%20prettier%20place%20~%20One%20head%20of%20hair%20at%20a%20time!&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%227517a629-baa3-4516-93c8-2f929a29d754%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.74.153.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-74-153-15.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://babesinhairland.com
pragma
no-cache
date
Tue, 20 Apr 2021 07:23:15 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
479 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694ed0175757569cd8f4d621f0b3d&pos=babesinhairland.com_desktop_atf_300x250&cmd=bid&req=https%3A%2F%2Fbabesinhairland.com%2F&req(url)=https%3A%2F%2Fbabesinhairland.com%2F&secure=1
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
a9b874cc1668933031fde1d26385f91c083774b69474799fd68c50751895387f

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 20 Apr 2021 07:23:15 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://babesinhairland.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
479 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694ed0175757569cd8f4d621f0b3d&pos=babesinhairland.com_desktop_atf_160x600&cmd=bid&req=https%3A%2F%2Fbabesinhairland.com%2F&req(url)=https%3A%2F%2Fbabesinhairland.com%2F&secure=1
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
d5b02ad83fb8c1bec5d552653827fb624d7bfffb7391d48e9871839fad69b138

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 20 Apr 2021 07:23:15 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://babesinhairland.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
arj
bloggernetwork-d.openx.net/w/1.0/ 		173 B
359 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bloggernetwork-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fbabesinhairland.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=9e4842cb-4f55-42de-b220-8657cb9a291e&nocache=1618903395142&schain=1.0%2C1!monumetric.com%2C7517a629-baa3-4516-93c8-2f929a29d754%2C1%2C%2C%2C&aus=300x250%2C160x600&divIds=mmt-b6ca773d-eea7-4536-92fe-b03c0d8e826c&auid=539370378
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
b2cd84ae2af44bab20188e286cc002649a57459102ed6607bd350863aed7f02d

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:15 GMT
content-encoding
gzip
server
OXGW/16.205.4
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://babesinhairland.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
163
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
trinity.json
apex.go.sonobi.com/ 		118 B
673 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2218515e7c05053508%22%3A%22177369c437c672237248%7C300x250%2C160x600%22%2C%22186d4f97170884b4%22%3A%22dcc4cd9596e80d497120%7C300x250%2C160x600%22%7D&ref=https%3A%2F%2Fbabesinhairland.com%2F&s=345803d3-6be0-4678-abe8-87de4fe9d947&pv=5233cdfb-38a5-45a7-bf77-fc444e55ae39&vp=desktop&lib_name=prebid&lib_v=4.33.0&us=5&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%227517a629-baa3-4516-93c8-2f929a29d754%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
4befc79d544863747def8dc5e2617a95002a1621509cadb8d53a58ca30be7a3b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 20 Apr 2021 07:23:15 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://babesinhairland.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
143
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://babesinhairland.com
date
Tue, 20 Apr 2021 07:23:14 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
imp
g2.gumgum.com/hbid/ 		2 B
359 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?pv=fcb8ba34-3dc6-4af6-a5e1-3290b7fcc496&si=95544&pi=3&bf=300x250%2C160x600&schain=1.0%2C1!monumetric.com%2C7517a629-baa3-4516-93c8-2f929a29d754%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fbabesinhairland.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.33.0%22%7D&ogu=https%3A%2F%2Fbabesinhairland.com%2F&ns=9830
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.72.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-72-47.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:15 GMT
content-type
application/json;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://babesinhairland.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
content-length
2
expires
0
imp
g2.gumgum.com/hbid/ 		2 B
359 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?pv=fcb8ba34-3dc6-4af6-a5e1-3290b7fcc496&si=95542&pi=3&bf=300x250%2C160x600&schain=1.0%2C1!monumetric.com%2C7517a629-baa3-4516-93c8-2f929a29d754%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fbabesinhairland.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.33.0%22%7D&ogu=https%3A%2F%2Fbabesinhairland.com%2F&ns=9830
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.72.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-72-47.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:15 GMT
content-type
application/json;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://babesinhairland.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
content-length
2
expires
0
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.167.149 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://babesinhairland.com
date
Tue, 20 Apr 2021 07:23:15 GMT
access-control-allow-credentials
true
vary
Origin
truncated
/ 		817 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
cmp-features.js
cmp-cdn.cookielaw.org/consent/cmp-features/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp-cdn.cookielaw.org/consent/cmp-features/cmp-features.js
Requested by
Host: babesinhairland.com
URL: https://babesinhairland.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
358a6fb3a6bbdcfd11f73307f4b23453770b4e1a0d49205d240fe4ca4593733f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 20 Apr 2021 07:23:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
9u6YIWGeNVQg6qhQV2zLqg==
age
884
last-modified
Fri, 05 Feb 2021 17:34:27 GMT
vary
Accept-Encoding
cf-request-id
098fc2839700002badfa897000000001
x-ms-lease-status
unlocked
cf-bgj
minify
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
e744273e-f01e-0017-362c-047ddd000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
cf-ray
642ca04c2bae2bad-FRA
expires
Tue, 20 Apr 2021 11:23:15 GMT
rules-p-00TsOkvHvnsZU.js
rules.quantcount.com/ Frame 439F 		3 B
349 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-00TsOkvHvnsZU.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:e600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 17:12:57 GMT
via
1.1 7e81b1a3e22ce96cdfb0b6c2db121d58.cloudfront.net (CloudFront)
last-modified
Sat, 04 Mar 2017 19:30:30 GMT
server
AmazonS3
age
51019
etag
"8a80554c91d9fca8acb82f023de02f11"
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-length
3
x-amz-cf-id
Z_hoRHAw6IhH0f_T7b4Xu5K5zmneekEwU9d6EKvFQLJeAZS0bZ6JGQ==
index.html
cdn.districtm.io/ids/ Frame 954A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/index.html
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
cdn.districtm.io
:scheme
https
:path
/ids/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://babesinhairland.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://babesinhairland.com/

Response headers

date
Tue, 20 Apr 2021 07:23:18 GMT
set-cookie
__cfduid=d465822a33e867bf780021b75e123684f1618903398; expires=Thu, 20-May-21 07:23:18 GMT; path=/; domain=.districtm.io; HttpOnly; SameSite=Lax
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Origin
access-control-allow-methods
GET, HEAD, POST, OPTIONS
cf-request-id
098fc28ea4000032c4ab348000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
642ca05ddb2932c4-CDG
pd
eu-u.openx.net/w/1.0/ Frame 5498
Redirect Chain
  • https://eu-u.openx.net/w/1.0/pd?plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
1007 B
862 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
56da3cccbac1e5b6991d50c18d85e0c3f6dda1a72d2342f65d55d7c17dc9b36d

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://babesinhairland.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=904ca688-b77c-0f22-1436-54c65939d3a4|1618903398
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://babesinhairland.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=904ca688-b77c-0f22-1436-54c65939d3a4|1618903398; Version=1; Expires=Wed, 20-Apr-2022 07:23:18 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1618903398|mOgegqnskin0vNomiygu; Version=1; Expires=Wed, 05-May-2021 07:23:18 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.205.4
p3p
CP="CUR ADM OUR NOR STA NID"
date
Tue, 20 Apr 2021 07:23:18 GMT
content-type
text/html
content-length
544
content-encoding
gzip
via
1.1 google
alt-svc
clear

Redirect headers

timing-allow-origin
*
set-cookie
i=904ca688-b77c-0f22-1436-54c65939d3a4|1618903398; Version=1; Expires=Wed, 20-Apr-2022 07:23:18 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.205.4
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
date
Tue, 20 Apr 2021 07:23:18 GMT
content-length
0
via
1.1 google
alt-svc
clear
pd
eu-u.openx.net/w/1.0/ Frame 854F
Redirect Chain
  • https://eu-u.openx.net/w/1.0/pd?plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
1007 B
858 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
813080814dc93b4e86e617bd9f073a02d69974d3dd1dedf79ea0b0e8237f83d9

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://babesinhairland.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=fb95ab63-a30c-0b32-1f8a-4f293ee84346|1618903398
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://babesinhairland.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=fb95ab63-a30c-0b32-1f8a-4f293ee84346|1618903398; Version=1; Expires=Wed, 20-Apr-2022 07:23:18 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1618903398|mOgegqnskin0vNomiygu; Version=1; Expires=Wed, 05-May-2021 07:23:18 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.205.4
p3p
CP="CUR ADM OUR NOR STA NID"
date
Tue, 20 Apr 2021 07:23:18 GMT
content-type
text/html
content-length
548
content-encoding
gzip
via
1.1 google
alt-svc
clear

Redirect headers

set-cookie
i=fb95ab63-a30c-0b32-1f8a-4f293ee84346|1618903398; Version=1; Expires=Wed, 20-Apr-2022 07:23:18 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.205.4
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
date
Tue, 20 Apr 2021 07:23:18 GMT
content-length
0
via
1.1 google
alt-svc
clear
index.html
cdn.districtm.io/ids/ Frame D56A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/index.html
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
cdn.districtm.io
:scheme
https
:path
/ids/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://babesinhairland.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://babesinhairland.com/

Response headers

date
Tue, 20 Apr 2021 07:23:18 GMT
set-cookie
__cfduid=d465822a33e867bf780021b75e123684f1618903398; expires=Thu, 20-May-21 07:23:18 GMT; path=/; domain=.districtm.io; HttpOnly; SameSite=Lax
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Origin
access-control-allow-methods
GET, HEAD, POST, OPTIONS
cf-request-id
098fc28ea6000032c49c93d000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
642ca05ddb3032c4-CDG
showad.js
ads.pubmatic.com/AdServer/js/ Frame 4A4A 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-200.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://babesinhairland.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://babesinhairland.com/

Response headers

Last-Modified
Wed, 14 Apr 2021 09:18:30 GMT
ETag
"13006b6-98c2-5bfeb3aef82b4"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14060
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=127640
Expires
Wed, 21 Apr 2021 18:50:38 GMT
Date
Tue, 20 Apr 2021 07:23:18 GMT
Connection
keep-alive
Vary
Accept-Encoding
/
ssc-cms.33across.com/ps/ Frame 13D7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=bFQb0ON20r6RjGaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.171 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip171.208-100-17.static.steadfastdns.net
Software
33XP001 /
Resource Hash

Request headers

:method
GET
:authority
ssc-cms.33across.com
:scheme
https
:path
/ps/?m=xch&rt=html&ru=deb&id=bFQb0ON20r6RjGaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://babesinhairland.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://babesinhairland.com/

Response headers

x-33x-status
2000208
server
33XP001
date
Tue, 20 Apr 2021 07:23:18 GMT
Cookie set sync_iframe
sync.bfmio.com/ Frame 2ABD 		217 B
548 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.bfmio.com/sync_iframe?ifpl=5&ifg=1&id=Monumetric+-+Display+-+Header+Bidding&gdpr=0&gc=&gce=1&cb=1618903395038
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.208.200.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-208-200-8.compute-1.amazonaws.com
Software
/
Resource Hash
f09593a5c4b13894ea7f0a65c055c35d2acd4a3168573d6566627cfc48bf1c0a

Request headers

Host
sync.bfmio.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://babesinhairland.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://babesinhairland.com/

Response headers

Access-Control-Allow-Origin
*
Content-Type
text/html
Date
Tue, 20 Apr 2021 07:23:17 GMT
Set-Cookie
__io_cid=e4868105ec66d9d0209e387d42e9487a4e333554; Domain=.bfmio.com; Max-Age=31536000; Expires=Wed, 20-Apr-2022 03:23:18 GMT-0400; Path=/; SameSite=None; Secure
Content-Length
217
Connection
keep-alive
Cookie set sync_iframe
sync.bfmio.com/ Frame C2D6 		217 B
548 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.bfmio.com/sync_iframe?ifpl=5&ifg=1&id=Monumetric+-+Display+-+Header+Bidding&gdpr=0&gc=&gce=1&cb=1618903394941
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.208.200.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-208-200-8.compute-1.amazonaws.com
Software
/
Resource Hash
f09593a5c4b13894ea7f0a65c055c35d2acd4a3168573d6566627cfc48bf1c0a

Request headers

Host
sync.bfmio.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://babesinhairland.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://babesinhairland.com/

Response headers

Access-Control-Allow-Origin
*
Content-Type
text/html
Date
Tue, 20 Apr 2021 07:23:18 GMT
Set-Cookie
__io_cid=6b6b046dee3e10559777ffaff58b43bbc42783f2; Domain=.bfmio.com; Max-Age=31536000; Expires=Wed, 20-Apr-2022 03:23:18 GMT-0400; Path=/; SameSite=None; Secure
Content-Length
217
Connection
keep-alive
Cookie set sync_iframe
sync.bfmio.com/ Frame BFEB 		217 B
548 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.bfmio.com/sync_iframe?ifpl=5&ifg=1&id=Monumetric+-+Display+-+Header+Bidding&gdpr=0&gc=&gce=1&cb=1618903395033
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.208.200.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-208-200-8.compute-1.amazonaws.com
Software
/
Resource Hash
f09593a5c4b13894ea7f0a65c055c35d2acd4a3168573d6566627cfc48bf1c0a

Request headers

Host
sync.bfmio.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://babesinhairland.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://babesinhairland.com/

Response headers

Access-Control-Allow-Origin
*
Content-Type
text/html
Date
Tue, 20 Apr 2021 07:23:17 GMT
Set-Cookie
__io_cid=cdade7b77f65e017519a7609d277ba5af87ff834; Domain=.bfmio.com; Max-Age=31536000; Expires=Wed, 20-Apr-2022 03:23:18 GMT-0400; Path=/; SameSite=None; Secure
Content-Length
217
Connection
keep-alive
/
ssc-cms.33across.com/ps/ Frame 3251 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=bFQb0ON20r6RjGaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.171 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip171.208-100-17.static.steadfastdns.net
Software
33XP003 /
Resource Hash

Request headers

:method
GET
:authority
ssc-cms.33across.com
:scheme
https
:path
/ps/?m=xch&rt=html&ru=deb&id=bFQb0ON20r6RjGaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://babesinhairland.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://babesinhairland.com/

