www.blueillusion.com Open in urlscan Pro
104.22.17.186 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://blue-il.co/lt0S
Effective URL:
https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO
Submission: On September 23 via manual (September 23rd 2022, 7:42:09 pm UTC) from AU — Scanned from AU

Summary HTTP 209 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 55 IPs in 10 countries across 53 domains to perform 209 HTTP transactions. The main IP is 104.22.17.186, located in and belongs to CLOUDFLARENET, US. The main domain is www.blueillusion.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on November 19th 2021. Valid for: a year.

This is the only time www.blueillusion.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	52.62.2.200 52.62.2.200	16509 (AMAZON-02) (AMAZON-02)
1 1	52.64.18.187 52.64.18.187	16509 (AMAZON-02) (AMAZON-02)
64	104.22.17.186 104.22.17.186	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	182.161.73.129 182.161.73.129	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
3	151.101.2.133 151.101.2.133	54113 (FASTLY) (FASTLY)
1	104.19.148.8 104.19.148.8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	74.125.200.113 74.125.200.113	15169 (GOOGLE) (GOOGLE)
1	172.253.118.97 172.253.118.97	15169 (GOOGLE) (GOOGLE)
2	151.101.66.133 151.101.66.133	54113 (FASTLY) (FASTLY)
1 1	104.16.107.139 104.16.107.139	13335 (CLOUDFLAR...) (CLOUDFLARENET)
18	104.18.72.113 104.18.72.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6 8	182.161.73.136 182.161.73.136	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
2	104.18.70.113 104.18.70.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	157.240.235.1 157.240.235.1	32934 (FACEBOOK) (FACEBOOK)
1 2	40.82.218.196 40.82.218.196	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	151.101.128.233 151.101.128.233	54113 (FASTLY) (FASTLY)
1	13.227.254.49 13.227.254.49	16509 (AMAZON-02) (AMAZON-02)
2	13.107.246.59 13.107.246.59	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
7	23.207.36.192 23.207.36.192	16625 (AKAMAI-AS) (AKAMAI-AS)
7	182.161.73.146 182.161.73.146	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
2	142.251.10.156 142.251.10.156	15169 (GOOGLE) (GOOGLE)
2	142.251.10.147 142.251.10.147	15169 (GOOGLE) (GOOGLE)
2	172.253.118.94 172.253.118.94	15169 (GOOGLE) (GOOGLE)
4	104.16.51.111 104.16.51.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	99.81.145.251 99.81.145.251	16509 (AMAZON-02) (AMAZON-02)
4	40.76.174.66 40.76.174.66	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	157.240.235.35 157.240.235.35	32934 (FACEBOOK) (FACEBOOK)
4	13.224.250.108 13.224.250.108	16509 (AMAZON-02) (AMAZON-02)
1	52.84.251.17 52.84.251.17	16509 (AMAZON-02) (AMAZON-02)
2	13.224.250.28 13.224.250.28	16509 (AMAZON-02) (AMAZON-02)
1	142.251.10.94 142.251.10.94	15169 (GOOGLE) (GOOGLE)
1 2	52.231.207.240 52.231.207.240	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	204.79.197.200 204.79.197.200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 3	35.213.12.39 35.213.12.39	15169 (GOOGLE) (GOOGLE)
6 6	142.251.12.154 142.251.12.154	15169 (GOOGLE) (GOOGLE)
3 3	104.254.151.36 104.254.151.36	29990 (ASN-APPNEX) (ASN-APPNEX)
1 3	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 4	13.228.202.61 13.228.202.61	16509 (AMAZON-02) (AMAZON-02)
2	23.207.36.20 23.207.36.20	16625 (AKAMAI-AS) (AKAMAI-AS)
2	18.195.149.35 18.195.149.35	16509 (AMAZON-02) (AMAZON-02)
2	66.225.223.159 66.225.223.159	3949 (NTTA-3946) (NTTA-3946)
2	103.231.98.194 103.231.98.194	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	69.173.158.64 69.173.158.64	26667 (RUBICONPR...) (RUBICONPROJECT)
2	54.255.75.208 54.255.75.208	16509 (AMAZON-02) (AMAZON-02)
2	23.106.127.53 23.106.127.53	59253 (LEASEWEB-...) (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd.)
2	141.226.229.48 141.226.229.48	200478 (TABOOLA-AS) (TABOOLA-AS)
2	23.50.119.72 23.50.119.72	16625 (AKAMAI-AS) (AKAMAI-AS)
1 3	35.71.178.8 35.71.178.8	16509 (AMAZON-02) (AMAZON-02)
1 3	52.74.13.196 52.74.13.196	16509 (AMAZON-02) (AMAZON-02)
4	104.76.133.249 104.76.133.249	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	124.146.215.2 124.146.215.2	2514 (INFOSPHER...) (INFOSPHERE NTT PC Communications)
2	124.146.215.49 124.146.215.49	2514 (INFOSPHER...) (INFOSPHERE NTT PC Communications)
2	23.207.37.206 23.207.37.206	16625 (AKAMAI-AS) (AKAMAI-AS)
2	13.125.31.135 13.125.31.135	16509 (AMAZON-02) (AMAZON-02)
2	54.248.114.10 54.248.114.10	16509 (AMAZON-02) (AMAZON-02)
4	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
1 3	13.227.254.99 13.227.254.99	16509 (AMAZON-02) (AMAZON-02)
2	23.50.117.203 23.50.117.203	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 2	103.254.153.160 103.254.153.160	59253 (LEASEWEB-...) (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd.)
2	104.26.4.103 104.26.4.103	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	52.77.191.160 52.77.191.160	16509 (AMAZON-02) (AMAZON-02)
2	52.11.93.130 52.11.93.130	16509 (AMAZON-02) (AMAZON-02)
209	55

1 52.62.2.200 (Sydney, Australia) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-62-2-200.ap-southeast-2.compute.amazonaws.com

blue-il.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.64.18.187 (Sydney, Australia) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-64-18-187.ap-southeast-2.compute.amazonaws.com

view.tallbob.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

64 104.22.17.186 (None, )

ASN13335 (CLOUDFLARENET, US)

www.blueillusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 182.161.73.129 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.2.133 (United States)

ASN54113 (FASTLY, US)

static.klaviyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.148.8 (None, )

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 74.125.200.113 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f113.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.118.97 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.66.133 (United States)

ASN54113 (FASTLY, US)

static-tracking.klaviyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.107.139 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

v2.zopim.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 104.18.72.113 (None, )

ASN13335 (CLOUDFLARENET, US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 182.161.73.136 (Singapore) 6 redirects

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.70.113 (None, )

ASN13335 (CLOUDFLARENET, US)

ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.235.1 (Singapore, Singapore)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-04-sin6.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 40.82.218.196 (Sydney, Australia) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: commissionfactory.com

t.cfjump.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cfjump.blueillusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.128.233 (United States)

ASN54113 (FASTLY, US)

td.yieldify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
custom.yieldify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.227.254.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-254-49.sin52.r.cloudfront.net

tag.lexer.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.107.246.59 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 23.207.36.192 (Jakarta, Indonesia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-207-36-192.deploy.static.akamaitechnologies.com

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 182.161.73.146 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.10.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f156.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.10.147 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f147.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.253.118.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f94.1e100.net

www.google.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.16.51.111 (None, )

ASN13335 (CLOUDFLARENET, US)

blueillusionhelp.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.81.145.251 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-145-251.eu-west-1.compute.amazonaws.com

v2.dc.yieldify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 40.76.174.66 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

d.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 157.240.235.35 (Singapore, Singapore)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-04-sin6.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.224.250.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-250-108.sin52.r.cloudfront.net

assets-v2.yieldify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.84.251.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-251-17.sin5.r.cloudfront.net

assets.yieldify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.250.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-250-28.sin52.r.cloudfront.net

fonts.yieldify-production.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.10.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.231.207.240 (Busan, Korea, Republic Of) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 204.79.197.200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: a-0001.a-msedge.net

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.213.12.39 (Tokyo, Japan) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.251.12.154 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: se-in-f154.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.254.151.36 (Los Angeles, United States) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.19.126 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.228.202.61 (Singapore, Singapore) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-228-202-61.ap-southeast-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.207.36.20 (Jakarta, Indonesia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-207-36-20.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.195.149.35 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-149-35.eu-central-1.compute.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 66.225.223.159 (Sacramento, United States)

ASN3949 (NTTA-3946, US)
PTR: sa.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.231.98.194 (Japan)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.158.64 (Singapore, Singapore)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.255.75.208 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-255-75-208.ap-southeast-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.106.127.53 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.226.229.48 (Singapore)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.50.119.72 (Jakarta, Indonesia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-50-119-72.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.71.178.8 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ade9ecc7904667038.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.74.13.196 (Singapore, Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-13-196.ap-southeast-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.76.133.249 (Central, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a104-76-133-249.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 124.146.215.2 (Japan) 1 redirects

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)

adgen.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 124.146.215.49 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)

tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.207.37.206 (Jakarta, Indonesia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-207-37-206.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.125.31.135 (Korea, Republic Of)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-125-31-135.ap-northeast-2.compute.amazonaws.com

adx.dable.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.248.114.10 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-248-114-10.ap-northeast-1.compute.amazonaws.com

cs.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.227.254.99 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-227-254-99.sin52.r.cloudfront.net

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.50.117.203 (Jakarta, Indonesia)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-50-117-203.deploy.static.akamaitechnologies.com

ade.clmbtech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.254.153.160 (Singapore, Singapore) 2 redirects

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)

sync.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.26.4.103 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.aralego.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.77.191.160 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-77-191-160.ap-southeast-1.compute.amazonaws.com

sync-criteo.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.11.93.130 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-11-93-130.us-west-2.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
65	blueillusion.com www.blueillusion.com cfjump.blueillusion.com	2 MB
20	zdassets.com static.zdassets.com — Cisco Umbrella Rank: 1991 ekr.zdassets.com — Cisco Umbrella Rank: 2249	869 KB
15	criteo.com 6 redirects gum.criteo.com — Cisco Umbrella Rank: 406 sslwidget.criteo.com — Cisco Umbrella Rank: 1922 dis.criteo.com — Cisco Umbrella Rank: 688	19 KB
10	yieldify.com td.yieldify.com — Cisco Umbrella Rank: 23509 custom.yieldify.com — Cisco Umbrella Rank: 30267 v2.dc.yieldify.com — Cisco Umbrella Rank: 17886 assets-v2.yieldify.com — Cisco Umbrella Rank: 52033 assets.yieldify.com — Cisco Umbrella Rank: 91335	369 KB
8	doubleclick.net 6 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 79 cm.g.doubleclick.net — Cisco Umbrella Rank: 210	2 KB
8	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 557 d.clarity.ms — Cisco Umbrella Rank: 5189 c.clarity.ms — Cisco Umbrella Rank: 998	27 KB
7	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	42 KB
5	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 861	3 KB
5	klaviyo.com static.klaviyo.com — Cisco Umbrella Rank: 3605 static-tracking.klaviyo.com — Cisco Umbrella Rank: 4391	39 KB
4	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 331	629 B
4	socdm.com 1 redirects adgen.socdm.com — Cisco Umbrella Rank: 17925 tg.socdm.com — Cisco Umbrella Rank: 1085	3 KB
4	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 1581	2 KB
4	360yield.com 2 redirects ad.360yield.com — Cisco Umbrella Rank: 683	2 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	252 B
4	zendesk.com blueillusionhelp.zendesk.com	3 KB
3	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 696	1 KB
3	yahoo.com 1 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 287	819 B
3	3lift.com 1 redirects eb2.3lift.com — Cisco Umbrella Rank: 407	1 KB
3	casalemedia.com 1 redirects r.casalemedia.com — Cisco Umbrella Rank: 849	3 KB
3	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 228	3 KB
3	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 301	2 KB
2	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 513	675 B
2	yieldmo.com sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 2185	935 B
2	aralego.net cdn.aralego.net — Cisco Umbrella Rank: 9047	1 KB
2	aralego.com 2 redirects sync.aralego.com — Cisco Umbrella Rank: 3193	1004 B
2	clmbtech.com ade.clmbtech.com — Cisco Umbrella Rank: 2893	560 B
2	adingo.jp cs.adingo.jp — Cisco Umbrella Rank: 3343	825 B
2	dable.io adx.dable.io — Cisco Umbrella Rank: 15772	281 B
2	bluekai.com tags.bluekai.com — Cisco Umbrella Rank: 511	1 KB
2	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 1712	458 B
2	taboola.com sync-t1.taboola.com — Cisco Umbrella Rank: 1309	461 B
2	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 649	1 KB
2	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 549	559 B
2	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 335	2 KB
2	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 690	675 B
2	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 823	453 B
2	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1283	2 KB
2	media.net contextual.media.net — Cisco Umbrella Rank: 559	2 KB
2	yieldify-production.com fonts.yieldify-production.com — Cisco Umbrella Rank: 49067	391 KB
2	google.com.au www.google.com.au — Cisco Umbrella Rank: 24554	608 B
2	google.com www.google.com — Cisco Umbrella Rank: 2	608 B
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 763	20 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 152	111 KB
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 673	28 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 220	739 B
1	gstatic.com fonts.gstatic.com	7 KB
1	lexer.io tag.lexer.io — Cisco Umbrella Rank: 109630	4 KB
1	cfjump.com 1 redirects t.cfjump.com — Cisco Umbrella Rank: 75952	194 B
1	zopim.com 1 redirects v2.zopim.com — Cisco Umbrella Rank: 9499	206 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	70 KB
1	crazyegg.com script.crazyegg.com — Cisco Umbrella Rank: 1729
1	tallbob.com 1 redirects view.tallbob.com	2 KB
1	blue-il.co 1 redirects blue-il.co	1 KB
209	53

	Domain	Requested by
64	www.blueillusion.com	www.blueillusion.com www.googletagmanager.com custom.yieldify.com
18	static.zdassets.com	www.blueillusion.com www.googletagmanager.com v2.zopim.com static.zdassets.com
8	gum.criteo.com	6 redirects static.criteo.net gum.criteo.com
7	www.google-analytics.com	www.blueillusion.com www.google-analytics.com www.googletagmanager.com
6	cm.g.doubleclick.net	6 redirects
5	dis.criteo.com
5	ct.pinterest.com	s.pinimg.com www.blueillusion.com
4	idsync.rlcdn.com	www.blueillusion.com
4	ad.yieldlab.net	www.blueillusion.com
4	ad.360yield.com	2 redirects
4	assets-v2.yieldify.com	www.blueillusion.com
4	www.facebook.com	www.blueillusion.com
4	d.clarity.ms	www.clarity.ms
4	blueillusionhelp.zendesk.com	static.zdassets.com
3	s.ad.smaato.net	1 redirects www.blueillusion.com
3	ups.analytics.yahoo.com	1 redirects www.blueillusion.com
3	eb2.3lift.com	1 redirects www.blueillusion.com
3	r.casalemedia.com	1 redirects www.blueillusion.com
3	ib.adnxs.com	3 redirects
3	x.bidswitch.net	1 redirects www.blueillusion.com
3	td.yieldify.com	www.blueillusion.com td.yieldify.com
3	static.klaviyo.com	www.blueillusion.com static.klaviyo.com
2	beacon.krxd.net
2	sync-criteo.ads.yieldmo.com	www.blueillusion.com
2	cdn.aralego.net
2	sync.aralego.com	2 redirects
2	ade.clmbtech.com	www.blueillusion.com
2	cs.adingo.jp	www.blueillusion.com
2	adx.dable.io	www.blueillusion.com
2	tags.bluekai.com
2	tg.socdm.com	www.blueillusion.com
2	adgen.socdm.com	1 redirects
2	criteo-sync.teads.tv	www.blueillusion.com
2	sync-t1.taboola.com	www.blueillusion.com
2	rtb-csync.smartadserver.com	www.blueillusion.com
2	match.sharethrough.com	www.blueillusion.com
2	pixel.rubiconproject.com	www.blueillusion.com
2	simage2.pubmatic.com	www.blueillusion.com
2	sync.outbrain.com	www.blueillusion.com
2	exchange.mediavine.com	www.blueillusion.com
2	contextual.media.net	www.blueillusion.com
2	c.clarity.ms	1 redirects
2	fonts.yieldify-production.com	www.blueillusion.com
2	www.google.com.au	www.blueillusion.com
2	www.google.com	www.blueillusion.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	sslwidget.criteo.com	static.criteo.net
2	s.pinimg.com	www.googletagmanager.com s.pinimg.com
2	www.clarity.ms	www.blueillusion.com www.clarity.ms
2	connect.facebook.net	www.blueillusion.com connect.facebook.net
2	ekr.zdassets.com	v2.zopim.com static.zdassets.com
2	static-tracking.klaviyo.com	static.klaviyo.com
2	static.criteo.net	www.blueillusion.com www.googletagmanager.com
1	c.bing.com	1 redirects
1	fonts.gstatic.com	www.blueillusion.com
1	assets.yieldify.com	www.blueillusion.com
1	v2.dc.yieldify.com	td.yieldify.com
1	custom.yieldify.com	td.yieldify.com
1	tag.lexer.io	www.googletagmanager.com
1	cfjump.blueillusion.com	www.blueillusion.com
1	t.cfjump.com	1 redirects
1	v2.zopim.com	1 redirects
1	www.googletagmanager.com	www.blueillusion.com
1	script.crazyegg.com	www.blueillusion.com
1	view.tallbob.com	1 redirects
1	blue-il.co	1 redirects
209	66

This site contains links to these domains. Also see Links.