Response headers

x-33x-status
2000208
server
33XP003
date
Tue, 20 Apr 2021 07:23:17 GMT
showad.js
ads.pubmatic.com/AdServer/js/ Frame 87F1 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-200.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://babesinhairland.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://babesinhairland.com/

Response headers

Last-Modified
Wed, 14 Apr 2021 09:18:30 GMT
ETag
"13006b6-98c2-5bfeb3aef82b4"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14060
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=127640
Expires
Wed, 21 Apr 2021 18:50:38 GMT
Date
Tue, 20 Apr 2021 07:23:18 GMT
Connection
keep-alive
Vary
Accept-Encoding
index.html
cdn.districtm.io/ids/ Frame B07C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/index.html
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
cdn.districtm.io
:scheme
https
:path
/ids/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://babesinhairland.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://babesinhairland.com/

Response headers

date
Tue, 20 Apr 2021 07:23:18 GMT
set-cookie
__cfduid=d465822a33e867bf780021b75e123684f1618903398; expires=Thu, 20-May-21 07:23:18 GMT; path=/; domain=.districtm.io; HttpOnly; SameSite=Lax
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Origin
access-control-allow-methods
GET, HEAD, POST, OPTIONS
cf-request-id
098fc28eae000032c4dbb5f000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
642ca05deb4f32c4-CDG
index.html
cdn.districtm.io/ids/ Frame 70D0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/index.html
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
cdn.districtm.io
:scheme
https
:path
/ids/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://babesinhairland.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://babesinhairland.com/

Response headers

date
Tue, 20 Apr 2021 07:23:18 GMT
set-cookie
__cfduid=d465822a33e867bf780021b75e123684f1618903398; expires=Thu, 20-May-21 07:23:18 GMT; path=/; domain=.districtm.io; HttpOnly; SameSite=Lax
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Origin
access-control-allow-methods
GET, HEAD, POST, OPTIONS
cf-request-id
098fc28eaf000032c4f5397000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
642ca05deb5432c4-CDG
pd
eu-u.openx.net/w/1.0/ Frame 4729
Redirect Chain
  • https://eu-u.openx.net/w/1.0/pd?plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
1007 B
860 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
14001e918311ce8762f0c8beeaec3f72abbe0b410eaa4ddf5dc99549dd99d7ff

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://babesinhairland.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=9b5e2f7d-29cd-0c54-0f79-3e4991518331|1618903398
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://babesinhairland.com/

Response headers

vary
Accept, Accept-Encoding
timing-allow-origin
*
set-cookie
i=9b5e2f7d-29cd-0c54-0f79-3e4991518331|1618903398; Version=1; Expires=Wed, 20-Apr-2022 07:23:18 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1618903398|mOgegqnskin0vNomiygu; Version=1; Expires=Wed, 05-May-2021 07:23:18 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.205.4
p3p
CP="CUR ADM OUR NOR STA NID"
date
Tue, 20 Apr 2021 07:23:18 GMT
content-type
text/html
content-length
549
content-encoding
gzip
via
1.1 google
alt-svc
clear

Redirect headers

set-cookie
i=9b5e2f7d-29cd-0c54-0f79-3e4991518331|1618903398; Version=1; Expires=Wed, 20-Apr-2022 07:23:18 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.205.4
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
date
Tue, 20 Apr 2021 07:23:18 GMT
content-length
0
via
1.1 google
alt-svc
clear
Cookie set sync_iframe
sync.bfmio.com/ Frame F3F8 		217 B
548 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.bfmio.com/sync_iframe?ifpl=5&ifg=1&id=Monumetric+-+Display+-+Header+Bidding&gdpr=0&gc=&gce=1&cb=1618903395136
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.208.200.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-208-200-8.compute-1.amazonaws.com
Software
/
Resource Hash
f09593a5c4b13894ea7f0a65c055c35d2acd4a3168573d6566627cfc48bf1c0a

Request headers

Host
sync.bfmio.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://babesinhairland.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://babesinhairland.com/

Response headers

Access-Control-Allow-Origin
*
Content-Type
text/html
Date
Tue, 20 Apr 2021 07:23:18 GMT
Set-Cookie
__io_cid=c4fe23988510feb44839024369514dfa41c160d3; Domain=.bfmio.com; Max-Age=31536000; Expires=Wed, 20-Apr-2022 03:23:18 GMT-0400; Path=/; SameSite=None; Secure
Content-Length
217
Connection
keep-alive
Cookie set sync_iframe
sync.bfmio.com/ Frame EB8C 		217 B
548 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.bfmio.com/sync_iframe?ifpl=5&ifg=1&id=Monumetric+-+Display+-+Header+Bidding&gdpr=0&gc=&gce=1&cb=1618903394934
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.208.200.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-208-200-8.compute-1.amazonaws.com
Software
/
Resource Hash
f09593a5c4b13894ea7f0a65c055c35d2acd4a3168573d6566627cfc48bf1c0a

Request headers

Host
sync.bfmio.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://babesinhairland.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://babesinhairland.com/

Response headers

Access-Control-Allow-Origin
*
Content-Type
text/html
Date
Tue, 20 Apr 2021 07:23:17 GMT
Set-Cookie
__io_cid=156350a2ca6afb5b68641d8b2fd94af5db8f55d0; Domain=.bfmio.com; Max-Age=31536000; Expires=Wed, 20-Apr-2022 03:23:18 GMT-0400; Path=/; SameSite=None; Secure
Content-Length
217
Connection
keep-alive
showad.js
ads.pubmatic.com/AdServer/js/ Frame 3137 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-200.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://babesinhairland.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://babesinhairland.com/

Response headers

Last-Modified
Wed, 14 Apr 2021 09:18:30 GMT
ETag
"13006b6-98c2-5bfeb3aef82b4"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14060
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=127640
Expires
Wed, 21 Apr 2021 18:50:38 GMT
Date
Tue, 20 Apr 2021 07:23:18 GMT
Connection
keep-alive
Vary
Accept-Encoding
pd
eu-u.openx.net/w/1.0/ Frame 564A
Redirect Chain
  • https://eu-u.openx.net/w/1.0/pd?plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
1007 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
97c31fc5cef2602a8bbb2ed337aae275ceee2515c4c61073e11d95322f46747a

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://babesinhairland.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=aa6c1572-dd27-0cec-0903-2bdf35c058c7|1618903398
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://babesinhairland.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=aa6c1572-dd27-0cec-0903-2bdf35c058c7|1618903398; Version=1; Expires=Wed, 20-Apr-2022 07:23:18 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1618903398|mOgegqnskin0vNomiygu; Version=1; Expires=Wed, 05-May-2021 07:23:18 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.205.4
p3p
CP="CUR ADM OUR NOR STA NID"
date
Tue, 20 Apr 2021 07:23:18 GMT
content-type
text/html
content-length
545
content-encoding
gzip
via
1.1 google
alt-svc
clear

Redirect headers

timing-allow-origin
*
set-cookie
i=aa6c1572-dd27-0cec-0903-2bdf35c058c7|1618903398; Version=1; Expires=Wed, 20-Apr-2022 07:23:18 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.205.4
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
date
Tue, 20 Apr 2021 07:23:18 GMT
content-length
0
via
1.1 google
alt-svc
clear
showad.js
ads.pubmatic.com/AdServer/js/ Frame 6768 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-200.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://babesinhairland.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://babesinhairland.com/

Response headers

Last-Modified
Wed, 14 Apr 2021 09:18:30 GMT
ETag
"13006b6-98c2-5bfeb3aef82b4"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14060
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=127640
Expires
Wed, 21 Apr 2021 18:50:38 GMT
Date
Tue, 20 Apr 2021 07:23:18 GMT
Connection
keep-alive
Vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 40DB 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-200.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://babesinhairland.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://babesinhairland.com/

Response headers

Last-Modified
Wed, 14 Apr 2021 09:18:30 GMT
ETag
"13006b6-98c2-5bfeb3aef82b4"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14060
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=127640
Expires
Wed, 21 Apr 2021 18:50:38 GMT
Date
Tue, 20 Apr 2021 07:23:18 GMT
Connection
keep-alive
Vary
Accept-Encoding
/
ssc-cms.33across.com/ps/ Frame 945C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=bFQb0ON20r6RjGaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.171 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip171.208-100-17.static.steadfastdns.net
Software
33XP002 /
Resource Hash

Request headers

:method
GET
:authority
ssc-cms.33across.com
:scheme
https
:path
/ps/?m=xch&rt=html&ru=deb&id=bFQb0ON20r6RjGaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://babesinhairland.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://babesinhairland.com/

Response headers

x-33x-status
2000208
server
33XP002
date
Tue, 20 Apr 2021 07:23:18 GMT
index.html
cdn.districtm.io/ids/ Frame 3BD9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/index.html
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
cdn.districtm.io
:scheme
https
:path
/ids/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://babesinhairland.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://babesinhairland.com/

Response headers

date
Tue, 20 Apr 2021 07:23:18 GMT
set-cookie
__cfduid=d465822a33e867bf780021b75e123684f1618903398; expires=Thu, 20-May-21 07:23:18 GMT; path=/; domain=.districtm.io; HttpOnly; SameSite=Lax
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Origin
access-control-allow-methods
GET, HEAD, POST, OPTIONS
cf-request-id
098fc28eb5000032c4da0e3000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
642ca05deb6832c4-CDG
pd
eu-u.openx.net/w/1.0/ Frame E3B9
Redirect Chain
  • https://eu-u.openx.net/w/1.0/pd?plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
1007 B
851 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/7/5/17a629-baa3-4516-93c8-2f929a29d754.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
682e69e1daaf4ec5066eddd2dc0d46ac9b579c354843729d82d040a99ba7cf94

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://babesinhairland.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=81e200b2-ecbb-0d19-3379-4595b6364ee2|1618903398
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://babesinhairland.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=81e200b2-ecbb-0d19-3379-4595b6364ee2|1618903398; Version=1; Expires=Wed, 20-Apr-2022 07:23:18 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1618903398|mOgegqnskin0vNomiygu; Version=1; Expires=Wed, 05-May-2021 07:23:18 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.205.4
p3p
CP="CUR ADM OUR NOR STA NID"
date
Tue, 20 Apr 2021 07:23:18 GMT
content-type
text/html
content-length
545
content-encoding
gzip
via
1.1 google
alt-svc
clear

Redirect headers

set-cookie
i=81e200b2-ecbb-0d19-3379-4595b6364ee2|1618903398; Version=1; Expires=Wed, 20-Apr-2022 07:23:18 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.205.4
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
date
Tue, 20 Apr 2021 07:23:18 GMT
content-length
0
via
1.1 google
alt-svc
clear
3.gif
id5-sync.com/cq/441/124/7/
Redirect Chain
  • https://id5-sync.com/s/441/9.gif?puid=e_b77e7704-3f48-4cd2-8a23-2a4910c06b1d&gdpr=1&gdpr_consent=
  • https://id5-sync.com/c/441/441/9/1.gif?puid=e_b77e7704-3f48-4cd2-8a23-2a4910c06b1d&gdpr=1&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F108%2F8%2F2.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_con...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F108%2F8%2F2.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gd...
  • https://id5-sync.com/c/441/108/8/2.gif?puid=4746f671-a1a9-11eb-93df-36fd58919319&gdpr=1&gdpr_consent=
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMON0tT39D-jr5PEsarfiqqSPPIx416l7lI6KtKzA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F7%2F3.gif%3Fpuid%3D...
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMON0tT39D-jr5PEsarfiqqSPPIx416l7lI6KtKzA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F7%2F3.gif%3Fp...
  • https://id5-sync.com/cq/441/124/7/3.gif?puid=18b47af7-07b6-4591-ab0b-783706c57f38&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/cq/441/124/7/3.gif?puid=18b47af7-07b6-4591-ab0b-783706c57f38&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.109.186 , France, ASN16276 (OVH, FR),
Reverse DNS
p06.id5-sync.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://babesinhairland.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 20 Apr 2021 07:23:18 GMT
Transfer-Encoding
chunked
Content-Type
image/gif;charset=UTF-8
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"