Domain
blueillusionhelp.zendesk.com
magazine.blueillusion.com
www.instagram.com
www.facebook.com
www.youtube.com
upparel.com.au
www.estaronline.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-11-19` - `2022-11-18`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-01` - `2022-11-30`	3 months	crt.sh
static.klaviyo.com R3	`2022-09-20` - `2022-12-19`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
static-tracking.klaviyo.com R3	`2022-07-30` - `2022-10-28`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-27` - `2022-11-22`	3 months	crt.sh
ssl1036557.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2022-06-08` - `2022-12-15`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-07-03` - `2022-10-01`	3 months	crt.sh
*.yieldify.com GlobalSign Atlas R3 DV TLS CA 2022 Q1	`2022-01-24` - `2023-02-25`	a year	crt.sh
*.lexer.io Amazon	`2022-04-12` - `2023-05-11`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-02-27` - `2023-02-27`	a year	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-01` - `2023-08-08`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.google.com.au GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
blueillusionhelp.zendesk.com Cloudflare Inc ECC CA-3	`2022-05-10` - `2023-05-10`	a year	crt.sh
*.yieldify-production.com Amazon	`2022-03-30` - `2023-04-27`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 02	`2022-06-07` - `2023-06-02`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2022-02-20` - `2023-02-22`	a year	crt.sh
exchange.mediavine.com Amazon	`2022-07-06` - `2023-08-04`	a year	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2021-10-24` - `2022-11-24`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.sharethrough.com Amazon	`2021-11-25` - `2022-12-22`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
*.taboola.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
teads.tv R3	`2022-08-17` - `2022-11-15`	3 months	crt.sh
*.yieldlab.net DigiCert SHA2 Secure Server CA	`2022-01-14` - `2023-01-13`	a year	crt.sh
*.socdm.com GlobalSign RSA OV SSL CA 2018	`2022-05-24` - `2023-06-25`	a year	crt.sh
*.dable.io Amazon	`2022-06-26` - `2023-07-25`	a year	crt.sh
*.adingo.jp DigiCert TLS RSA SHA256 2020 CA1	`2022-04-06` - `2023-04-14`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
colombiaonline.com R3	`2022-08-23` - `2022-11-21`	3 months	crt.sh
*.ads.yieldmo.com Amazon	`2022-04-25` - `2023-05-24`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-05` - `2023-05-04`	a year	crt.sh
*.3lift.com Amazon	`2022-05-13` - `2023-06-11`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-08-24` - `2023-02-15`	6 months	crt.sh
s.ad.smaato.net Amazon	`2022-08-22` - `2023-09-20`	a year	crt.sh

This page contains 11 frames:

Primary Page: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO
Frame ID: CB17F51EBC8892D95216DF4E45E6D761
Requests: 122 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.blueillusion.com&origin=onetag
Frame ID: 249C068D9A03946BDD2BCC4A32B54322
Requests: 2 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/latest/web-widget-framework-401beb9ea3bd83e9b796.js
Frame ID: F6B0E72F0B01189B720E5D16ED59305F
Requests: 10 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/latest/web-widget-framework-401beb9ea3bd83e9b796.js
Frame ID: 7AA93C35E101476DF8C68013B48C26C9
Requests: 10 HTTP requests in this frame

Frame: https://td.yieldify.com/0.0.1/tag/1.294.0/main.html
Frame ID: 69F2FEA236E3A6A12383A87243383F25
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: E0EB75B5C1CAE1440AED98A0D472AA8C
Requests: 1 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: FC42896B2799525BF20531ECCCD637BE
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/?id=1796750030595432&ev=Search&cd[content_type]=product&cd[content_ids]=%5B%228505905407556101502%22%2C%222865543867647252930%22%2C%2285622526125653531%22%5D&cd[product_catalog_id]=1702524693402780&cd[product_category]=0&cd[criteo_audience_3_0]=B3&cd[external_id]=861166d7-84c8-4eff-a56c-5dca4daca1f8&cd[application_id]=423936147658676
Frame ID: C7E5DE0D405F496FD12D26B3708127E5
Requests: 1 HTTP requests in this frame

Frame: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-O5L_qHh6SWaQ1U7Yu67U_wNDvqbnjHVvB5T8uQ&expires=30
Frame ID: E116D519657BDF8E71181E7EB03ABAEA
Requests: 30 HTTP requests in this frame

Frame: https://www.facebook.com/tr/?id=1796750030595432&ev=Search&cd[content_type]=product&cd[content_ids]=%5B%228505905407556101502%22%2C%222865543867647252930%22%2C%2285622526125653531%22%5D&cd[product_catalog_id]=1702524693402780&cd[product_category]=0&cd[criteo_audience_3_0]=B3&cd[external_id]=861166d7-84c8-4eff-a56c-5dca4daca1f8&cd[application_id]=423936147658676
Frame ID: AABE1D563D1F3DC61A9334C5AC227A25
Requests: 1 HTTP requests in this frame

Frame: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-O5L_qHh6SWaQ1U7Yu67U_wNDvqbnjHVvB5T8uQ&expires=30
Frame ID: E31627E8FB03BDFBA94EA35468DB1395
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

SALE | Shop Online | Blue Illusion

Page URL History Show full URLs

http://blue-il.co/lt0S HTTP 302
https://view.tallbob.com/video/watch_now/POkFQP6QKrf5zbgV7GCvE7VqklyiiW~ytA7FrHqlKh0-/sMaHDnJXmY9W.YG... HTTP 302
https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO Page URL

Detected technologies

CodeIgniter (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

RequireJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

require.*\.js

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

script\.crazyegg\.com/pages/scripts/\d+/\d+\.js

Criteo (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

//static\.criteo\.net/js/ld/ld\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Klaviyo (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

klaviyo\.com

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

209
Requests

89 %
HTTPS

0 %
IPv6

53
Domains

66
Subdomains

55
IPs

10
Countries

3623 kB
Transfer

8084 kB
Size

78
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://blueillusionhelp.zendesk.com/hc/en-us/articles/5502640240527-Delivery-Update
Title: Learn More

Search URL Search Domain Scan URL

URL: https://blueillusionhelp.zendesk.com/hc/en-us/articles/360001524456-Contact-us
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://blueillusionhelp.zendesk.com/hc/en-us/sections/200794319-Delivery-Shipping
Title: FREE SHIPPING OVER $150*

Search URL Search Domain Scan URL

URL: https://blueillusionhelp.zendesk.com/hc/en-us/sections/200794309-Returns-Exchanges
Title: Easy returns

Search URL Search Domain Scan URL

URL: https://magazine.blueillusion.com/issue-49

Search URL Search Domain Scan URL

URL: https://www.instagram.com/blue.illusion/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/blueillusion

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/blueillusionfilm

Search URL Search Domain Scan URL

URL: https://blueillusionhelp.zendesk.com/hc/en-us
Title: Help | Contact Us

Search URL Search Domain Scan URL

URL: https://blueillusionhelp.zendesk.com/hc/en-us/articles/360001609636-COVID-19-Information
Title: COVID-19 Update

Search URL Search Domain Scan URL

URL: https://upparel.com.au/blue-illusion/
Title: Upparel

Search URL Search Domain Scan URL

URL: http://www.estaronline.com/clients/2815
Title: eCommerce Solution by eStar

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://blue-il.co/lt0S HTTP 302
https://view.tallbob.com/video/watch_now/POkFQP6QKrf5zbgV7GCvE7VqklyiiW~ytA7FrHqlKh0-/sMaHDnJXmY9W.YGYvtdPOA4KG7jh7RWU6VtFKOaJpVlnVsDuuzBIiSgp2ixYQOqx37TT8WxCAqJHBA5BY7f81A--/zd4WvUtDopnKVTze12Mlu52UoMHfeUgkEAjew8cGdzfiEgK98kD0W0kHZoNqqPwwBo7Cph2igOKEmbr1BTUo5A--/QB29TWNYxRuJjf9LrsJJOTiyxYern1IoICRwhr4DLIi8k4sqVoUiFg6zMz6rGDaaq1uRvzF0zgFv2aLEyeYQtA--/nIwky6G3F~F9iLZrNb5nYLVGP9e.~U21qWTzjgQgTgI-/g7HOYsjbqlY6Bcs2BkmtHeHtRA34gL2ycbBdzuKnLZ4-/25c2d08c27a737c675c242af7944119f HTTP 302
https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 61

https://v2.zopim.com/?3IkR8QQkqj2r7j2FAMHt2RrZhUXkexMa HTTP 302
https://static.zdassets.com/ekr/asset_composer.js

Request Chain 77

https://t.cfjump.com/tag/67931 HTTP 302
https://cfjump.blueillusion.com/tag/67931

Request Chain 130

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=BF9852C460DF45FD81AA2E6833B2B237&RedC=c.clarity.ms&MXFR=143A9DFE30AB6AFA0CA38FD634AB64DF HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=BF9852C460DF45FD81AA2E6833B2B237&MUID=25DCE1A0666062220175F388678A639D

Request Chain 134

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-O5L_qHh6SWaQ1U7Yu67U_wNDvqbnjHVvB5T8uQ&expires=30 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-O5L_qHh6SWaQ1U7Yu67U_wNDvqbnjHVvB5T8uQ&expires=30

Request Chain 135

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-R-xXsHh6SWaQ1U7Yu67U_wNDvqZ57p1bpKXweQ&google_cm&google_hm=ay1SLXhYc0hoNlNXYVExVTdZdTY3VV93TkR2cVo1N3AxYnBLWHdlUQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-R-xXsHh6SWaQ1U7Yu67U_wNDvqZ57p1bpKXweQ&google_cm=&google_hm=ay1SLXhYc0hoNlNXYVExVTdZdTY3VV93TkR2cVo1N3AxYnBLWHdlUQ&google_tc= HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-R-xXsHh6SWaQ1U7Yu67U_wNDvqZ57p1bpKXweQ&google_gid=CAESELmzahakciZ71biTE6d7tH8&google_cver=1&google_ula=913071,0

Request Chain 136

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=8694170598883745787

Request Chain 137

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-wsZ7fnh6SWaQ1U7Yu67U_wNDvqaD9EuvI6fn8g HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-wsZ7fnh6SWaQ1U7Yu67U_wNDvqaD9EuvI6fn8g&C=1

Request Chain 138

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-gubO73h6SWaQ1U7Yu67U_wNDvqbXsEHLqc72_A HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-gubO73h6SWaQ1U7Yu67U_wNDvqbXsEHLqc72_A

Request Chain 148

https://eb2.3lift.com/xuid?mid=2711&xuid=k-ntHn4nh6SWaQ1U7Yu67U_wNDvqbWw29bhhuq_g&dongle=013b HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-ntHn4nh6SWaQ1U7Yu67U_wNDvqbWw29bhhuq_g&dongle=013b&gdpr=0&cmp_cs=&us_privacy=

Request Chain 149

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-kbYwV3h6SWaQ1U7Yu67U_wNDvqadjXGHNrxTXg HTTP 302
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-kbYwV3h6SWaQ1U7Yu67U_wNDvqadjXGHNrxTXg&verify=true

Request Chain 153

https://gum.criteo.com/sync?c=4&r=1&a=1&u=https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=%40USERID%40 HTTP 302
https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=5dORYn9T7DMr8d0IaRT_zbUalPuJTH2z

Request Chain 157

https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-vTgR-3h6SWaQ1U7Yu67U_wNDvqZ-SDope3mxxQ HTTP 302
https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-vTgR-3h6SWaQ1U7Yu67U_wNDvqZ-SDope3mxxQ&cookieCheck=1

Request Chain 159

https://sync.aralego.com/idSync/?ucf_nid=dsp-833DD22BEB97673FB4E8B8DBB882B99&ucf_user_id=k-JX-lUXh6SWaQ1U7Yu67U_wNDvqaSX94kXZy4Dw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ucfunnel&google_hm=YjFiMWE5ZWItYzI2YS0zOWNiLTg2ZWMtMGNmNWUwMThjZWMw&google_redir=https%3A%2F%2Fcdn.aralego.net%2Fimg%2F1x1.png HTTP 302
https://cdn.aralego.net/img/1x1.png

Request Chain 168

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-R-xXsHh6SWaQ1U7Yu67U_wNDvqZ57p1bpKXweQ&google_cm&google_hm=ay1SLXhYc0hoNlNXYVExVTdZdTY3VV93TkR2cVo1N3AxYnBLWHdlUQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-R-xXsHh6SWaQ1U7Yu67U_wNDvqZ57p1bpKXweQ&google_cm=&google_hm=ay1SLXhYc0hoNlNXYVExVTdZdTY3VV93TkR2cVo1N3AxYnBLWHdlUQ&google_tc= HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-R-xXsHh6SWaQ1U7Yu67U_wNDvqZ57p1bpKXweQ&google_gid=CAESEBppO68_WNvsbo_3Ib8uWVk&google_cver=1&google_ula=913071,0

Request Chain 169

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=8694170598883745787

Request Chain 171

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-gubO73h6SWaQ1U7Yu67U_wNDvqbXsEHLqc72_A HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-gubO73h6SWaQ1U7Yu67U_wNDvqbXsEHLqc72_A

Request Chain 184

https://adgen.socdm.com/rtb/sync?proto=adgen&dspid=23 HTTP 302
https://dis.criteo.com/dis/rtb/adgeneration/cookiematch.aspx?maid=Yy4MDMCo8XcAAFprG30AAAAA

Request Chain 186

https://gum.criteo.com/sync?c=4&r=1&a=1&u=https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=%40USERID%40 HTTP 302
https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=fsjbx-ENM4az1uV8WW5CSxF0hwjofv4m

Request Chain 192

https://sync.aralego.com/idSync/?ucf_nid=dsp-833DD22BEB97673FB4E8B8DBB882B99&ucf_user_id=k-JX-lUXh6SWaQ1U7Yu67U_wNDvqaSX94kXZy4Dw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ucfunnel&google_hm=YjFiMWE5ZWItYzI2YS0zOWNiLTg2ZWMtMGNmNWUwMThjZWMw&google_redir=https%3A%2F%2Fcdn.aralego.net%2Fimg%2F1x1.png HTTP 302
https://cdn.aralego.net/img/1x1.png

Request Chain 198

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=54nWtBH32jFbrxeCvc1PLozR4bcMBxAJ

Request Chain 199

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=HkrF-i9OItvpFJUE7mICbANzM30PyiQM

Request Chain 204

https://gum.criteo.com/sync?c=6&r=1&k=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40 HTTP 302
https://idsync.rlcdn.com/397596.gif?partner_uid=D6PU9piTIykrOjguQyYpYNNYbJLycADg

Request Chain 205

https://gum.criteo.com/sync?c=6&r=1&k=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40 HTTP 302
https://idsync.rlcdn.com/397596.gif?partner_uid=w5mBPoYR0jJ-hPEy8-HZSWr1iB0s-2CB

209 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request sale Show response
www.blueillusion.com/
Redirect Chain

http://blue-il.co/lt0S
https://view.tallbob.com/video/watch_now/POkFQP6QKrf5zbgV7GCvE7VqklyiiW~ytA7FrHqlKh0-/sMaHDnJXmY9W.YGYvtdPOA4KG7jh7RWU6VtFKOaJpVlnVsDuuzBIiSgp2ixYQOqx37TT8WxCAqJHBA5BY7f81A--/zd4WvUtDopnKVTze12Mlu5...
https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO

143 KB
20 KB

600ms
387ms

Document
text/html

104.22.17.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.17.186 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89687591af20287276c1c2bfd328ed816eeb2bcd0d302b8fdf054245eb1a4041

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	NOSNIFF
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 74f5c2c64fdadf8d-MEL
content-encoding: gzip
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
content-type: text/html; charset=utf-8
date: Fri, 23 Sep 2022 19:41:58 GMT
server: cloudflare
strict-transport-security: max-age=15552000
x-content-type-options: NOSNIFF
x-frame-options: SAMEORIGIN
x-xss-protection: 1

Redirect headers

cache-control: no-store, no-cache, must-revalidate
content-type: text/html; charset=UTF-8
date: Fri, 23 Sep 2022 19:41:57 GMT
expires: -1
last-modified: Fri, 23 Sep 2022 19:41:57 GMT
location: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO
pragma: no-cache
server: Apache
strict-transport-security: max-age=63072000; includeSubdomains;
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 ld.js Show response
static.criteo.net/js/ld/ 42 KB
14 KB 515ms
171ms Script
text/javascript 182.161.73.129
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/ld.js

Requested by

Host: www.blueillusion.com
URL: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

561c579d66ced3002754404f18100a5b84c2b6fb62ad20dbc9d0c290a65ac712

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.blueillusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:41:59 GMT
content-encoding: gzip
last-modified: Thu, 25 Aug 2022 11:02:07 GMT
server: nginx
etag: W/"630756af-a8d9"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 24 Sep 2022 19:41:59 GMT

GET
H2 200 klaviyo.js Show response
static.klaviyo.com/onsite/js/ 2 KB
1 KB 268ms
86ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=RVwmQH
Requested by: Host: www.blueillusion.com
URL: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 001830bef80f752fdff86e9c4b1c3352ef31604b397cc632ef7dae1c5601cccc

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.blueillusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:41:58 GMT
content-encoding: gzip
age: 1210
x-cache: HIT, HIT
access-control-max-age: 86400
content-length: 920
x-served-by: cache-lga21920-LGA, cache-mel11246-MEL
access-control-allow-origin: *
allow: GET, OPTIONS
server: nginx
x-timer: S1663962119.804575,VS0,VE1
etag: W/"bd7830608b97f9775cee0102b8e07c2c"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=1, stale-while-revalidate=10800
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers
x-cache-hits: 1, 1