Redirect headers

location
https://id5-sync.com/cq/441/124/7/3.gif?puid=18b47af7-07b6-4591-ab0b-783706c57f38&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
date
Tue, 20 Apr 2021 07:23:19 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
d727ff95-8e57-a29c-7f37-8adbc2492d10
pr-bh.ybp.yahoo.com/sync/openx/ Frame 5498 		43 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/d727ff95-8e57-a29c-7f37-8adbc2492d10?gdpr=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:18 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 5498
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=vaDbDUvj1LyKJ85
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=vaDbDUvj1LyKJ85
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:18 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 20 Apr 2021 07:23:17 GMT
Server
PingMatch/v2.0.30-639-g719035a#rel-ec2-master i-09324c87255a730c5@eu-central-1a@dxedge-app-eu-central-1-prod-asg
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=vaDbDUvj1LyKJ85
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 5498
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=openx
  • https://x.bidswitch.net/ul_cb/sync?ssp=openx
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_user_id=65d94fee-c511-45e9-b056-979136a5c0f5
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_user_id=65d94fee-c511-45e9-b056-979136a5c0f5
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=83e07eaf-79cf-435a-bd50-300514011123&ssp=openx
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=250&expires=14&user_id=83e07eaf-79cf-435a-bd50-300514011123&ssp=openx
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=1c9e1aec-402b-4c7f-a5f7-47f023c4b926
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072968&val=1c9e1aec-402b-4c7f-a5f7-47f023c4b926
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072968&val=1c9e1aec-402b-4c7f-a5f7-47f023c4b926
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:19 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072968&val=1c9e1aec-402b-4c7f-a5f7-47f023c4b926
date
Tue, 20 Apr 2021 07:23:19 GMT
via
1.1 google
server
OXGW/16.205.4
alt-svc
clear
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
adx
match.prod.bidr.io/cookie-sync/ Frame 5498
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ox
  • https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDNjhFN0FfUU1BQUNvTmxTb3RZdw&bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&b...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.220.102.114 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-220-102-114.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Tue, 20 Apr 2021 07:23:18 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:18 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
360
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 5498
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=d1b5607e-8165-4800-876d-ab101b7e2e87
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=d1b5607e-8165-4800-876d-ab101b7e2e87
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:18 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Tue, 20 Apr 2021 07:23:18 GMT
Server
MT3 3660 495c301 master zrh-pixel-x24
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=d1b5607e-8165-4800-876d-ab101b7e2e87
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 20 Apr 2021 07:23:17 GMT
sd
us-u.openx.net/w/1.0/ Frame 5498
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=Pc4R-jPPEKkmz0KtassLpzidF_0mmxKub8iabcN0
43 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=Pc4R-jPPEKkmz0KtassLpzidF_0mmxKub8iabcN0
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:18 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:18 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=Pc4R-jPPEKkmz0KtassLpzidF_0mmxKub8iabcN0
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 5498
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7164652902387813826
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7164652902387813826
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:18 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:18 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7164652902387813826
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame 5498 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=43e099d1-1efb-30d5-4ee0-9c2e3d1ee059&gdpr=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.21.254 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-21-254.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:18 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 5498
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NmY4ZjRhMWItZDc4Yy02ZTcxLTViMDAtYzY5N2Y3ZmMyZTM5
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NmY4ZjRhMWItZDc4Yy02ZTcxLTViMDAtYzY5N2Y3ZmMyZTM5&google_tc=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NmY4ZjRhMWItZDc4Yy02ZTcxLTViMDAtYzY5N2Y3ZmMyZTM5&google_tc=
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:18 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NmY4ZjRhMWItZDc4Yy02ZTcxLTViMDAtYzY5N2Y3ZmMyZTM5&google_tc=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 5498
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGcCrvsOWuZHVT3qlItpIlc&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGcCrvsOWuZHVT3qlItpIlc&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:18 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:18 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGcCrvsOWuZHVT3qlItpIlc&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bcfef27e-9a27-a68c-748b-9134a598bdf2
pr-bh.ybp.yahoo.com/sync/openx/ Frame 854F 		43 B
554 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/bcfef27e-9a27-a68c-748b-9134a598bdf2?gdpr=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:18 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 854F
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=XN8r8FS71LyKJ85
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=XN8r8FS71LyKJ85
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:18 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 20 Apr 2021 07:23:17 GMT
Server
PingMatch/v2.0.30-639-g719035a#rel-ec2-master i-0c15f6a621e7ffebe@eu-central-1b@dxedge-app-eu-central-1-prod-asg
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=XN8r8FS71LyKJ85
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 854F
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=openx
  • https://x.bidswitch.net/ul_cb/sync?ssp=openx
  • https://a.volvelle.tech/sync?ssp=bidswitch&bidswitch_ssp_id=openx
  • https://x.bidswitch.net/sync?dsp_id=190&expires=14&user_group=0&user_id=&ssp=openx
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=65d94fee-c511-45e9-b056-979136a5c0f5
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072968&val=65d94fee-c511-45e9-b056-979136a5c0f5
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:18 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
//us-u.openx.net/w/1.0/sd?id=537072968&val=65d94fee-c511-45e9-b056-979136a5c0f5
date
Tue, 20 Apr 2021 07:23:18 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
adx
match.prod.bidr.io/cookie-sync/ Frame 854F
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ox
  • https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDYzZFN0FfUU1BQUNvR2lwcVRXdw&bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&b...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.220.102.114 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-220-102-114.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Tue, 20 Apr 2021 07:23:18 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:18 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
360
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 854F
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=8f84607e-8165-4200-98f9-ba366b2f9f3c
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=8f84607e-8165-4200-98f9-ba366b2f9f3c
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:18 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Tue, 20 Apr 2021 07:23:18 GMT
Server
MT3 3660 495c301 master zrh-pixel-x12
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=8f84607e-8165-4200-98f9-ba366b2f9f3c
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 20 Apr 2021 07:23:17 GMT
sd
us-u.openx.net/w/1.0/ Frame 854F
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=Ji8jWyguIgg9LnAJJCY5CXUndg09LiwHIihHQQTW
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=Ji8jWyguIgg9LnAJJCY5CXUndg09LiwHIihHQQTW
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:18 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:18 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=Ji8jWyguIgg9LnAJJCY5CXUndg09LiwHIihHQQTW
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 854F
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=9016412892272324536
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=9016412892272324536
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:18 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:18 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=9016412892272324536
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame 854F 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=2839943a-0a8b-34c5-455c-87c15acf70bb&gdpr=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.21.254 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-21-254.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:18 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 854F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MDQ1NjQ3ZjAtYzNmYy02YTYxLTUwYmMtZGQ3ODkwMmRiZWRi
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MDQ1NjQ3ZjAtYzNmYy02YTYxLTUwYmMtZGQ3ODkwMmRiZWRi&google_tc=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MDQ1NjQ3ZjAtYzNmYy02YTYxLTUwYmMtZGQ3ODkwMmRiZWRi&google_tc=
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:18 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MDQ1NjQ3ZjAtYzNmYy02YTYxLTUwYmMtZGQ3ODkwMmRiZWRi&google_tc=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 854F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPzNImukdr39D1_MV83l7iU&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPzNImukdr39D1_MV83l7iU&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:18 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:18 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPzNImukdr39D1_MV83l7iU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc357660-10e6-a1ea-6478-e0540a217d85
pr-bh.ybp.yahoo.com/sync/openx/ Frame 4729 		43 B
555 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/dc357660-10e6-a1ea-6478-e0540a217d85?gdpr=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:18 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 4729
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=qH4qjuxX1LyKJ85
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=qH4qjuxX1LyKJ85
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:18 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 20 Apr 2021 07:23:17 GMT
Server
PingMatch/v2.0.30-639-g719035a#rel-ec2-master i-09324c87255a730c5@eu-central-1a@dxedge-app-eu-central-1-prod-asg
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=qH4qjuxX1LyKJ85
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 4729
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=openx
  • https://x.bidswitch.net/ul_cb/sync?ssp=openx
  • https://a.volvelle.tech/sync?ssp=bidswitch&bidswitch_ssp_id=openx
  • https://a.volvelle.tech/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=openx
  • https://x.bidswitch.net/sync?dsp_id=190&expires=14&user_group=1&user_id=ef022bc3-e12c-4b80-bda4-82aca5f2510e&ssp=openx
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=65d94fee-c511-45e9-b056-979136a5c0f5
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072968&val=65d94fee-c511-45e9-b056-979136a5c0f5
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:18 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
//us-u.openx.net/w/1.0/sd?id=537072968&val=65d94fee-c511-45e9-b056-979136a5c0f5
date
Tue, 20 Apr 2021 07:23:18 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
adx
match.prod.bidr.io/cookie-sync/ Frame 4729
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ox
  • https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCMWRrN0FfUU1BQUNtWmNhc25kQQ&bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&b...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.220.102.114 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-220-102-114.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Tue, 20 Apr 2021 07:23:18 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:18 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
360
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 4729
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=ad4b607e-8165-4500-a43e-aa303f5a6815
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=ad4b607e-8165-4500-a43e-aa303f5a6815
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:18 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Tue, 20 Apr 2021 07:23:18 GMT
Server
MT3 3660 495c301 master zrh-pixel-x27
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=ad4b607e-8165-4500-a43e-aa303f5a6815
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 20 Apr 2021 07:23:17 GMT
sd
us-u.openx.net/w/1.0/ Frame 4729
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=dRagbnsXoT1uF_E6JhO6OnIRpzhuHqA5cRC1VNw0
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=dRagbnsXoT1uF_E6JhO6OnIRpzhuHqA5cRC1VNw0
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:18 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:18 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=dRagbnsXoT1uF_E6JhO6OnIRpzhuHqA5cRC1VNw0
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 4729
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3961407956414391064
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3961407956414391064
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:18 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:18 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3961407956414391064
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame 4729 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=48f21024-804a-33a3-55af-f6a1f576b0cc&gdpr=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.21.254 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-21-254.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:18 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 4729
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjQ5ZGMzZWUtNDkzZC02ZDA3LTQwNGYtYWMxODNmOTQ3ZWFj
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjQ5ZGMzZWUtNDkzZC02ZDA3LTQwNGYtYWMxODNmOTQ3ZWFj&google_tc=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjQ5ZGMzZWUtNDkzZC02ZDA3LTQwNGYtYWMxODNmOTQ3ZWFj&google_tc=
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:18 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjQ5ZGMzZWUtNDkzZC02ZDA3LTQwNGYtYWMxODNmOTQ3ZWFj&google_tc=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 4729
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHke1hAnDIg27no6bHioNcU&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHke1hAnDIg27no6bHioNcU&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:18 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:18 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHke1hAnDIg27no6bHioNcU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ed074c6f-e40c-a152-6202-f5c2aeb0a673
pr-bh.ybp.yahoo.com/sync/openx/ Frame 564A 		43 B
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/ed074c6f-e40c-a152-6202-f5c2aeb0a673?gdpr=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:18 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 564A
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=qH4qjuxX1LyKJ85
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=qH4qjuxX1LyKJ85
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:18 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 20 Apr 2021 07:23:18 GMT
Server
PingMatch/v2.0.30-639-g719035a#rel-ec2-master i-013d87c18de960209@eu-central-1b@dxedge-app-eu-central-1-prod-asg
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=qH4qjuxX1LyKJ85
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 564A
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=openx
  • https://x.bidswitch.net/ul_cb/sync?ssp=openx
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=openx
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=openx
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=506f0f82-6202-45e3-af4b-50ec61ceaf8e&ssp=openx
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=65d94fee-c511-45e9-b056-979136a5c0f5
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072968&val=65d94fee-c511-45e9-b056-979136a5c0f5
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:18 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
//us-u.openx.net/w/1.0/sd?id=537072968&val=65d94fee-c511-45e9-b056-979136a5c0f5
date
Tue, 20 Apr 2021 07:23:18 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
adx
match.prod.bidr.io/cookie-sync/ Frame 564A
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ox
  • https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEcGYwN0FfUU1BQUNuSm5rVmN6dw&bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&b...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.220.102.114 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-220-102-114.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Tue, 20 Apr 2021 07:23:18 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:18 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
360
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 564A
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=6993607e-8165-4900-ae38-b45f2334a00b
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=6993607e-8165-4900-ae38-b45f2334a00b
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:18 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Tue, 20 Apr 2021 07:23:18 GMT
Server
MT3 3660 495c301 master zrh-pixel-x27
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=6993607e-8165-4900-ae38-b45f2334a00b
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 20 Apr 2021 07:23:17 GMT
sd
us-u.openx.net/w/1.0/ Frame 564A
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=Ji8jWyguIgg9LnAJJCY5CXUndg09LiwHIihHQQTW
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=Ji8jWyguIgg9LnAJJCY5CXUndg09LiwHIihHQQTW
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:18 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=Ji8jWyguIgg9LnAJJCY5CXUndg09LiwHIihHQQTW
pragma
no-cache
date
Tue, 20 Apr 2021 07:23:18 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 564A
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7393674990322772452
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7393674990322772452
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:18 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:18 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7393674990322772452
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame 564A 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=79c02a2b-74a0-331b-53d5-e33751e76b3a&gdpr=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.21.254 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-21-254.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:18 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 564A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NTVhZmY5ZTEtYmRkNy02ZGJmLTQ2MzUtYjk4ZTliMDVhNTVh
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NTVhZmY5ZTEtYmRkNy02ZGJmLTQ2MzUtYjk4ZTliMDVhNTVh&google_tc=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NTVhZmY5ZTEtYmRkNy02ZGJmLTQ2MzUtYjk4ZTliMDVhNTVh&google_tc=
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:18 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NTVhZmY5ZTEtYmRkNy02ZGJmLTQ2MzUtYjk4ZTliMDVhNTVh&google_tc=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 564A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMH0o8XeP5l9Q2LALNq8ZmU&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMH0o8XeP5l9Q2LALNq8ZmU&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:18 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:18 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMH0o8XeP5l9Q2LALNq8ZmU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
c68959af-d590-a0a7-5878-9b882d46b056
pr-bh.ybp.yahoo.com/sync/openx/ Frame E3B9 		43 B
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/c68959af-d590-a0a7-5878-9b882d46b056?gdpr=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:18 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame E3B9
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=1YJ7OjvR1LyKJ85
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=1YJ7OjvR1LyKJ85
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:18 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 20 Apr 2021 07:23:17 GMT
Server
PingMatch/v2.0.30-639-g719035a#rel-ec2-master i-0c15f6a621e7ffebe@eu-central-1b@dxedge-app-eu-central-1-prod-asg
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=1YJ7OjvR1LyKJ85
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame E3B9
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=openx
  • https://x.bidswitch.net/ul_cb/sync?ssp=openx
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dopenx
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dopenx
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=dcfa8e26-1e1e-4aaa-a74c-5b3842260970&ssp=openx
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=65d94fee-c511-45e9-b056-979136a5c0f5
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072968&val=65d94fee-c511-45e9-b056-979136a5c0f5
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:18 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
//us-u.openx.net/w/1.0/sd?id=537072968&val=65d94fee-c511-45e9-b056-979136a5c0f5
date
Tue, 20 Apr 2021 07:23:18 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
adx
match.prod.bidr.io/cookie-sync/ Frame E3B9
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ox
  • https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCZjlFN0FfUU1BQUNrSng1SVhGZw&bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&b...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.220.102.114 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-220-102-114.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Tue, 20 Apr 2021 07:23:18 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:18 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
360
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame E3B9
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=916c607e-8165-4f00-b235-a17cf35fe8f8
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=916c607e-8165-4f00-b235-a17cf35fe8f8
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:18 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Tue, 20 Apr 2021 07:23:18 GMT
Server
MT3 3660 495c301 master zrh-pixel-x15
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=916c607e-8165-4f00-b235-a17cf35fe8f8
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 20 Apr 2021 07:23:17 GMT
sd
us-u.openx.net/w/1.0/ Frame E3B9
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=Ji8jWyguIgg9LnAJJCY5CXUndg09LiwHIihHQQTW
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=Ji8jWyguIgg9LnAJJCY5CXUndg09LiwHIihHQQTW
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:18 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=Ji8jWyguIgg9LnAJJCY5CXUndg09LiwHIihHQQTW
pragma
no-cache
date
Tue, 20 Apr 2021 07:23:18 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame E3B9
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3438865930910268814
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3438865930910268814
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:18 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:18 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3438865930910268814
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame E3B9 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=524e3feb-453c-32ee-69af-8d7dd2117d1f&gdpr=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.21.254 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-21-254.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:18 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame E3B9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=N2UyMWVjMjEtOGM0Yi02YzRhLTdjNGYtZDdjNDE4ZjNiMzdm
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=N2UyMWVjMjEtOGM0Yi02YzRhLTdjNGYtZDdjNDE4ZjNiMzdm&google_tc=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=N2UyMWVjMjEtOGM0Yi02YzRhLTdjNGYtZDdjNDE4ZjNiMzdm&google_tc=
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:18 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=N2UyMWVjMjEtOGM0Yi02YzRhLTdjNGYtZDdjNDE4ZjNiMzdm&google_tc=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame E3B9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEA_q65783eBmKtg3QmmDzsQ&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEA_q65783eBmKtg3QmmDzsQ&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:18 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:18 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEA_q65783eBmKtg3QmmDzsQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 87F1 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=99614048&p=156972&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
c3a5a6d2d7b74441446305c6e0bf9dbe7c24a99fecb7f2e6ebe44901e06aac8d