GET
H2 410 8856.js
script.crazyegg.com/pages/scripts/0068/ 0
0 307ms
104ms Script
application/javascript 104.19.148.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0068/8856.js
Requested by: Host: www.blueillusion.com
URL: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.148.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.blueillusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:41:58 GMT
cf-cache-status: HIT
last-modified: Fri, 23 Sep 2022 13:17:13 GMT
server: cloudflare
age: 23085
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400, s-maxage=86400
cf-ray: 74f5c2cb69c517cf-MEL
content-length: 0

GET
H2 200 custom-tracking.js Show response
www.blueillusion.com/Assets/ 14 KB
4 KB 109ms
108ms Script
application/javascript 104.22.17.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blueillusion.com/Assets/custom-tracking.js

Requested by

Host: www.blueillusion.com
URL: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.17.186 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79a5a3589b73776b5a034ef8064b3b46eaf2db44ffdd6989fc207b254673559c

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	NOSNIFF
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:41:58 GMT
content-encoding: gzip
x-content-type-options: NOSNIFF
cf-cache-status: HIT
age: 1159
vary: Accept-Encoding
x-xss-protection: 1
last-modified: Tue, 19 Jul 2022 22:26:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"88c88c87be9bd81:0"
strict-transport-security: max-age=15552000
content-type: application/javascript
cache-control: max-age=14400
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
cf-ray: 74f5c2c9693fdf8d-MEL

GET
H2 200 store_637939095619953556.min.css
www.blueillusion.com/Assets/ 174 KB
28 KB 120ms
119ms Stylesheet
text/css 104.22.17.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blueillusion.com/Assets/store_637939095619953556.min.css

Requested by

Host: www.blueillusion.com
URL: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.17.186 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b811c0359a12866f2c8d635e47ecb255110961faffe22e09593ead4343025fc

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	NOSNIFF
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:41:58 GMT
content-encoding: gzip
x-content-type-options: NOSNIFF
cf-cache-status: HIT
age: 1172
vary: Accept-Encoding
x-xss-protection: 1
last-modified: Tue, 19 Jul 2022 22:26:34 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"1d287e9abe9bd81:0"
strict-transport-security: max-age=15552000
content-type: text/css
cache-control: max-age=14400
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
cf-ray: 74f5c2c9693cdf8d-MEL

GET
H2 200 client.css
www.blueillusion.com/images/assetimages/css/ 21 KB
4 KB 123ms
122ms Stylesheet
text/css 104.22.17.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blueillusion.com/images/assetimages/css/client.css

Requested by

Host: www.blueillusion.com
URL: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.17.186 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ff02944fe0e8ca62ab9c2f37eac4bf83a580fd7589f500a02923d1636f9afbf

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	NOSNIFF
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:41:58 GMT
content-encoding: gzip
x-content-type-options: NOSNIFF
cf-cache-status: HIT
age: 1172
vary: Accept-Encoding
x-xss-protection: 1
last-modified: Mon, 27 Jun 2022 05:01:34 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"ec5b25f9e289d81:0"
strict-transport-security: max-age=15552000
content-type: text/css
cache-control: max-age=14400
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
cf-ray: 74f5c2c9693edf8d-MEL

GET
H2 200 slide.js Show response
www.blueillusion.com/images/assetimages/javascript/ 955 B
449 B 110ms
109ms Script
application/javascript 104.22.17.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blueillusion.com/images/assetimages/javascript/slide.js

Requested by

Host: www.blueillusion.com
URL: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.17.186 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd9637bc499921928f02e9b7a7fbedf395fd7c9e8276b9ef7d63f3ad1ac11947

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	NOSNIFF
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:41:58 GMT
content-encoding: gzip
x-content-type-options: NOSNIFF
cf-cache-status: HIT
age: 1159
vary: Accept-Encoding
x-xss-protection: 1
last-modified: Mon, 06 Jul 2020 05:28:41 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"99824d4f5653d61:0"
strict-transport-security: max-age=15552000
content-type: application/javascript
cache-control: max-age=14400
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
cf-ray: 74f5c2c96940df8d-MEL

GET
H2 200 logo.png
www.blueillusion.com/images/assetimages/ 4 KB
4 KB 111ms
111ms Image
image/webp 104.22.17.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.blueillusion.com/images/assetimages/logo.png

Requested by

Host: www.blueillusion.com
URL: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.17.186 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

27b068919101fdec06e83abd8987742bc3cc59fa17263c3aeeedef5549f1ee46

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	NOSNIFF
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
via: NS-CACHE-10.0: 1
etag: "9a85a8a6f7bfd31:0"
cf-cache-status: HIT
age: 3168
cf-polished: origFmt=png, origSize=8932
xet-cookie
content-disposition: inline; filename="logo.webp"
strict-transport-security: max-age=15552000
content-length: 4018
x-xss-protection: 1
last-modified: Tue, 20 Mar 2018 03:00:49 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
date: Fri, 23 Sep 2022 19:41:58 GMT
vary: Accept
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 74f5c2cb19f2df8d-MEL
x-content-type-options: NOSNIFF
cf-bgj: imgq:100,h2pri

GET
H2 200 NEW-WEBSITE-ICONS-DELIVERY.png
www.blueillusion.com/images/assetimages/icons/ 556 B
793 B 109ms
109ms Image
image/webp 104.22.17.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.blueillusion.com/images/assetimages/icons/NEW-WEBSITE-ICONS-DELIVERY.png

Requested by

Host: www.blueillusion.com
URL: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.17.186 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

648d72138fecb1e47b936287d4745ce68b1dc446a706c50f6a5cd967c323d354

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	NOSNIFF
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
via: NS-CACHE-10.0: 1
etag: "efc679dcb18ed51:0"
cf-cache-status: HIT
age: 1441
cf-polished: origFmt=png, origSize=2222
xet-cookie
content-disposition: inline; filename="NEW-WEBSITE-ICONS-DELIVERY.webp"
strict-transport-security: max-age=15552000
content-length: 556
x-xss-protection: 1
last-modified: Tue, 29 Oct 2019 23:37:43 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
date: Fri, 23 Sep 2022 19:41:58 GMT
vary: Accept
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 74f5c2cb7a19df8d-MEL
x-content-type-options: NOSNIFF
cf-bgj: imgq:100,h2pri

GET
H2 200 store-locator.png
www.blueillusion.com/images/assetimages/icons/ 632 B
794 B 113ms
112ms Image
image/webp 104.22.17.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.blueillusion.com/images/assetimages/icons/store-locator.png

Requested by

Host: www.blueillusion.com
URL: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.17.186 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9fa662f6fe91d859a21b38349206a808d580baddc34a599ad92794e8e8ad5f9d

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	NOSNIFF
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
via: NS-CACHE-10.0: 1
etag: "7b4a85bb042d61:0"
cf-cache-status: HIT
age: 1711
cf-polished: origFmt=png, origSize=2069
xet-cookie
content-disposition: inline; filename="store-locator.webp"
strict-transport-security: max-age=15552000
content-length: 632
x-xss-protection: 1
last-modified: Mon, 15 Jun 2020 01:00:27 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
date: Fri, 23 Sep 2022 19:41:58 GMT
vary: Accept
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 74f5c2cb8a1adf8d-MEL
x-content-type-options: NOSNIFF
cf-bgj: imgq:100,h2pri

GET
H2 200 NEW-WEBSITE-ICONS-RETURNS.png
www.blueillusion.com/images/assetimages/icons/ 508 B
683 B 119ms
119ms Image
image/webp 104.22.17.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.blueillusion.com/images/assetimages/icons/NEW-WEBSITE-ICONS-RETURNS.png

Requested by

Host: www.blueillusion.com
URL: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.17.186 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

362c6cba4b8d9b7b018f8f0297ea5873ed68f997c0d1ce722edc2ad8f5ab2c11

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	NOSNIFF
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
via: NS-CACHE-10.0: 1
etag: "f1e2aae1b18ed51:0"
cf-cache-status: HIT
age: 1172
cf-polished: origFmt=png, origSize=2108
xet-cookie
content-disposition: inline; filename="NEW-WEBSITE-ICONS-RETURNS.webp"
strict-transport-security: max-age=15552000
content-length: 508
x-xss-protection: 1
last-modified: Tue, 29 Oct 2019 23:37:52 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
date: Fri, 23 Sep 2022 19:41:58 GMT
vary: Accept
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 74f5c2cb8a1bdf8d-MEL
x-content-type-options: NOSNIFF
cf-bgj: imgq:100,h2pri

GET
H2 200 NEW-WEBSITE-ICONS-SIZE-GUIDE.png
www.blueillusion.com/images/assetimages/icons/ 484 B
659 B 112ms
111ms Image
image/webp 104.22.17.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.blueillusion.com/images/assetimages/icons/NEW-WEBSITE-ICONS-SIZE-GUIDE.png

Requested by

Host: www.blueillusion.com
URL: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.17.186 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c154510b7c8ce506b2a9fcc49a3da40b2e7472ff1ba43627b7ffeeda27a3080c

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	NOSNIFF
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
via: NS-CACHE-10.0: 1
etag: "e27e31e4b18ed51:0"
cf-cache-status: HIT
age: 3168
cf-polished: origFmt=png, origSize=2103
xet-cookie
content-disposition: inline; filename="NEW-WEBSITE-ICONS-SIZE-GUIDE.webp"
strict-transport-security: max-age=15552000
content-length: 484
x-xss-protection: 1
last-modified: Tue, 29 Oct 2019 23:37:56 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
date: Fri, 23 Sep 2022 19:41:58 GMT
vary: Accept
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 74f5c2cb8a1cdf8d-MEL
x-content-type-options: NOSNIFF
cf-bgj: imgq:100,h2pri

GET
H2 200 lef%20nav%20banner-i49.jpg
www.blueillusion.com/images/assetimages/leftnav/2022/ 51 KB
51 KB 106ms
106ms Image
image/jpeg 104.22.17.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.blueillusion.com/images/assetimages/leftnav/2022/lef%20nav%20banner-i49.jpg

Requested by

Host: www.blueillusion.com
URL: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.17.186 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bedbd2b9054a723b6dce3f4967888aaed233a5171273854b6d73a2e61ecaaf42

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	NOSNIFF
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:41:58 GMT
via: NS-CACHE-10.0: 1
x-content-type-options: NOSNIFF
cf-cache-status: HIT
age: 4888
cf-polished: origSize=52246, status=webp_bigger
vary: Accept-Encoding
content-length: 52238
x-xss-protection: 1
last-modified: Fri, 16 Sep 2022 21:27:29 GMT
server: cloudflare
cache-control: max-age=14400
x-frame-options: SAMEORIGIN
etag: "a691222013cad81:0"
strict-transport-security: max-age=15552000
content-type: image/jpeg
xet-cookie
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
accept-ranges: bytes
cf-ray: 74f5c2cb8a1ddf8d-MEL
cf-bgj: imgq:100,h2pri

GET
H2 200 29820_459398_56294.jpg
www.blueillusion.com/productimages/thumb/1/ 41 KB
41 KB 107ms
106ms Image
image/jpeg 104.22.17.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.blueillusion.com/productimages/thumb/1/29820_459398_56294.jpg

Requested by

Host: www.blueillusion.com
URL: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.17.186 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af94cbc94cac6900c473b2a54aeadb3fe8d2dbd812c8e6ca6973a71b453d3ec1

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	NOSNIFF
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:41:59 GMT
via: NS-CACHE-10.0: 1
x-content-type-options: NOSNIFF
cf-cache-status: HIT
age: 4886
cf-polished: origSize=44315, status=webp_bigger
vary: Accept-Encoding
content-length: 42191
x-xss-protection: 1
last-modified: Fri, 15 Jul 2022 01:10:17 GMT
server: cloudflare
cache-control: max-age=14400
x-frame-options: SAMEORIGIN
etag: "874751a5e797d81:0"
strict-transport-security: max-age=15552000
content-type: image/jpeg
xet-cookie
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
accept-ranges: bytes
cf-ray: 74f5c2cbca39df8d-MEL
cf-bgj: imgq:100,h2pri

GET
H2 200 27648_459230_55599.jpg
www.blueillusion.com/productimages/thumb/1/ 61 KB
62 KB 106ms
106ms Image
image/jpeg 104.22.17.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.blueillusion.com/productimages/thumb/1/27648_459230_55599.jpg

Requested by

Host: www.blueillusion.com
URL: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.17.186 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43f81d49837e428a81e3316149c3bae7e7c20b4a21d8006088ac5c0f30bf032c

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	NOSNIFF
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:41:59 GMT
via: NS-CACHE-10.0: 1
x-content-type-options: NOSNIFF
cf-cache-status: HIT
age: 4886
cf-polished: origSize=67734, status=webp_bigger
vary: Accept-Encoding
content-length: 62735
x-xss-protection: 1
last-modified: Tue, 21 Jun 2022 04:55:56 GMT
server: cloudflare
cache-control: max-age=14400
x-frame-options: SAMEORIGIN
etag: "1307b312b85d81:0"
strict-transport-security: max-age=15552000
content-type: image/jpeg
xet-cookie
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
accept-ranges: bytes
cf-ray: 74f5c2cbca3adf8d-MEL
cf-bgj: imgq:100,h2pri

GET
H2 200 29776_459272_55611.jpg
www.blueillusion.com/productimages/thumb/1/ 46 KB
46 KB 123ms
122ms Image
image/jpeg 104.22.17.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.blueillusion.com/productimages/thumb/1/29776_459272_55611.jpg

Requested by

Host: www.blueillusion.com
URL: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.17.186 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a540dcbec34af2646cb424e6dae1f4e3355da7de91c015edd56f07835ce7573

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	NOSNIFF
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:41:59 GMT
via: NS-CACHE-10.0: 1
x-content-type-options: NOSNIFF
cf-cache-status: HIT
age: 4886
cf-polished: origSize=50195, status=webp_bigger
vary: Accept-Encoding
content-length: 47198
x-xss-protection: 1
last-modified: Tue, 21 Jun 2022 05:02:18 GMT
server: cloudflare
cache-control: max-age=14400
x-frame-options: SAMEORIGIN
etag: "2c2829152c85d81:0"
strict-transport-security: max-age=15552000
content-type: image/jpeg
xet-cookie
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
accept-ranges: bytes
cf-ray: 74f5c2cc1a5adf8d-MEL
cf-bgj: imgq:100,h2pri

GET
H2 200 29773_459251_55603.jpg
www.blueillusion.com/productimages/thumb/1/ 52 KB
52 KB 144ms
143ms Image
image/jpeg 104.22.17.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.blueillusion.com/productimages/thumb/1/29773_459251_55603.jpg

Requested by

Host: www.blueillusion.com
URL: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.17.186 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

22a76c178715d4f766404156aa659c188901b8c99540daddaa1ee1a179ef7ab2

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	NOSNIFF
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:41:59 GMT
via: NS-CACHE-10.0: 1
x-content-type-options: NOSNIFF
cf-cache-status: HIT
age: 4886
cf-polished: origSize=57167, status=webp_bigger
vary: Accept-Encoding
content-length: 53365
x-xss-protection: 1
last-modified: Tue, 21 Jun 2022 04:57:38 GMT
server: cloudflare
cache-control: max-age=14400
x-frame-options: SAMEORIGIN
etag: "3b3ff76d2b85d81:0"
strict-transport-security: max-age=15552000
content-type: image/jpeg
xet-cookie
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
accept-ranges: bytes
cf-ray: 74f5c2cc1a5edf8d-MEL
cf-bgj: imgq:100,h2pri

GET
H2 200 29781_459307_55343.jpg
www.blueillusion.com/productimages/thumb/1/ 64 KB
64 KB 126ms
126ms Image
image/jpeg 104.22.17.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.blueillusion.com/productimages/thumb/1/29781_459307_55343.jpg

Requested by

Host: www.blueillusion.com
URL: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.17.186 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb704e4d08695f5edcaa46d930344936bb15e7b4ec679686187c8aa3181d1a30

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	NOSNIFF
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:41:59 GMT
via: NS-CACHE-10.0: 1
x-content-type-options: NOSNIFF
cf-cache-status: HIT
age: 4886
cf-polished: origSize=71112, status=webp_bigger
vary: Accept-Encoding
content-length: 65660
x-xss-protection: 1
last-modified: Tue, 14 Jun 2022 04:27:02 GMT
server: cloudflare
cache-control: max-age=14400
x-frame-options: SAMEORIGIN
etag: "69f8f4fea67fd81:0"
strict-transport-security: max-age=15552000
content-type: image/jpeg
xet-cookie
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
accept-ranges: bytes
cf-ray: 74f5c2cc1a60df8d-MEL
cf-bgj: imgq:100,h2pri

GET
H2 200 29777_459279_55624.jpg
www.blueillusion.com/productimages/thumb/1/ 41 KB
41 KB 126ms
125ms Image
image/jpeg 104.22.17.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.blueillusion.com/productimages/thumb/1/29777_459279_55624.jpg

Requested by

Host: www.blueillusion.com
URL: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.17.186 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e8b9cd4fa62c9836fe6d12828dc49cf1546820b3d29119578857b042790f13c

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	NOSNIFF
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:41:59 GMT
via: NS-CACHE-10.0: 1
x-content-type-options: NOSNIFF
cf-cache-status: HIT
age: 4886
cf-polished: origSize=44229, status=webp_bigger
vary: Accept-Encoding
content-length: 41538
x-xss-protection: 1
last-modified: Tue, 21 Jun 2022 05:08:25 GMT
server: cloudflare
cache-control: max-age=14400
x-frame-options: SAMEORIGIN
etag: "28aac0ef2c85d81:0"
strict-transport-security: max-age=15552000
content-type: image/jpeg
xet-cookie
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
accept-ranges: bytes
cf-ray: 74f5c2cc1a5fdf8d-MEL
cf-bgj: imgq:100,h2pri