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 20 Apr 2021 07:23:17 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
sync
sync.bfmio.com/ Frame 2ABD
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=rwuq9ny&ttd_tpi=1
  • https://sync.bfmio.com/sync?pid=106&uid=61027c95-652c-4081-a2d3-737ba1b5ce03
0
589 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=106&uid=61027c95-652c-4081-a2d3-737ba1b5ce03
Requested by
Host: sync.bfmio.com
URL: https://sync.bfmio.com/sync_iframe?ifpl=5&ifg=1&id=Monumetric+-+Display+-+Header+Bidding&gdpr=0&gc=&gce=1&cb=1618903395038
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.208.200.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-208-200-8.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sync.bfmio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Date
Tue, 20 Apr 2021 07:23:17 GMT

Redirect headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:18 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.bfmio.com/sync?pid=106&uid=61027c95-652c-4081-a2d3-737ba1b5ce03
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
183
sync
sync.bfmio.com/ Frame C2D6
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=rwuq9ny&ttd_tpi=1
  • https://sync.bfmio.com/sync?pid=106&uid=46e81a08-a754-4be9-b96e-e8163862e6dc
0
589 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=106&uid=46e81a08-a754-4be9-b96e-e8163862e6dc
Requested by
Host: sync.bfmio.com
URL: https://sync.bfmio.com/sync_iframe?ifpl=5&ifg=1&id=Monumetric+-+Display+-+Header+Bidding&gdpr=0&gc=&gce=1&cb=1618903394941
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.208.200.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-208-200-8.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sync.bfmio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Date
Tue, 20 Apr 2021 07:23:18 GMT

Redirect headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:18 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.bfmio.com/sync?pid=106&uid=46e81a08-a754-4be9-b96e-e8163862e6dc
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
183
sync
sync.bfmio.com/ Frame BFEB
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=rwuq9ny&ttd_tpi=1
  • https://sync.bfmio.com/sync?pid=106&uid=6c271d26-ee7c-4f60-a0f3-a17ed9d8cc71
0
589 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=106&uid=6c271d26-ee7c-4f60-a0f3-a17ed9d8cc71
Requested by
Host: sync.bfmio.com
URL: https://sync.bfmio.com/sync_iframe?ifpl=5&ifg=1&id=Monumetric+-+Display+-+Header+Bidding&gdpr=0&gc=&gce=1&cb=1618903395033
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.208.200.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-208-200-8.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sync.bfmio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Date
Tue, 20 Apr 2021 07:23:18 GMT

Redirect headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:18 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.bfmio.com/sync?pid=106&uid=6c271d26-ee7c-4f60-a0f3-a17ed9d8cc71
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
183
sync
sync.bfmio.com/ Frame F3F8
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=rwuq9ny&ttd_tpi=1
  • https://sync.bfmio.com/sync?pid=106&uid=6c271d26-ee7c-4f60-a0f3-a17ed9d8cc71
0
589 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=106&uid=6c271d26-ee7c-4f60-a0f3-a17ed9d8cc71
Requested by
Host: sync.bfmio.com
URL: https://sync.bfmio.com/sync_iframe?ifpl=5&ifg=1&id=Monumetric+-+Display+-+Header+Bidding&gdpr=0&gc=&gce=1&cb=1618903395136
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.208.200.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-208-200-8.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sync.bfmio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Date
Tue, 20 Apr 2021 07:23:18 GMT

Redirect headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:18 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.bfmio.com/sync?pid=106&uid=6c271d26-ee7c-4f60-a0f3-a17ed9d8cc71
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
183
sync
sync.bfmio.com/ Frame EB8C
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=rwuq9ny&ttd_tpi=1
  • https://sync.bfmio.com/sync?pid=106&uid=6c271d26-ee7c-4f60-a0f3-a17ed9d8cc71
0
589 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=106&uid=6c271d26-ee7c-4f60-a0f3-a17ed9d8cc71
Requested by
Host: sync.bfmio.com
URL: https://sync.bfmio.com/sync_iframe?ifpl=5&ifg=1&id=Monumetric+-+Display+-+Header+Bidding&gdpr=0&gc=&gce=1&cb=1618903394934
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.208.200.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-208-200-8.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sync.bfmio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Date
Tue, 20 Apr 2021 07:23:18 GMT

Redirect headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:18 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.bfmio.com/sync?pid=106&uid=6c271d26-ee7c-4f60-a0f3-a17ed9d8cc71
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
183
usersync.aspx
dis.criteo.com/dis/ Frame 307A 		43 B
284 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=99614048&p=156972&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method
GET
:authority
dis.criteo.com
:scheme
https
:path
/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache
pragma
no-cache
content-type
image/gif
expires
Tue, 20 Apr 2021 00:00:00 GMT
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks
1164
date
Tue, 20 Apr 2021 07:23:17 GMT
content-length
43
pubmatic
d5p.de17a.com/getuid/ Frame 0761 		35 B
134 B 		Document
General
Check archive.org
Download Go to
Full URL
https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=99614048&p=156972&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
213.155.156.183 , Sweden, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

:method
GET
:authority
d5p.de17a.com
:scheme
https
:path
/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

content-length
35
content-type
image/gif
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 87F1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=NQiL10nPSKy2B-Y_4-MGFA%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-200.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 20 Apr 2021 07:23:18 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"1300708-1f78-5b232eb4914bb"
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
max-age=172428
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/html; charset=UTF-8
Content-Length
2654
Expires
Thu, 22 Apr 2021 07:17:06 GMT

Redirect headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:18 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 87F1 		95 B
596 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=35088BD7-49CF-48AC-B607-E63FE3E30614
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:18 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
642ca0612e1b4e19-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
098fc290b600004e19bc92d000000001
info2
uipglob.semasio.net/pubmatic/1/ Frame 87F1
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=35088BD7-49CF-48AC-B607-E63FE3E30614&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=35088BD7-49CF-48AC-B607-E63FE3E30614&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=35088BD7-49CF-48AC-B607-E63FE3E30614&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:17 GMT
frontend-id
3
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:17 GMT
frontend-id
4
location
/pubmatic/1/info2?sType=sync&sExtCookieId=35088BD7-49CF-48AC-B607-E63FE3E30614&sInitiator=external&gdpr=0&gdpr_consent=
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
Artemis
aud.pubmatic.com/AdServer/ Frame 87F1
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=35088BD7-49CF-48AC-B607-E63FE3E30614&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=35088BD7-49CF-48AC-B607-E63FE3E30614&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=35088BD7-49CF-48AC-B607-E63FE3E30614&addseg=12,35,41
7 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=35088BD7-49CF-48AC-B607-E63FE3E30614&addseg=12,35,41
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.64.189.249 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 20 Apr 2021 07:23:21 GMT
Connection
keep-alive
Content-Length
7
Content-Type
text/plain; charset=utf-8

Redirect headers

date
Tue, 20 Apr 2021 07:23:21 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=35088BD7-49CF-48AC-B607-E63FE3E30614&addseg=12,35,41
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
141
Pug
image2.pubmatic.com/AdServer/ Frame 87F1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MzUwODhCRDctNDlDRi00OEFDLUI2MDctRTYzRkUzRTMwNjE0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 20 Apr 2021 07:23:17 GMT
X-lat
amspug015:0:347
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:18 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 87F1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPDsYiSp81RvcJozSAoZk_Q&google_cver=1
42 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPDsYiSp81RvcJozSAoZk_Q&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 20 Apr 2021 07:23:16 GMT
X-lat
amspug013:0:410
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:18 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPDsYiSp81RvcJozSAoZk_Q&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 87F1 		43 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
b7.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:19 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Mon, 19 Apr 2021 07:23:19 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 87F1
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=6c271d26-ee7c-4f60-a0f3-a17ed9d8cc71
42 B
882 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=6c271d26-ee7c-4f60-a0f3-a17ed9d8cc71
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 20 Apr 2021 07:23:17 GMT
X-lat
amspug020:0:614
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:18 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=6c271d26-ee7c-4f60-a0f3-a17ed9d8cc71
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
simage2.pubmatic.com/AdServer/ Frame 87F1
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3961407956414391064
42 B
801 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3961407956414391064
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 20 Apr 2021 07:23:18 GMT
X-lat
amspug009:0:415
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:18 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3961407956414391064
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 87F1
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:916c607e-8165-4f00-b235-a17cf35fe8f8&gdpr=0&gdpr_consent=
42 B
946 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:916c607e-8165-4f00-b235-a17cf35fe8f8&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 20 Apr 2021 07:23:18 GMT
X-lat
amspug001:0:366
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Date
Tue, 20 Apr 2021 07:23:18 GMT
Server
MT3 3660 495c301 master zrh-pixel-x5
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:916c607e-8165-4f00-b235-a17cf35fe8f8&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 20 Apr 2021 07:23:17 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 87F1
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7854427346880711005&gdpr=0&gdpr_consent=
42 B
769 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7854427346880711005&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 20 Apr 2021 07:23:16 GMT
X-lat
amspug018:0:348
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Pragma
no-cache
Date
Tue, 20 Apr 2021 07:23:18 GMT
X-Proxy-Origin
82.102.18.114; 82.102.18.114; 824.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.77:80
AN-X-Request-Uuid
90a1e2a8-e64f-43c5-89e5-833f7c974444
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7854427346880711005&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 87F1
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=65d94fee-c511-45e9-b056-979136a5c0f5
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=65d94fee-c511-45e9-b056-979136a5c0f5
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=3646d736-2a55-4499-8418-7a21c75c8cc5&ssp=pubmatic&expires=30&user_group=5&bsw_param=65d94fee-c511-45e9-b056-979136a5c0f5
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=65d94fee-c511-45e9-b056-979136a5c0f5&gdpr=&gdpr_consent=&gdpr_pd=
1 B
745 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=65d94fee-c511-45e9-b056-979136a5c0f5&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 20 Apr 2021 07:23:18 GMT
X-lat
amspug016:0:298
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=65d94fee-c511-45e9-b056-979136a5c0f5&gdpr=&gdpr_consent=&gdpr_pd=
date
Tue, 20 Apr 2021 07:23:19 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
35088BD7-49CF-48AC-B607-E63FE3E30614
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 87F1 		43 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/35088BD7-49CF-48AC-B607-E63FE3E30614?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:18 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 87F1
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=35088BD7-49CF-48AC-B607-E63FE3E30614&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-A9rNbkNE2uVZ3drvtllJ8H2xnLBIxuQ-~A&gdpr=0&gdpr_consent=
0
742 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-A9rNbkNE2uVZ3drvtllJ8H2xnLBIxuQ-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Cnection
close
Date
Tue, 20 Apr 2021 07:23:19 GMT
Content-Encoding
gzip
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-cache
Transfer-Encoding
chunked
Content-Type
text/plain; charset=utf-8

Redirect headers

Date
Tue, 20 Apr 2021 07:23:19 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-A9rNbkNE2uVZ3drvtllJ8H2xnLBIxuQ-~A&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
SPug
simage4.pubmatic.com/AdServer/ Frame 87F1 		0
587 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156972&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Cnection
close
Date
Tue, 20 Apr 2021 07:23:20 GMT
Content-Encoding
gzip
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-cache
Transfer-Encoding
chunked
Content-Type
text/plain; charset=utf-8
showad.js
ads.pubmatic.com/AdServer/js/ Frame 4A4A 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-200.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KADUSERCOOKIE=1C5F2DDE-F7B2-4088-831F-B2FA9F746DD3; SPugT=1618903400; repi=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Last-Modified
Wed, 14 Apr 2021 09:18:30 GMT
ETag
"13006b6-98c2-5bfeb3aef82b4"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14060
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=127637
Expires
Wed, 21 Apr 2021 18:50:38 GMT
Date
Tue, 20 Apr 2021 07:23:21 GMT
Connection
keep-alive
Vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 3137 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-200.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KADUSERCOOKIE=1C5F2DDE-F7B2-4088-831F-B2FA9F746DD3; SPugT=1618903400; repi=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Last-Modified
Wed, 14 Apr 2021 09:18:30 GMT
ETag
"13006b6-98c2-5bfeb3aef82b4"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14060
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=127637
Expires
Wed, 21 Apr 2021 18:50:38 GMT
Date
Tue, 20 Apr 2021 07:23:21 GMT
Connection
keep-alive
Vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 40DB 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-200.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KADUSERCOOKIE=1C5F2DDE-F7B2-4088-831F-B2FA9F746DD3; SPugT=1618903400; repi=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Last-Modified
Wed, 14 Apr 2021 09:18:30 GMT
ETag
"13006b6-98c2-5bfeb3aef82b4"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14060
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=127637
Expires
Wed, 21 Apr 2021 18:50:38 GMT
Date
Tue, 20 Apr 2021 07:23:21 GMT
Connection
keep-alive
Vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 6768 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-200.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KADUSERCOOKIE=1C5F2DDE-F7B2-4088-831F-B2FA9F746DD3; SPugT=1618903400; repi=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Last-Modified
Wed, 14 Apr 2021 09:18:30 GMT
ETag
"13006b6-98c2-5bfeb3aef82b4"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14060
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=127637
Expires
Wed, 21 Apr 2021 18:50:38 GMT
Date
Tue, 20 Apr 2021 07:23:21 GMT
Connection
keep-alive
Vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame 4A4A 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=85070311&p=156972&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1&async=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
cf75b53a3963385f098959bdc75f7f6dc829de8bed273a3cd29613efdfb2bb90

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 20 Apr 2021 07:23:19 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Pug
image2.pubmatic.com/AdServer/ Frame 4A4A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHglkhvdG8qloNCZ9ErK2JI&google_cver=1
42 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHglkhvdG8qloNCZ9ErK2JI&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 20 Apr 2021 07:23:20 GMT
X-lat
amspug010:0:363
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:21 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHglkhvdG8qloNCZ9ErK2JI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 4A4A 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
b7.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:21 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Mon, 19 Apr 2021 07:23:21 GMT
usersync.aspx
dis.criteo.com/dis/ Frame 2000 		43 B
283 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method
GET
:authority
dis.criteo.com
:scheme
https
:path
/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache
pragma
no-cache
content-type
image/gif
expires
Tue, 20 Apr 2021 00:00:00 GMT
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks
993
date
Tue, 20 Apr 2021 07:23:20 GMT
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame 4A4A
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=b39f5aea-06eb-4330-958c-825a257d6071
42 B
882 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=b39f5aea-06eb-4330-958c-825a257d6071
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 20 Apr 2021 07:23:20 GMT
X-lat
amspug017:0:382
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:21 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=b39f5aea-06eb-4330-958c-825a257d6071
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
simage2.pubmatic.com/AdServer/ Frame 4A4A
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7461959142714306524
42 B
801 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7461959142714306524
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 20 Apr 2021 07:23:20 GMT
X-lat
amspug008:0:368
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:21 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7461959142714306524
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 4A4A
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:99b2607e-8169-4a00-a233-7977639cc7bf&gdpr=0&gdpr_consent=
42 B
946 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:99b2607e-8169-4a00-a233-7977639cc7bf&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 20 Apr 2021 07:23:20 GMT
X-lat
amspug009:0:498
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Date
Tue, 20 Apr 2021 07:23:21 GMT
Server
MT3 3660 495c301 master zrh-pixel-x1
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:99b2607e-8169-4a00-a233-7977639cc7bf&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 20 Apr 2021 07:23:20 GMT
pubmatic
d5p.de17a.com/getuid/ Frame 404C 		35 B
134 B 		Document
General
Check archive.org
Download Go to
Full URL
https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
213.155.156.183 , Sweden, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

:method
GET
:authority
d5p.de17a.com
:scheme
https
:path
/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

content-length
35
content-type
image/gif
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
image2.pubmatic.com/AdServer/ Frame 4A4A
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1216248373145744966&gdpr=0&gdpr_consent=
42 B
769 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1216248373145744966&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 20 Apr 2021 07:23:19 GMT
X-lat
amspug002:0:390
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Pragma
no-cache
Date
Tue, 20 Apr 2021 07:23:21 GMT
X-Proxy-Origin
82.102.18.114; 82.102.18.114; 824.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.132:80
AN-X-Request-Uuid
dffe8329-a58e-42ad-8d7d-3c21e14be321
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1216248373145744966&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 4A4A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=HF8t3veyQIiDH7L6n3Rt0w%3D%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=HF8t3veyQIiDH7L6n3Rt0w%3D%3D&google_tc=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-200.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 20 Apr 2021 07:23:21 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"1300708-1f78-5b232eb4914bb"
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
max-age=172425
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/html; charset=UTF-8
Content-Length
2654
Expires
Thu, 22 Apr 2021 07:17:06 GMT

Redirect headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:21 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 4A4A 		95 B
387 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=1C5F2DDE-F7B2-4088-831F-B2FA9F746DD3
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:21 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
642ca0723f234e19-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
098fc29b6400004e196d90a000000001
info2
uipglob.semasio.net/pubmatic/1/ Frame 4A4A
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=1C5F2DDE-F7B2-4088-831F-B2FA9F746DD3&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=1C5F2DDE-F7B2-4088-831F-B2FA9F746DD3&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=1C5F2DDE-F7B2-4088-831F-B2FA9F746DD3&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:20 GMT
frontend-id
6
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:19 GMT
frontend-id
4
location
/pubmatic/1/info2?sType=sync&sExtCookieId=1C5F2DDE-F7B2-4088-831F-B2FA9F746DD3&sInitiator=external&gdpr=0&gdpr_consent=
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
Artemis
aud.pubmatic.com/AdServer/ Frame 4A4A
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=1C5F2DDE-F7B2-4088-831F-B2FA9F746DD3&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=1C5F2DDE-F7B2-4088-831F-B2FA9F746DD3&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=1C5F2DDE-F7B2-4088-831F-B2FA9F746DD3&addseg=12,35,41
7 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=1C5F2DDE-F7B2-4088-831F-B2FA9F746DD3&addseg=12,35,41
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.64.189.249 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 20 Apr 2021 07:23:21 GMT
Connection
keep-alive
Content-Length
7
Content-Type
text/plain; charset=utf-8

Redirect headers

date
Tue, 20 Apr 2021 07:23:21 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=1C5F2DDE-F7B2-4088-831F-B2FA9F746DD3&addseg=12,35,41
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
141
Pug
image2.pubmatic.com/AdServer/ Frame 4A4A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MUM1RjJEREUtRjdCMi00MDg4LTgzMUYtQjJGQTlGNzQ2REQz&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MUM1RjJEREUtRjdCMi00MDg4LTgzMUYtQjJGQTlGNzQ2REQz&gdpr=0&gdpr_consent=&google_tc=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 20 Apr 2021 07:23:19 GMT
X-lat
amspug002:0:466
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:21 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 4A4A
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dpubmatic%26expires%3D30%26user_group%3D%24...
  • https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dpubmatic%26expires%3D30%26user_group%3D%24...
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=2f713b19-e10d-516e-a00e-0987c07088ee&ssp=pubmatic&expires=30&user_group=1
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=1c9e1aec-402b-4c7f-a5f7-47f023c4b926&gdpr=&gdpr_consent=&gdpr_pd=
1 B
745 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=1c9e1aec-402b-4c7f-a5f7-47f023c4b926&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 20 Apr 2021 07:23:20 GMT
X-lat
amspug006:0:413
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=1c9e1aec-402b-4c7f-a5f7-47f023c4b926&gdpr=&gdpr_consent=&gdpr_pd=
date
Tue, 20 Apr 2021 07:23:21 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
1C5F2DDE-F7B2-4088-831F-B2FA9F746DD3
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 4A4A 		43 B
651 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/1C5F2DDE-F7B2-4088-831F-B2FA9F746DD3?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:21 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 4A4A
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=1C5F2DDE-F7B2-4088-831F-B2FA9F746DD3&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-A9rNbkNE2uVZ3drvtllJ8H2xnLBIxuQ-~A&gdpr=0&gdpr_consent=
0
418 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-A9rNbkNE2uVZ3drvtllJ8H2xnLBIxuQ-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 20 Apr 2021 07:23:19 GMT
Cache-Control
no-store, no-cache, private
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Tue, 20 Apr 2021 07:23:21 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-A9rNbkNE2uVZ3drvtllJ8H2xnLBIxuQ-~A&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
SPug
simage4.pubmatic.com/AdServer/ Frame 4A4A 		0
587 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156972&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Cnection
close
Date
Tue, 20 Apr 2021 07:23:22 GMT
Content-Encoding
gzip
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-cache
Transfer-Encoding
chunked
Content-Type
text/plain; charset=utf-8
showad.js
ads.pubmatic.com/AdServer/js/ Frame 3137 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-200.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KADUSERCOOKIE=1C5F2DDE-F7B2-4088-831F-B2FA9F746DD3; repi=1; chkChromeAb67Sec=1; DPSync3=1620086400%3A201_227_226_221; SyncRTB3=1620086400%3A7_161_3_21_13_54_56_220_71%7C1620172800%3A35%7C1619740800%3A63%7C1619481600%3A223; KRTBCOOKIE_27=16735-uid:99b2607e-8169-4a00-a233-7977639cc7bf&KRTB&16736-uid:99b2607e-8169-4a00-a233-7977639cc7bf&KRTB&23019-uid:99b2607e-8169-4a00-a233-7977639cc7bf&KRTB&23114-uid:99b2607e-8169-4a00-a233-7977639cc7bf; PUBMDCID=3; KRTBCOOKIE_57=22776-1216248373145744966; KRTBCOOKIE_377=6810-b39f5aea-06eb-4330-958c-825a257d6071&KRTB&22918-b39f5aea-06eb-4330-958c-825a257d6071&KRTB&23031-b39f5aea-06eb-4330-958c-825a257d6071; PugT=1618903400; KRTBCOOKIE_391=22924-7461959142714306524&KRTB&23263-7461959142714306524; KRTBCOOKIE_80=16514-CAESEHglkhvdG8qloNCZ9ErK2JI&KRTB&22987-CAESEHglkhvdG8qloNCZ9ErK2JI&KRTB&23025-CAESEHglkhvdG8qloNCZ9ErK2JI; KRTBCOOKIE_466=16530-1c9e1aec-402b-4c7f-a5f7-47f023c4b926; SPugT=1618903402
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Last-Modified
Wed, 14 Apr 2021 09:18:30 GMT
ETag
"13006b6-98c2-5bfeb3aef82b4"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14060
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=127634
Expires
Wed, 21 Apr 2021 18:50:38 GMT
Date
Tue, 20 Apr 2021 07:23:24 GMT
Connection
keep-alive
Vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 40DB 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-200.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KADUSERCOOKIE=1C5F2DDE-F7B2-4088-831F-B2FA9F746DD3; repi=1; chkChromeAb67Sec=1; DPSync3=1620086400%3A201_227_226_221; SyncRTB3=1620086400%3A7_161_3_21_13_54_56_220_71%7C1620172800%3A35%7C1619740800%3A63%7C1619481600%3A223; KRTBCOOKIE_27=16735-uid:99b2607e-8169-4a00-a233-7977639cc7bf&KRTB&16736-uid:99b2607e-8169-4a00-a233-7977639cc7bf&KRTB&23019-uid:99b2607e-8169-4a00-a233-7977639cc7bf&KRTB&23114-uid:99b2607e-8169-4a00-a233-7977639cc7bf; PUBMDCID=3; KRTBCOOKIE_57=22776-1216248373145744966; KRTBCOOKIE_377=6810-b39f5aea-06eb-4330-958c-825a257d6071&KRTB&22918-b39f5aea-06eb-4330-958c-825a257d6071&KRTB&23031-b39f5aea-06eb-4330-958c-825a257d6071; PugT=1618903400; KRTBCOOKIE_391=22924-7461959142714306524&KRTB&23263-7461959142714306524; KRTBCOOKIE_80=16514-CAESEHglkhvdG8qloNCZ9ErK2JI&KRTB&22987-CAESEHglkhvdG8qloNCZ9ErK2JI&KRTB&23025-CAESEHglkhvdG8qloNCZ9ErK2JI; KRTBCOOKIE_466=16530-1c9e1aec-402b-4c7f-a5f7-47f023c4b926; SPugT=1618903402
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Last-Modified
Wed, 14 Apr 2021 09:18:30 GMT
ETag
"13006b6-98c2-5bfeb3aef82b4"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14060
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=127634
Expires
Wed, 21 Apr 2021 18:50:38 GMT
Date
Tue, 20 Apr 2021 07:23:24 GMT
Connection
keep-alive
Vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 6768 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-200.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KADUSERCOOKIE=1C5F2DDE-F7B2-4088-831F-B2FA9F746DD3; repi=1; chkChromeAb67Sec=1; DPSync3=1620086400%3A201_227_226_221; SyncRTB3=1620086400%3A7_161_3_21_13_54_56_220_71%7C1620172800%3A35%7C1619740800%3A63%7C1619481600%3A223; KRTBCOOKIE_27=16735-uid:99b2607e-8169-4a00-a233-7977639cc7bf&KRTB&16736-uid:99b2607e-8169-4a00-a233-7977639cc7bf&KRTB&23019-uid:99b2607e-8169-4a00-a233-7977639cc7bf&KRTB&23114-uid:99b2607e-8169-4a00-a233-7977639cc7bf; PUBMDCID=3; KRTBCOOKIE_57=22776-1216248373145744966; KRTBCOOKIE_377=6810-b39f5aea-06eb-4330-958c-825a257d6071&KRTB&22918-b39f5aea-06eb-4330-958c-825a257d6071&KRTB&23031-b39f5aea-06eb-4330-958c-825a257d6071; PugT=1618903400; KRTBCOOKIE_391=22924-7461959142714306524&KRTB&23263-7461959142714306524; KRTBCOOKIE_80=16514-CAESEHglkhvdG8qloNCZ9ErK2JI&KRTB&22987-CAESEHglkhvdG8qloNCZ9ErK2JI&KRTB&23025-CAESEHglkhvdG8qloNCZ9ErK2JI; KRTBCOOKIE_466=16530-1c9e1aec-402b-4c7f-a5f7-47f023c4b926; SPugT=1618903402
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Last-Modified
Wed, 14 Apr 2021 09:18:30 GMT
ETag
"13006b6-98c2-5bfeb3aef82b4"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14060
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=127634
Expires
Wed, 21 Apr 2021 18:50:38 GMT
Date
Tue, 20 Apr 2021 07:23:24 GMT
Connection
keep-alive
Vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame 3137 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=72117798&p=156972&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1&async=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
9a85567ef571980e672d598bd3e94197ac6d0442747a0c5ac7e2745ad564f508