GET
H2 200 29821_459405_56228.jpg
www.blueillusion.com/productimages/thumb/1/ 39 KB
40 KB 113ms
112ms Image
image/jpeg 104.22.17.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.blueillusion.com/productimages/thumb/1/29821_459405_56228.jpg

Requested by

Host: www.blueillusion.com
URL: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.17.186 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d135ffa4ffc76d58e8b55f2eed44d3a7720b95a7a38569d607b818fcc2d84cfa

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	NOSNIFF
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:41:59 GMT
via: NS-CACHE-10.0: 1
x-content-type-options: NOSNIFF
cf-cache-status: HIT
age: 4886
cf-polished: origSize=42460, status=webp_bigger
vary: Accept-Encoding
content-length: 40265
x-xss-protection: 1
last-modified: Mon, 11 Jul 2022 22:47:27 GMT
server: cloudflare
cache-control: max-age=14400
x-frame-options: SAMEORIGIN
etag: "aba323327895d81:0"
strict-transport-security: max-age=15552000
content-type: image/jpeg
xet-cookie
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
accept-ranges: bytes
cf-ray: 74f5c2cc1a5cdf8d-MEL
cf-bgj: imgq:100,h2pri

GET
H2 200 29761_459173_55365.jpg
www.blueillusion.com/productimages/thumb/1/ 20 KB
20 KB 118ms
117ms Image
image/jpeg 104.22.17.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.blueillusion.com/productimages/thumb/1/29761_459173_55365.jpg

Requested by

Host: www.blueillusion.com
URL: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.17.186 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b7701a6c28d3a3b512f7890dae6c7d13ab137a7e3d43247563b6fd642e015c7

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	NOSNIFF
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:41:59 GMT
via: NS-CACHE-10.0: 1
x-content-type-options: NOSNIFF
cf-cache-status: HIT
age: 4886
cf-polished: origSize=21516, status=webp_bigger
vary: Accept-Encoding
content-length: 20545
x-xss-protection: 1
last-modified: Tue, 14 Jun 2022 07:16:50 GMT
server: cloudflare
cache-control: max-age=14400
x-frame-options: SAMEORIGIN
etag: "9f1b97b7be7fd81:0"
strict-transport-security: max-age=15552000
content-type: image/jpeg
xet-cookie
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
accept-ranges: bytes
cf-ray: 74f5c2cc1a59df8d-MEL
cf-bgj: imgq:100,h2pri

GET
H2 200 29817_459363_56291.jpg
www.blueillusion.com/productimages/thumb/1/ 41 KB
42 KB 126ms
125ms Image
image/jpeg 104.22.17.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.blueillusion.com/productimages/thumb/1/29817_459363_56291.jpg

Requested by

Host: www.blueillusion.com
URL: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.17.186 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc5e922d595d2382ce8d9d562c7d92a59124a39cb6dd751605a14a947339b830

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	NOSNIFF
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:41:59 GMT
via: NS-CACHE-10.0: 1
x-content-type-options: NOSNIFF
cf-cache-status: HIT
age: 4886
cf-polished: origSize=44898, status=webp_bigger
vary: Accept-Encoding
content-length: 42457
x-xss-protection: 1
last-modified: Fri, 15 Jul 2022 01:12:04 GMT
server: cloudflare
cache-control: max-age=14400
x-frame-options: SAMEORIGIN
etag: "9b9a5be5e797d81:0"
strict-transport-security: max-age=15552000
content-type: image/jpeg
xet-cookie
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
accept-ranges: bytes
cf-ray: 74f5c2cc1a5ddf8d-MEL
cf-bgj: imgq:100,h2pri

GET
H2 200 29595_458713_54509.jpg
www.blueillusion.com/productimages/thumb/1/ 67 KB
67 KB 107ms
106ms Image
image/jpeg 104.22.17.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.blueillusion.com/productimages/thumb/1/29595_458713_54509.jpg

Requested by

Host: www.blueillusion.com
URL: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.17.186 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aec5c932ebecd2e59a8656c5c06ad6bc9db136db068dc501e702a5d3d9044474

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	NOSNIFF
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:41:59 GMT
via: NS-CACHE-10.0: 1
x-content-type-options: NOSNIFF
cf-cache-status: HIT
age: 4886
cf-polished: origSize=74314, status=webp_bigger
vary: Accept-Encoding
content-length: 68215
x-xss-protection: 1
last-modified: Wed, 20 Apr 2022 06:34:29 GMT
server: cloudflare
cache-control: max-age=14400
x-frame-options: SAMEORIGIN
etag: "d973f0af8054d81:0"
strict-transport-security: max-age=15552000
content-type: image/jpeg
xet-cookie
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
accept-ranges: bytes
cf-ray: 74f5c2ccca94df8d-MEL
cf-bgj: imgq:100,h2pri

GET
H2 200 29590_458678_54714.jpg
www.blueillusion.com/productimages/thumb/1/ 48 KB
48 KB 117ms
116ms Image
image/jpeg 104.22.17.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.blueillusion.com/productimages/thumb/1/29590_458678_54714.jpg

Requested by

Host: www.blueillusion.com
URL: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.17.186 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

419ec224745af5a55429e87f0747486adef092413c6551be10f48c2a6e5b43e1

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	NOSNIFF
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:41:59 GMT
via: NS-CACHE-10.0: 1
x-content-type-options: NOSNIFF
cf-cache-status: HIT
age: 4886
cf-polished: origSize=52545, status=webp_bigger
vary: Accept-Encoding
content-length: 48651
x-xss-protection: 1
last-modified: Tue, 26 Apr 2022 02:15:48 GMT
server: cloudflare
cache-control: max-age=14400
x-frame-options: SAMEORIGIN
etag: "bcbe578b1359d81:0"
strict-transport-security: max-age=15552000
content-type: image/jpeg
xet-cookie
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
accept-ranges: bytes
cf-ray: 74f5c2ccca96df8d-MEL
cf-bgj: imgq:100,h2pri

GET
H2 200 29560_458449_54337.jpg
www.blueillusion.com/productimages/thumb/1/ 33 KB
34 KB 114ms
113ms Image
image/jpeg 104.22.17.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.blueillusion.com/productimages/thumb/1/29560_458449_54337.jpg

Requested by

Host: www.blueillusion.com
URL: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.17.186 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f2120098bb77b57b5c1f7562d1e94bbf1ef57553a0cf07b7bbe7bc28c214380

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	NOSNIFF
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:41:59 GMT
via: NS-CACHE-10.0: 1
x-content-type-options: NOSNIFF
cf-cache-status: HIT
age: 4886
cf-polished: origSize=35874, status=webp_bigger
vary: Accept-Encoding
content-length: 34269
x-xss-protection: 1
last-modified: Fri, 01 Apr 2022 01:39:39 GMT
server: cloudflare
cache-control: max-age=14400
x-frame-options: SAMEORIGIN
etag: "7f521d5a6945d81:0"
strict-transport-security: max-age=15552000
content-type: image/jpeg
xet-cookie
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
accept-ranges: bytes
cf-ray: 74f5c2ccca93df8d-MEL
cf-bgj: imgq:100,h2pri

GET
H2 200 29408_457820_53140.jpg
www.blueillusion.com/productimages/thumb/1/ 20 KB
20 KB 124ms
119ms Image
image/jpeg 104.22.17.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.blueillusion.com/productimages/thumb/1/29408_457820_53140.jpg

Requested by

Host: www.blueillusion.com
URL: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.17.186 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64c761a18ac5cc27576d209ac90dc894275bcd6d08fd772350003f83e5b333e3

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	NOSNIFF
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:41:59 GMT
via: NS-CACHE-10.0: 1
x-content-type-options: NOSNIFF
cf-cache-status: HIT
age: 4886
cf-polished: origSize=21727, status=webp_bigger
vary: Accept-Encoding
content-length: 20568
x-xss-protection: 1
last-modified: Wed, 02 Feb 2022 02:41:05 GMT
server: cloudflare
cache-control: max-age=14400
x-frame-options: SAMEORIGIN
etag: "b2dd6253de17d81:0"
strict-transport-security: max-age=15552000
content-type: image/jpeg
xet-cookie
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
accept-ranges: bytes
cf-ray: 74f5c2ccea9edf8d-MEL
cf-bgj: imgq:100,h2pri

GET
H2 200 29408_457820_53170.jpg
www.blueillusion.com/productimages/thumb/3/ 358 B
659 B 124ms
119ms Image
image/webp 104.22.17.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.blueillusion.com/productimages/thumb/3/29408_457820_53170.jpg