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 20 Apr 2021 07:23:23 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
match
c1.adform.net/serving/cookie/ Frame C5A0 		35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=1C5F2DDE-F7B2-4088-831F-B2FA9F746DD3
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
c1.adform.net
:scheme
https
:path
/serving/cookie/match?party=14&cid=1C5F2DDE-F7B2-4088-831F-B2FA9F746DD3
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
C=1; uid=7461959142714306524
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 20 Apr 2021 07:23:24 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
uid=7461959142714306524; expires=Sat, 19 Jun 2021 07:23:24 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame 0470
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6953137175575656601
42 B
771 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6953137175575656601
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KADUSERCOOKIE=1C5F2DDE-F7B2-4088-831F-B2FA9F746DD3; KRTBCOOKIE_27=16735-uid:99b2607e-8169-4a00-a233-7977639cc7bf&KRTB&16736-uid:99b2607e-8169-4a00-a233-7977639cc7bf&KRTB&23019-uid:99b2607e-8169-4a00-a233-7977639cc7bf&KRTB&23114-uid:99b2607e-8169-4a00-a233-7977639cc7bf; PUBMDCID=3; KRTBCOOKIE_57=22776-1216248373145744966; KRTBCOOKIE_377=6810-b39f5aea-06eb-4330-958c-825a257d6071&KRTB&22918-b39f5aea-06eb-4330-958c-825a257d6071&KRTB&23031-b39f5aea-06eb-4330-958c-825a257d6071; KRTBCOOKIE_391=22924-7461959142714306524&KRTB&23263-7461959142714306524; KRTBCOOKIE_80=16514-CAESEHglkhvdG8qloNCZ9ErK2JI&KRTB&22987-CAESEHglkhvdG8qloNCZ9ErK2JI&KRTB&23025-CAESEHglkhvdG8qloNCZ9ErK2JI; KRTBCOOKIE_466=16530-1c9e1aec-402b-4c7f-a5f7-47f023c4b926; chkChromeAb67Sec=2; DPSync3=1620086400%3A226_221_219_197_232_201_227%7C1618963200%3A174; SyncRTB3=1621468800%3A203%7C1620086400%3A55_8_220_71_22_88_7_161_13_81_165_3_21_166_204_230_54_56%7C1619481600%3A223_15_2%7C1620172800%3A35%7C1619740800%3A63; KRTBCOOKIE_153=1923-8s_qpvzO66DpyL-n8M_w8PKcv_Lpz7nw85wo0f_W&KRTB&19420-8s_qpvzO66DpyL-n8M_w8PKcv_Lpz7nw85wo0f_W&KRTB&22979-8s_qpvzO66DpyL-n8M_w8PKcv_Lpz7nw85wo0f_W; PugT=1618903402; KRTBCOOKIE_22=14911-8766612524919737281; SPugT=1618903403
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Tue, 20 Apr 2021 07:23:22 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_1101=23040-6953137175575656601; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 20-May-2021 07:23:22 GMT; path=/ PugT=1618903402; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 20-May-2021 07:23:22 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 19-Jul-2021 07:23:22 GMT; path=/
X-lat
amspug013:0:438
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Tue, 20 Apr 2021 07:23:24 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie
UserID1=6953137175575656601; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6953137175575656601
adx
match.prod.bidr.io/cookie-sync/ Frame 3A38
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDR2prN0FfUU1BQUNyUng1SVhGZw&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
43 B
430 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.220.102.114 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-220-102-114.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Host
match.prod.bidr.io
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
bito=AACGjk7A_QMAACrRx5IXFg; bitoIsSecure=ok
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache, must-revalidate
content-type
image/gif
Date
Tue, 20 Apr 2021 07:23:24 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma
no-cache
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
43
Connection
keep-alive

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
date
Tue, 20 Apr 2021 07:23:24 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
content-length
355
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Cookie set Pug
image2.pubmatic.com/AdServer/ Frame 3AE5
Redirect Chain
  • https://green.erne.co/pubmatic/cm?
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=Lg3zPgg8xe0wftE8dBEaWrAb
42 B
775 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=Lg3zPgg8xe0wftE8dBEaWrAb
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
image2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KADUSERCOOKIE=1C5F2DDE-F7B2-4088-831F-B2FA9F746DD3; KRTBCOOKIE_27=16735-uid:99b2607e-8169-4a00-a233-7977639cc7bf&KRTB&16736-uid:99b2607e-8169-4a00-a233-7977639cc7bf&KRTB&23019-uid:99b2607e-8169-4a00-a233-7977639cc7bf&KRTB&23114-uid:99b2607e-8169-4a00-a233-7977639cc7bf; PUBMDCID=3; KRTBCOOKIE_57=22776-1216248373145744966; KRTBCOOKIE_377=6810-b39f5aea-06eb-4330-958c-825a257d6071&KRTB&22918-b39f5aea-06eb-4330-958c-825a257d6071&KRTB&23031-b39f5aea-06eb-4330-958c-825a257d6071; KRTBCOOKIE_391=22924-7461959142714306524&KRTB&23263-7461959142714306524; KRTBCOOKIE_80=16514-CAESEHglkhvdG8qloNCZ9ErK2JI&KRTB&22987-CAESEHglkhvdG8qloNCZ9ErK2JI&KRTB&23025-CAESEHglkhvdG8qloNCZ9ErK2JI; KRTBCOOKIE_466=16530-1c9e1aec-402b-4c7f-a5f7-47f023c4b926; chkChromeAb67Sec=2; DPSync3=1620086400%3A226_221_219_197_232_201_227%7C1618963200%3A174; SyncRTB3=1621468800%3A203%7C1620086400%3A55_8_220_71_22_88_7_161_13_81_165_3_21_166_204_230_54_56%7C1619481600%3A223_15_2%7C1620172800%3A35%7C1619740800%3A63; KRTBCOOKIE_153=1923-8s_qpvzO66DpyL-n8M_w8PKcv_Lpz7nw85wo0f_W&KRTB&19420-8s_qpvzO66DpyL-n8M_w8PKcv_Lpz7nw85wo0f_W&KRTB&22979-8s_qpvzO66DpyL-n8M_w8PKcv_Lpz7nw85wo0f_W; PugT=1618903402; KRTBCOOKIE_22=14911-8766612524919737281; SPugT=1618903403
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Tue, 20 Apr 2021 07:23:23 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_409=22966-Lg3zPgg8xe0wftE8dBEaWrAb; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 20-May-2021 07:23:23 GMT; path=/ PugT=1618903403; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 20-May-2021 07:23:23 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 19-Jul-2021 07:23:23 GMT; path=/
X-lat
amspug017:0:387
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

server
openresty
date
Tue, 20 Apr 2021 07:23:24 GMT
content-length
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie
u=Lg3zPgg8xe0wftE8dBEaWrAb; Max-Age=63072000; Domain=.erne.co; Path=/; Secure; SameSite=None
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=Lg3zPgg8xe0wftE8dBEaWrAb
strict-transport-security
max-age=0; includeSubDomains;
bridge
cm.adgrx.com/ Frame 0734 		43 B
408 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.204 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Host
cm.adgrx.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Date
Tue, 20 Apr 2021 07:23:24 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
server
Cowboy
X-RealServer-NX
ams-delivery-6
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Pragma
no-cache
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
dpe
ad4m.at/ad/ Frame 2FFB 		42 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c02f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Tue, 20 Apr 2021 07:23:24 GMT
content-type
image/gif
content-length
42
set-cookie
__cfduid=d9918da8490bec2b259faae2daa80b0d01618903404; expires=Thu, 20-May-21 07:23:24 GMT; path=/; domain=.ad4m.at; HttpOnly; SameSite=Lax; Secure
report-to
{"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires
0
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy
block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy
same-origin
pragma
no-cache
surrogate-control
no-store
x-fastcgi-cache
BYPASS
x-backend-server
adsrv-7rdk
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-request-id
098fc2a7ea00001f3165368000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
642ca0864fd71f31-FRA
mw
mwzeom.zeotap.com/ Frame 3137
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=1C5F2DDE-F7B2-4088-831F-B2FA9F746DD3
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=440114f7bde64d9fd88011a876b131f9
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
  • https://pixel.onaudience.com/?partner=147&mapped=b39f5aea-06eb-4330-958c-825a257d6071&icm
  • https://spl.zeotap.com/?zdid=1332&zcluid=6bf80b6976edacaa
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=eb3bb799-4ea7-4ecc-5ae9-f349da6430bf&reqId=660e4349-9b8f-4a51-66dc-441cbe875d91&zclui...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEBltVV0e0e0NbPedRMPvIm4&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=eb3bb799-4ea7-4ecc-5ae9-f349da6430bf&reqId=660e4349-9b8f-4a51-66dc-441...
95 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEBltVV0e0e0NbPedRMPvIm4&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=eb3bb799-4ea7-4ecc-5ae9-f349da6430bf&reqId=660e4349-9b8f-4a51-66dc-441cbe875d91&zcluid=6bf80b6976edacaa&zdid=1332
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:25 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
642ca08b38a34e19-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
098fc2ab0100004e19b5273000000001

Redirect headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:25 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEBltVV0e0e0NbPedRMPvIm4&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=eb3bb799-4ea7-4ecc-5ae9-f349da6430bf&reqId=660e4349-9b8f-4a51-66dc-441cbe875d91&zcluid=6bf80b6976edacaa&zdid=1332
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
469
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 3137
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=99b2607e-8169-4a00-a233-7977639cc7bf
0
418 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=99b2607e-8169-4a00-a233-7977639cc7bf
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 20 Apr 2021 07:23:23 GMT
Cache-Control
no-store, no-cache, private
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Tue, 20 Apr 2021 07:23:24 GMT
Server
MT3 3660 495c301 master zrh-pixel-x27
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=99b2607e-8169-4a00-a233-7977639cc7bf
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 20 Apr 2021 07:23:23 GMT
/
loadm.exelator.com/load/ Frame 3137
Redirect Chain
  • https://loadm.exelator.com/load/?p=204&g=71&buid=1C5F2DDE-F7B2-4088-831F-B2FA9F746DD3&gdpr=0&gdpr_consent=&j=0
  • https://loadm.exelator.com/load/?p=204&g=71&buid=1C5F2DDE-F7B2-4088-831F-B2FA9F746DD3&gdpr=0&gdpr_consent=&j=0&xl8blockcheck=1
0
751 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadm.exelator.com/load/?p=204&g=71&buid=1C5F2DDE-F7B2-4088-831F-B2FA9F746DD3&gdpr=0&gdpr_consent=&j=0&xl8blockcheck=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 07:23:24 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date
Tue, 20 Apr 2021 07:23:24 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://loadm.exelator.com/load/?p=204&g=71&buid=1C5F2DDE-F7B2-4088-831F-B2FA9F746DD3&gdpr=0&gdpr_consent=&j=0&xl8blockcheck=1
cache-control
no-cache
access-control-allow-credentials
true
content-type
image/gif
content-length
0
Pug
image2.pubmatic.com/AdServer/ Frame 3137
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=8s_qpvzO66DpyL-n8M_w8PKcv_Lpz7nw85wo0f_W
42 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=8s_qpvzO66DpyL-n8M_w8PKcv_Lpz7nw85wo0f_W
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 20 Apr 2021 07:23:22 GMT
X-lat
amspug004:0:439
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:24 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=8s_qpvzO66DpyL-n8M_w8PKcv_Lpz7nw85wo0f_W
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 3137
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8766612524919737281&gdpr=0&gdpr_consent=&us_privacy=
1 B
727 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8766612524919737281&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 20 Apr 2021 07:23:22 GMT
X-lat
amspug018:0:507
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8766612524919737281&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Tue, 20 Apr 2021 07:23:23 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 3137
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YH6BbAAATFfORQBg&gdpr=0&gdpr_consent=&_test=YH6BbAAATFfORQBg
1 B
809 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YH6BbAAATFfORQBg&gdpr=0&gdpr_consent=&_test=YH6BbAAATFfORQBg
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 20 Apr 2021 07:23:22 GMT
X-lat
amspug019:0:401
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:24 GMT
via
1.1 varnish
server
Varnish
x-timer
S1618903405.703941,VS0,VE0
x-served-by
cache-fra19160-FRA
x-cache
HIT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YH6BbAAATFfORQBg&gdpr=0&gdpr_consent=&_test=YH6BbAAATFfORQBg
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
Pug
simage2.pubmatic.com/AdServer/ Frame 3137
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:c3b2ced1-d178-4a35-8758-95f68b2d56f9&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:c3b2ced1-d178-4a35-8758-95f68b2d56f9&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 20 Apr 2021 07:23:24 GMT
X-lat
amspug009:0:419
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:c3b2ced1-d178-4a35-8758-95f68b2d56f9&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Tue, 20 Apr 2021 07:23:24 GMT
Server
Apache/2.4.41 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
image2.pubmatic.com/AdServer/ Frame 3137
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
42 B
760 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 20 Apr 2021 07:23:22 GMT
X-lat
amspug004:0:421
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:24 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
current
pubmatic-match.dotomi.com/match/bounce/ Frame 3137 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=1C5F2DDE-F7B2-4088-831F-B2FA9F746DD3&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:20::2010 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Apr 2021 07:23:24 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 3137
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1216248373145744966
42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1216248373145744966
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 20 Apr 2021 07:23:22 GMT
X-lat
amspug005:0:306
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Pragma
no-cache
Date
Tue, 20 Apr 2021 07:23:24 GMT
X-Proxy-Origin
82.102.18.114; 82.102.18.114; 720.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.235:80
AN-X-Request-Uuid
369a6e6d-4257-4766-94a9-2f4065788bfe
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1216248373145744966
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
s.w.org
URL
https://s.w.org/images/core/emoji/13.0.1/svg/1f384.svg
Domain
s.w.org
URL
https://s.w.org/images/core/emoji/13.0.1/svg/1f332.svg

Verdicts & Comments Add Verdict or Comment

135 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| _wpemojiSettings undefined| $ function| jQuery object| stlib boolean| tpcCookiesEnableCheckingDone boolean| tpcCookiesEnabledStatus boolean| sop_pview_logged string| stWidgetVersion object| stLight boolean| st_showing object| _EPYT_ object| _EPADashboard_ function| onYouTubeIframeAPIReady object| FB object| twemoji object| wp object| $MMT function| confiantWrap string| speed boolean| loaded function| mainrun function| pbjsChunk object| pbjs object| _pbjsGlobals object| ifvisible function| inView object| apstag function| bret function| cash function| pagespeed string| GoogleAnalyticsObject function| ga string| sbiajaxurl object| PT_CV_PUBLIC object| PT_CV_PAGINATION object| jpibfi_options object| Main function| epdofitvids object| sb_instagram_js_options boolean| sbi_js_exists function| sbi_init object| blockedPages function| blockCurrentPage object| googletag boolean| mmtVideoMuted boolean| mmtVideoAutoPlay boolean| mmtVideoLoopPlayback string| path object| confiant string| ggv2id object| google_tag_data object| gaplugins object| gaGlobal object| gaData number| PIN_18737 object| jpibfi_debugger object| sbi number| sbiWindowWidth number| sbi_photo_width_manual object| LOTCC_13511 object| LOTCC function| xDomainCookie object| ggeac object| google_js_reporting_queue object| regeneratorRuntime object| core function| setImmediate function| clearImmediate object| ats object| PIN_1618903392746 string| value object| key object| PinUtils boolean| apstagLOADED function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| ggevents undefined| bean object| GUMGUM object| headertag function| OptanonWrapper object| OneTrustStub string| OnetrustActiveGroups string| OptanonActiveGroups object| dataLayer function| jsonFeed function| __tcfapi object| otStubData object| ggData object| otIabModule object| Optanon object| OneTrust number| SQC-2

1 Cookies

Domain/Path Name / Value
babesinhairland.com/ Name: _lr_geo_location
Value: FR

5 Console Messages

Source Level URL
Text
console-api log URL: https://babesinhairland.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 3.3.2
console-api log URL: https://babesinhairland.com/wp-content/plugins/youtube-embed-plus/scripts/ytprefs.min.js?ver=13.4.2(Line 2)
Message:
YT API init check
console-api log URL: https://babesinhairland.com/wp-content/plugins/youtube-embed-plus/scripts/ytprefs.min.js?ver=13.4.2(Line 2)
Message:
YT API init check
console-api log URL: https://babesinhairland.com/wp-content/plugins/youtube-embed-plus/scripts/ytprefs.min.js?ver=13.4.2(Line 2)
Message:
YT API init check
console-api log URL: https://babesinhairland.com/wp-content/plugins/youtube-embed-plus/scripts/ytprefs.min.js?ver=13.4.2(Line 2)
Message:
YT API init check

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.volvelle.tech
ad.turn.com
ad4m.at
ads.avct.cloud
ads.betweendigital.com
ads.creative-serving.com
ads.playground.xyz
ads.pubmatic.com
ads.yieldmo.com
ap.lijit.com
apex.go.sonobi.com
api.rlcdn.com
as-sec.casalemedia.com
assets.pinterest.com
ats.rlcdn.com
aud.pubmatic.com
babesinhairland.com
bcp.crwdcntrl.net
beacon.krxd.net
bloggernetwork-d.openx.net
btlr.sharethrough.com
c.amazon-adsystem.com
c.sharethis.mgr.consensu.org
c1.adform.net
c2shb.ssp.yahoo.com
cdn.cookielaw.org
cdn.districtm.io
cm.adgrx.com
cm.g.doubleclick.net
cmp-cdn.cookielaw.org
confiant-integrations.global.ssl.fastly.net
connect.facebook.net
d.turn.com
d5p.de17a.com
dis.criteo.com
display.bfmio.com
dmx.districtm.io
dpm.demdex.net
dsp.adfarm1.adition.com
eu-u.openx.net
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
geo.privacymanager.io
geolocation.onetrust.com
green.erne.co
hbopenbid.pubmatic.com
i.pinimg.com
ib.adnxs.com
ice.360yield.com
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imps.monu.delivery
ipwatch.monu.delivery
js-sec.indexww.com
js.gumgum.com
l.sharethis.com
loadm.exelator.com
log.pinterest.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
maxcdn.bootstrapcdn.com
monu.delivery
mwzeom.zeotap.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.quantserve.com
pixel.tapad.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid.adnxs.com
pubmatic-match.dotomi.com
r.scoota.co
rtb.mfadsrvr.com
rules.quantcount.com
s.w.org
sb.scorecardresearch.com
scontent-sjc3-1.cdninstagram.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
spl.zeotap.com
ssc-cms.33across.com
ssc.33across.com
sync-tm.everesttech.net
sync.bfmio.com
sync.crwdcntrl.net
sync.mathtag.com
tags.crwdcntrl.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
visitor.fiftyt.com
widgets.pinterest.com
ws.sharethis.com
www.google-analytics.com
x.bidswitch.net
s.w.org
104.16.68.69
13.224.102.102
13.224.102.122
13.224.102.4
13.224.102.47
13.224.102.59
13.224.103.105
142.250.185.130
142.250.185.162
151.101.112.84
151.101.113.194
151.101.14.49
159.253.128.183
178.162.133.150
178.250.0.163
178.62.202.251
18.156.0.31
18.156.195.47
18.158.167.137
18.159.8.206
18.185.167.149
185.29.132.144
185.33.221.15
185.33.223.178
185.64.189.110
185.64.189.112
185.64.189.114
185.64.189.115
185.64.189.249
185.64.190.81
192.124.249.6
2001:678:cb4:bbbb::11
2001:678:cb4:bbbb::13
208.100.17.171
213.155.156.183
216.52.2.39
23.111.200.118
23.218.208.200
23.218.208.246
2600:1901:0:333a::
2600:9000:2190:2400:3:c04e:c780:93a1
2600:9000:2190:9200:c:a9b7:ddc0:93a1
2600:9000:2190:e600:6:44e3:f8c0:93a1
2606:4700:10::6814:b844
2606:4700:10::6816:1857
2606:4700:3039::6815:c02f
2606:4700::6810:9440
2606:4700::6812:acf
2620:116:800d:21:5a23:9c4e:e774:96c1
2a00:1288:110:c305::8000
2a00:1450:4001:80f::200a
2a00:1450:4001:812::200e
2a00:1450:4001:82b::2003
2a01:7e00:1::b24f:afb0
2a02:fa8:8806:20::2010
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f231:c5:face:b00c:0:43fe
2a04:4e42:1b::84
3.122.26.231
3.127.88.255
34.120.133.55
34.246.133.154
34.253.109.165
34.98.107.212
35.156.198.184
35.186.236.140
35.201.96.126
35.210.178.101
35.227.248.159
35.244.159.8
37.157.6.246
37.252.161.190
51.222.80.231
52.17.151.21
52.19.21.254
52.20.243.141
52.214.7.146
52.29.176.117
52.4.152.106
54.208.200.8
54.220.102.114
54.36.109.186
54.74.153.15
54.76.72.47
54.78.254.47
63.35.129.75
66.155.71.149
72.251.241.204
77.243.60.138
85.114.159.118
94.23.171.206
01bc53d4891be400d81d52d44a82d21ae53beb7ed6c50c2df137d8a06aeb9bb8
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
046c9c9dd226e31d63fcd322f7caf9f9de63b898c4f29c6df36dd24c9f9fe35c
054f5df8abdc34b2db30d11e8ea01eb6fd8ab0e350082494581a21a820053ff8
06024719e6fc9f5301fd594ca0a11531f05b614e3cdc2cb529dae236edd3802a
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06d5a416d6b7be6b75d935d8a06f05d628032d4ab45547c65cdc5f82e847d302
08a36909c9b505f7c4c6ec4ed9097cbddc7cfc2ce19daccad1bd3f698c54bdfe
0a9a9dae3790a857a6469e98003bbc942600f409e3f8b492944d80a39690e65b
0b0ead5d4f4f31252da3aaeed8a1862327c28a184e09b6501893ba9f37be5b45
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0ee8cbcc67e31cfed22f43ee631658c1010f5f6b56aa6bb3a10fca8e31adcde7
10c208996555e867923a5bf28dc860df1d99d8f0ec12d8debe7cdb63e91d65c0
111041158b9290ae7cc0c6da69d7c4f5600e8a73b4c7399d675df7f15ba7b063
129226b7f1f0a431034a959856825b66fb2cd310f83557de4b7fb17e53873423
14001e918311ce8762f0c8beeaec3f72abbe0b410eaa4ddf5dc99549dd99d7ff
1446ac674e5455e1ce0dd049d053a0ab6dcce562add02444b3e79ba20c0eaf22
1581a98c7cf9bf2b0299819f56357fbfa08a13626f000f204aea0e14cbca5b41
1600c12e923d3bec3aa5719266d28dac34303edb4b8ebc86c25514200c34c25e
1629917fd28fa6bb5444260b3aadb823992794ccd366e98c71c70076de433419
179e097e74eb709f774a541e8d199490ef290f650264b14ecddf6b1a090da2be
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18fc909cd3b3944e9e10d8e26b8c08742a4b290746e2a0a45f36651310afbbc0
194388578fe16a8f6d0790e1af9f6f935a03b3ecb8d7620f0ebca642761ebc88
1978bd596271024a3d2d3ec23c7411b465bc2c50c4ec996130b17f8d15df847c
1a92bb208274251f43fc39719410f29d4639a29d416b9d27c8083306f05f8e7a
1b810b507cefa9ebf6eec323ec72e7d4e27800b6d46bab0c4df0d42a1b6cf938
1bef073a89db7bf80b0cceabac6ec16985b2d1ed977f4d0340322969bde7f452
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
1cb74caa0838d47536bc1acc6f03647525540c5d5f60293fe570321677c667ac
1cd2d4a8fdd3cd7854869ed88200088dbade95d2b3aaeeb5d5d1391232dfd86e
1d9f06621c8ef5541000902f21b736e209b852b674c9122e600c70b4a0ab3f88
2164ccda35ef9f1994988c3854e7941905fffa2b6edf0a2f32826ada9b4c3ed0
21684099693050fe6fecb937bb35c94dac2dc990158ed38a53d44ae28fd9c6e8
22fcc44b0bccf4dfeec16bf65e04f0ec4297a26c520da19410f3480bc1cd5853
240c9c58d543a7898fa192bd3cea7953925f6c9bc7e7021cf9c85492aca89aae
2460e265f7b3a7d6dbf740f755c5dbb2fdff6c14127f04b25da65ac88e0aea80
2546655864072944e9422c8b24897b097652a4af2c499ae9cdd91a25f34abcff
2598fd0548d38d4414901e577ef33247f82a30acdb68a74236496143f7077192
260212e0acb13706f031e2f619aca9771b9904765989b8e48f3455aeefb9691f
26077fd27523045b7ac6c4f8058556e7210003f8be330c36ad960cdc7c2b568a
2717481d28d98b22e3277c45a2a0529b5044aef42d8f262ca7e11e73240c563d
277f73f71ca0ad7284d5692e5d5efcccad6a721f9f61c41da5c141ee3d478e7a
27a0b78fb3492fe299dff14c81faa3e882e990dd6022a0a6375bf279af516639
27ace02c9feb618341f3af57cde6c101efc0c7274adaaec3f87d17f6d062252e
27daf5cac11d4ee2245a4ed1c3bbd12c177a4e36cb1ea232ecd150d4b73b3a9f
281a0e2c992f5172b4222eca2c81b80126899a04c290f0c27b45fe37c23ea45f
2c7f8b0cbcaabd8324668f5545d2a441e96cbc9c6fb362b064ed4ee306d35dc1
2c8e53a32e8386684c95a1f6f35d599ae9b70db72a124693a77af8931551023e
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
2d6bd710b8a8747bbb6a1a20d4a7a15762b4bb639c75901c719d17e827f6f02b
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2fc241e18f44195283812644db32e1af77e15c9c760a404e464efbfe64b37f78
2ffcc8e642615cf9677270fe57d92d9443fbd4fe9772a3b0aea71bcc6a16780b
309bd02330efee1918ad8b53c4b03311946b36fc8cda689eadc78cb393790eac
326504a785a2ef7de18eaba88656f28f55e7b7eeb8a940c265cff232b68a2bd9
32dbf9deaf5771e7eae92ff0742d94e8d9220f4e998b0b1e8084d24acc2ee62b
358a6fb3a6bbdcfd11f73307f4b23453770b4e1a0d49205d240fe4ca4593733f
359527f78248238f6f0f68a244bc38a6bfc55e2c8fe4d121129a5372c001f019
35c73f9c2955390a1ff1e4caf89302da9fd3759caac58aeab47491f238c2e8d6
3766d93ee6f48931ccd1ebd736c77e4c1179925d456c9df26f13639e660ec4d2
37eee3142be6be85225cd65f4f91bc594881b692aba3f39dfdbb8f8de8624515
38c1560e977293999d4924afb5e66ea1959857c0bfe8de178bfe940e69511543
393e660d33c8d0ae580f2d9029cf6f412c556de3a876e6544cdd3c916898dded
3d734de6f7e11c73085a19b188049f84a080b1b1e70cf88f7e422da5673eae6f
3df1afc123fd19da2af7da5bf66c8dab25c986dcf467b2aa7d6409e389b0ebb8
3dfe97f4a77c2c40074e1ba976547598ef1bc1f336d67b35217f68cc729b378a
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de
41ecb8fd0d1474f9c108f5c08824dbbe7d7c81494268d0849abb76e5c6217400
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
459505ae58f3d08592e3ad684b6b933267771a6194e69899e5f0f2a59f92a6ad
4776c46535052e39fc27cb2a91b9c759afc4541486e4ef8540287e308f3647ff
47d28688be8c7e0a67745b0b2fb8f448657191fbe107169c2dcbf5f254ccd7bb
48113c9647a9c86a8ccf27e1fb94954e8d1a41907b228ae1f0eb55d3ae7fc46a
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4905a742ec40bb99e91d6877bae12d79284ba3e1e8a42399f7bb2c3781fd3ae6
4be5686fb4401f38ea8da68d6aaaf4a041a5ce1d98e32eeabc720b2c08b63742
4befc79d544863747def8dc5e2617a95002a1621509cadb8d53a58ca30be7a3b
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
505e05a2fcc6f07732a4023946b9f1a3c15dfeaf2d79cfbf692d2fd44d118984
536fd36e9fce9d909a2631404c5631e65a0a3f329475f0bb5141d11a1193e5d1
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
54b16a534f27d39f8edb7dd908ecf182b4be466f86f28ac0f01f415f2ba9d1cf
5586cd6c747f16b563943ee3e55a201b0a40a88cb48b561c4a763adc977dd9cb
561747fbaee4ab8fc34641af932e2697eabd08ba310039414f10162ea58edee8
56da3cccbac1e5b6991d50c18d85e0c3f6dda1a72d2342f65d55d7c17dc9b36d
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5cc0e548f20050a35a221b5db2818e9e8c285af9c04470b2d0a46d5ff287aa4e
5d25b73ed4010f9278e6b31c3d686b01745e63a806cbebb183c1b41a83ea63b9
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
5f6aa9abb1aab348b81ef9b912a0b0fc30d1e15730a17096f7c8fcf078fe9246
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
611c27ae62a7e6b052e53819a868e72361a1497bf29182043ae63f07cc2b624e
6139dddd3b6b6b847bccd476918dc8fb4f4f5a10908e5707c704f155e0918e84
6258053189ddb43ce622348756b727d9042a495f31815e5b418d660269dd550d
655456c1291413d52a034f03b6b3a0d7c21e42c7e8ac99882711bbe8fc925955
65811929ff85715160ca21d13ddbebac0d3e4a1bf9ede506845b9d7181327377
66c53c50b033ac5fd2a9ee8ba13bc3d9df5af078bd440a05a4b0973648a7a224
67fd2550ec99c5a6298439c50edb767f965b400f18cd6ec5e8155e6f3c512fbb
682e69e1daaf4ec5066eddd2dc0d46ac9b579c354843729d82d040a99ba7cf94
6848e153bdec172d05c7356959586c952d1ce7813c7e37bd82fd41c745ecc63d
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6afc129e9a01d2e26245157dd83c234c868d38f9a9920936264db79c3c87645b
6b2e634aa420c8d558ab6fc13942c11617f3e834464e28a2a2737c2ae3ac5335
6d5be1cf7ed69b3f27646a39b4e8c9afac4a13ce6fbedf33404a3e969d24e798
723e23baa6a59cdc3a7224f860d2d083c1f7a36711a417cec6940c6b45d72c92
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
767a2699978d5f976aad931075245e00e525bb26cbc9699148f0ee81791b628f
76a18f5f0637e0d73ce1afece898ce8b0fa75bb6b1c1990ae4a7ac6b083045ce
76a3570939ecf98ef0ae1a7fccbb5487ee729bdea733d6520c90f99e293b587b
77dc37a7edb7674b50949555df7c896a8cef625223b3a31618bcf501b842e632
78d00d28d5e9614aabd17c85e08b0f3048d26bdc9d263fd503bf78a470d393cb
7a8fee0a8096e3de089202f91f26ec7a5fdf7aa08106b35a8e5bc39fbcd978c2
7b0fb27181aa8c2244ab51f28e8b544248585a334184445b1da9b04f89a794ac
7e2a71c4f1e76241ab937d39639ac78027aea87cda22f5960699598d4c5372a9
7eb1544940a18bbb7ce918d7623649b11958b5335582cf0cfd7751b627f35386
7f6e5468ecaf07c803f2b1dfa2a13d5baaa5cfaa1ad21d372c45c75e49ac097f
802a3b18272fce86b7ae5e349963873801db2a682c542ba2a78b673f295ff5e2
80519b748f4b8535d7d0be4f67ff397bfadf10580f2fabd6eb79fbc608565159
813080814dc93b4e86e617bd9f073a02d69974d3dd1dedf79ea0b0e8237f83d9
81b683dd9d42cd417d7d9b29ab60b1d30c8f3b6d0cd6dde6587725805559a7d2
82564739dc8134f4f80a955969b27252ae98d88147fcaea20ccd8a612b4f8231
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
842a782edf80c77490125a4ce437517d3996d41687a776e1d897b99b7f0d357c
859a299f6ba1ab8b2f235363828f6f3185e86505e12183832acb764b3ac0029c
860e4b944663ab48a4929f7f995379090822e06521ab6321612490be84de42fd
88d9ff02a9684819673ab106fed898d7ff117701d765892d3a574cb96c071776
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8be3ffe5523bec1b0c3336590a969ba5a8a9e93d879558ffe7157f17f248ecbf
8c7bb16840d7dfa3f39968aafc366ad8dc617544cc41e40baa3c3924155ff6a8
8cd5a36d529b5f6a615bb91c1db7804e803fa6c9844b58f991410ce13993316b
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dcba7b2b2f675c472efc594b7be7cb28fa05157895d601882df91de4b6b8c9f
8f64c8e04c5b5317ce51da7c2ae36ec81c59933fd592ab4c0757eb197e206920
924f2fb8066b66f4c163d433908df4c2c997250c5146d8a210c917b3e334206f
92ff6a00efba5377195e138251be3aa77a5f3aee06cf1b68c98cfb9bd05dcbe4
9397f22f957d47fd7e6b04832ac8f6dfbd41b135749471859d4b30ae9244871c
943e945fe580c2f73bb2aa74975847f582af4d2417d108fd7777464520f80766
9549f6c6acb1b8fa18fe4ba4b93fdb1dbcd2442c80e946edc27b6690dbd53468
978c87e304f7dd8445d2365141b7377d2c1ef54f9d0b855d245320ac5a392664
97c31fc5cef2602a8bbb2ed337aae275ceee2515c4c61073e11d95322f46747a
982c816b9b4f4e365296694a6efa027a21f7f586c697e21fd5b822ea753514a2
986a033d12c7403fa18201513e4396dba72e54e80e2f838b4222f2a8710ab6dd
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a85567ef571980e672d598bd3e94197ac6d0442747a0c5ac7e2745ad564f508
9b23486dbeecde08b58fc9ef7b743301eeb823cb86e1706323c1d7dcacb0b2e4
9c5348e4d76366efc13f2bcb5a5ce138e581e90d570a09d0ec66a8cab4920be6
9e1f1ef7172400a022ce88960359048cd55a49ec3774f52d4a1f4bcb59cddb20
a0192ca2b242aa948c52d4d21d0ba72fb05f69060d3fde28f8371f6a114f114a
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0b35ef5b54ba1bde29360928fc986c7bfe8b0da9198d9c4520b5004f5f023d9
a394d231cf4239d223b519366211f838236e4a3c2b76037e013bf8dabd43a749
a549d04368a80efbf3486c0df2a376c16203df2cefb64dc7dc98420ef5dc8af4
a555196d4d553492044b1579f515d14dd9f2483594f82ac5faf89fea19c30e9c
a7159f0c0656c77757e0cc4ba3feab9ee8adca7f3bf9e19e488096acee8cc4f9
a85716c58ccf4de0545cbca107167a0abd8e1ea1174e5706585b1126ba6dca83
a9b874cc1668933031fde1d26385f91c083774b69474799fd68c50751895387f
aa1f5c79753ed4168ff0e27fdd56b67639889dec21fce1b28b0e2e0e5653f6ba
aba0ac3c89011196a2c6b54d868991e18ffaf494c8e3afc97451be087b93770c
ac84513c4c5ea7e4458e91c46e33ba71b56e19fabf93cc079ffcb01a975c2e3d
afa07ffd0316f93d7980df193475bb8348d83c74faaabdd445dddc288518f48d
b25aa5eb92fee08d51add083e5c4fa22516e9d1ab61179734fbb1e27fb7f8063
b273893bf2b88f5a3144322a462363124a5608979cec217e87423e5964596aef
b29954a61fb85c954bc5b6128adb4ad258d27b18b43632f4a243a8ac97da0d86
b2cd84ae2af44bab20188e286cc002649a57459102ed6607bd350863aed7f02d
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757
b5ac1972ac36ea81767509006f626d4e9a25b9bf64b4d0fc75b3d00e14df2d59
b68a57ef12aa892428ab8cddf579df161ffdcf3ce08d043e722389bb822b413f
b8388718f670ddb4c773f542fef40257fd020ae066966c2ca33b0814eab04a74
bc5a4d6a431922d103c545ec36c6c5f03cc31d398791065ebfb3b1b055ce3581
bc9c387b513b4d43675910f780fa03e92b9a4b58432b402a8f0a801a0d5ae855
c041fb9b56b657e2232543e18327edf4cf429b24befc1b5f9ab9aa0e982f20f4
c0ed47bcf3fee54998aab59e079bf171b4a3e62fd1e435a88800738858305221
c1fa9b8336c776f5734a670218bf62b9439c5585e9edb0c8c302dc6a0881ef27
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c3a5a6d2d7b74441446305c6e0bf9dbe7c24a99fecb7f2e6ebe44901e06aac8d
c3c54ff47290bfa569249f470660410315a7fa8282a0ac501bda19bba3068098
c3e760afd8b413ecb7bd30370d4e5e2bfd5a847e8dc2c0f0e39d7621eba92c4b
c46b02cf2f04aabceec69cff28e8113b374ded8a7597c41dd3ee8d7091950aad
c48b93fbeac87659b83bca5b14f28e8ebd4d13ea8e4d20183f1540820ef2d593
c5f4f0627b7e14e9557378d8c87d2628e2f4ed6234b95ee45f01ecfc53ad476d
c604b3a9a3f1464144a15ce0ae7853500a51074eafb1e6ab4221e29a9986813a
c6719049b4abb3e0fde4b147f5165c6cee4765594f2933d21c56e0069a008cc5
c799c70d3cae050e7292913344ed2b50f1646d2c30b82cf7a8d94497450ef587
c942dc0fe5446042e7fd1c29d9cccfac082b7931e6c5675ccfddc7caa422136a
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca4af1ff8c77ca6ee121a106f3a79e4b55e710e26e595c36ce0eac86973a907f
caf9ba0c928dfb166f5f2adea37b154ead7462478f787e1e53ceeda27ae705e1
cb593a6e6068dcfc7ce077d3d56abe9132df9ef8dc522c20b3ff4aea80aa39b8
cbd1a970b98c920e5be1e77d2e3421f0382d398009e88ca7f5fd9e2f52c12541
cbdad3d67118021621550eb7d9faf5f04b12f3803403f77faac8778da2267ef8
cd44041e27f78770fced39f58e54ff661a452abda8f8541577caed06934f813d
ce8b3dc7792f065b336d3b71011510c4d4f5a385402f10436f821cdb6d8be2b7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf75b53a3963385f098959bdc75f7f6dc829de8bed273a3cd29613efdfb2bb90
cffabe0948ab31d5e6574c15c4e0d494ecc146d91cd0434d684c9ace31f9c068
d43a266832b78e29d07468eb3dd8f82d6cf97b1aed3ec5f35dd01410efec3136
d4c930cf3b113474406d0e7401596df6b8aab4c0d805def0f0c23ad9cc758af6
d5b02ad83fb8c1bec5d552653827fb624d7bfffb7391d48e9871839fad69b138
d5bb8e9097a2f622718cd4922fe78ee9957d7710c58adb81e119a48ce9ed9791
d7c4996a9e54d1abf522750de1582592efea64d40dc74b408cfb666d85013df7
d914d3cb757b46af612bf883391c1bcb8503d09339e3c50a2df02e93657a97e2
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
dbafb4fa88edf10e79c8a8361b4eb2f365b5d5af700354e140af131ed2bcd208
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
ddda47b049ec774960fe39b5c0fca40c15abf80158daec17c8e29146d1d1c31e
df15236d4098113e3479fc540a9bd1046ca6029f5508098e9c4245a0e12fab05
e00b6494ed1f20fd79d438233767307905c04d6da43a9dfa72623b3dff435931
e0af4ed368c1e4e168b14916ed2c851b5e30393d0aae6927cd4022cbe9d46f2d
e0e52fe07e3f126ede57a06809d9550356bc9c34a0e0cf2c70206022f5e1dba9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5dc31e395e9ba0e7a32323c76212a27ca6321dc0e78c2f7e0e504d8de1ef010
e62a33aa8ce3b6670e2e0dac0f116ca4732b389be4d7033ffbb499b481554683
e6f5639cc492b5942a131857178bb91d5b901c8c7c7b38c8a7442ce969a66a97
e913699c81ef24d6eefbf5e3a66dcc21b6668211b4f77442c8f302144d8f8357
eacf80a59970025a895879880b174f7ecca299b6de4ff8cc23d1a9a415e483f5
eb1944d8be76f4a4b163d1d93f9e0d5c4fec0ae1e78f3abb03cd959ecde277a2
eb51506c619bb5ea0d447dc5a08683c9b73ecbe1e65dce794674622cd2e56f58
eb72596ff941865104cb4a616de0342bffae3ed2b43873aeb940d3d32d7aab32
ee013a777bad8f043c20fe4551913efc95ac398751c32c367d171737bc338dd0
ee86e1e2c98eb558a992424ff0a559d008a43013a6b8bdc4305c39daa2bac594
ef0ad40fa45b9dc51f10ab7194105007b2f5cd260e7990ceaf27e51583ade9bd
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef97fc267aeec903e7663ad7cee3f64c55faf9ef03a6b0a8364401361fcf0222
f09593a5c4b13894ea7f0a65c055c35d2acd4a3168573d6566627cfc48bf1c0a
f1e0ed146b5c1cf0c09e8a27654a870e6f6f347ccca3926ba810f66cadc4429e
f230538018f9156f925bd667c6ac4f437ae4541b9d421424728592d359b499c8
f623564c53c2e08780c064012cfbdbde0a80ee56816f4d5d3d52c46ed285cb95
f7485e293d4aa2733983180b494810000dc3b99dd87e1b695f09af5503c85428
f8284365ba340253ee9c71cfb5efcc37f10a23e8b8b5dd134ec7bbab05073845
f83f76df011834495b7b1ee6077815feae857dc551fbfe552c0a15e0a49531f9
f9dddc41a018487e3037b7ea33a12624a61028bdaa8f818f8343cca944ede7de
fa79b39de9e8642d83b281055cb5c154d6f6bac1308c216887dbb306ac3cabb8
fab024d8514198a87a2ff27556f4912d2315614babc16994af700702b4935e27
fc6fc86fc7d7d99f2caeeec7793c328aa2119c668b5e4df580da7f694077f684
fd8daa9185ee21208eec36103b532a995a7eb635e1b696cf384fb0392f0d40f6