Requested by

Host: www.blueillusion.com
URL: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.17.186 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d5e46e0dbb16e9e74e596c4cf540f51cd9cfd97c3452253f042db4f4f0186383

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	NOSNIFF
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
via: NS-CACHE-10.0: 1
etag: "60ae312df317d81:0"
cf-cache-status: HIT
age: 777
cf-polished: origFmt=jpeg, origSize=809
xet-cookie
content-disposition: inline; filename="29408_457820_53170.webp"
strict-transport-security: max-age=15552000
content-length: 358
x-xss-protection: 1
last-modified: Wed, 02 Feb 2022 05:10:21 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
date: Fri, 23 Sep 2022 19:41:59 GMT
vary: Accept
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 74f5c2cceaa0df8d-MEL
x-content-type-options: NOSNIFF
cf-bgj: imgq:100,h2pri

GET
H2 200 29408_457819_53169.jpg
www.blueillusion.com/productimages/thumb/3/ 434 B
602 B 126ms
121ms Image
image/webp 104.22.17.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.blueillusion.com/productimages/thumb/3/29408_457819_53169.jpg

Requested by

Host: www.blueillusion.com
URL: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.17.186 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

435c880e179d12be3b4acf0cac3510c686adc74d588122512d8127c85a8cc7d6

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	NOSNIFF
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
via: NS-CACHE-10.0: 1
etag: "f094626f317d81:0"
cf-cache-status: HIT
age: 6041
cf-polished: origFmt=jpeg, origSize=832
xet-cookie
content-disposition: inline; filename="29408_457819_53169.webp"
strict-transport-security: max-age=15552000
content-length: 434
x-xss-protection: 1
last-modified: Wed, 02 Feb 2022 05:10:08 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
date: Fri, 23 Sep 2022 19:41:59 GMT
vary: Accept
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 74f5c2cceaa1df8d-MEL
x-content-type-options: NOSNIFF
cf-bgj: imgq:100,h2pri

GET
H2 200 29408_457817_53171.jpg
www.blueillusion.com/productimages/thumb/3/ 246 B
429 B 118ms
114ms Image
image/webp 104.22.17.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.blueillusion.com/productimages/thumb/3/29408_457817_53171.jpg

Requested by

Host: www.blueillusion.com
URL: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.17.186 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

94fea59b348efbddbc07319acfde2f47fa183aca247c038cd649628c5e501b2c

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	NOSNIFF
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
via: NS-CACHE-10.0: 1
etag: "faa71d4cf317d81:0"
cf-cache-status: HIT
age: 3137
cf-polished: origFmt=jpeg, origSize=762
xet-cookie
content-disposition: inline; filename="29408_457817_53171.webp"
strict-transport-security: max-age=15552000
content-length: 246
x-xss-protection: 1
last-modified: Wed, 02 Feb 2022 05:11:12 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
date: Fri, 23 Sep 2022 19:41:59 GMT
vary: Accept
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 74f5c2cceaa2df8d-MEL
x-content-type-options: NOSNIFF
cf-bgj: imgq:100,h2pri

GET
H2 200 29580_458608_54680.jpg
www.blueillusion.com/productimages/thumb/1/ 54 KB
54 KB 113ms
108ms Image
image/jpeg 104.22.17.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.blueillusion.com/productimages/thumb/1/29580_458608_54680.jpg

Requested by

Host: www.blueillusion.com
URL: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.17.186 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8928a78d6f24634ebf94e6094b751502b59e444c7d7b612b53b38be65c20fd41

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	NOSNIFF
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:41:59 GMT
via: NS-CACHE-10.0: 1
x-content-type-options: NOSNIFF
cf-cache-status: HIT
age: 4886
cf-polished: origSize=59815, status=webp_bigger
vary: Accept-Encoding
content-length: 55197
x-xss-protection: 1
last-modified: Fri, 22 Apr 2022 07:04:35 GMT
server: cloudflare
cache-control: max-age=14400
x-frame-options: SAMEORIGIN
etag: "86e064391756d81:0"
strict-transport-security: max-age=15552000
content-type: image/jpeg
xet-cookie
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
accept-ranges: bytes
cf-ray: 74f5c2cceaa3df8d-MEL
cf-bgj: imgq:100,h2pri

GET
H2 200 29463_458104_53675.jpg
www.blueillusion.com/productimages/thumb/1/ 59 KB
60 KB 125ms
120ms Image
image/jpeg 104.22.17.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.blueillusion.com/productimages/thumb/1/29463_458104_53675.jpg

Requested by

Host: www.blueillusion.com
URL: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.17.186 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3cf2c21737c2474bdb2afa56f660c81846d693ff9ee714cc0d3f36010eecfd4

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	NOSNIFF
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:41:59 GMT
via: NS-CACHE-10.0: 1
x-content-type-options: NOSNIFF
cf-cache-status: HIT
age: 4886
cf-polished: origSize=64966, status=webp_bigger
vary: Accept-Encoding
content-length: 60814
x-xss-protection: 1
last-modified: Thu, 03 Mar 2022 03:33:41 GMT
server: cloudflare
cache-control: max-age=14400
x-frame-options: SAMEORIGIN
etag: "23c53e7aaf2ed81:0"
strict-transport-security: max-age=15552000
content-type: image/jpeg
xet-cookie
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
accept-ranges: bytes
cf-ray: 74f5c2cceaa5df8d-MEL
cf-bgj: imgq:100,h2pri

GET
H2 200 29587_458657_54675.jpg
www.blueillusion.com/productimages/thumb/1/ 69 KB
69 KB 125ms
120ms Image
image/jpeg 104.22.17.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.blueillusion.com/productimages/thumb/1/29587_458657_54675.jpg

Requested by

Host: www.blueillusion.com
URL: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.17.186 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fee408c89465fc6d779ba4faad31ea24a38fd917f4ee9dc915ca6acb254328db

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	NOSNIFF
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:41:59 GMT
via: NS-CACHE-10.0: 1
x-content-type-options: NOSNIFF
cf-cache-status: HIT
age: 4886
cf-polished: origSize=75690, status=webp_bigger
vary: Accept-Encoding
content-length: 70346
x-xss-protection: 1
last-modified: Fri, 22 Apr 2022 07:01:07 GMT
server: cloudflare
cache-control: max-age=14400
x-frame-options: SAMEORIGIN
etag: "c1a268bd1656d81:0"
strict-transport-security: max-age=15552000
content-type: image/jpeg
xet-cookie
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
accept-ranges: bytes
cf-ray: 74f5c2cceaa6df8d-MEL
cf-bgj: imgq:100,h2pri

GET
H2 200 29510_458373_53828.jpg
www.blueillusion.com/productimages/thumb/1/ 67 KB
67 KB 119ms
114ms Image
image/jpeg 104.22.17.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.blueillusion.com/productimages/thumb/1/29510_458373_53828.jpg

Requested by

Host: www.blueillusion.com
URL: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.17.186 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3708dbeb2f8005876354181955c480019bd6dc01204793c57ea40fd54c8620de

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	NOSNIFF
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:41:59 GMT
via: NS-CACHE-10.0: 1
x-content-type-options: NOSNIFF
cf-cache-status: HIT
age: 4886
cf-polished: origSize=74078, status=webp_bigger
vary: Accept-Encoding
content-length: 68467
x-xss-protection: 1
last-modified: Mon, 21 Mar 2022 05:37:21 GMT
server: cloudflare
cache-control: max-age=14400
x-frame-options: SAMEORIGIN
etag: "b4f7b9bce53cd81:0"
strict-transport-security: max-age=15552000
content-type: image/jpeg
xet-cookie
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
accept-ranges: bytes
cf-ray: 74f5c2cceaa7df8d-MEL
cf-bgj: imgq:100,h2pri

GET
H2 200 29602_458751_54896.jpg
www.blueillusion.com/productimages/thumb/1/ 55 KB
55 KB 125ms
121ms Image
image/jpeg 104.22.17.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.blueillusion.com/productimages/thumb/1/29602_458751_54896.jpg

Requested by

Host: www.blueillusion.com
URL: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.17.186 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

83495d7831277f5d62fd1ab5f51154c56b5d45c71dfc3722a60a663e229b0273

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	NOSNIFF
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:41:59 GMT
via: NS-CACHE-10.0: 1
x-content-type-options: NOSNIFF
cf-cache-status: HIT
age: 4886
cf-polished: origSize=60066, status=webp_bigger
vary: Accept-Encoding
content-length: 56488
x-xss-protection: 1
last-modified: Tue, 10 May 2022 02:05:55 GMT
server: cloudflare
cache-control: max-age=14400
x-frame-options: SAMEORIGIN
etag: "2e3d57b1264d81:0"
strict-transport-security: max-age=15552000
content-type: image/jpeg
xet-cookie
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
accept-ranges: bytes
cf-ray: 74f5c2cceaa8df8d-MEL
cf-bgj: imgq:100,h2pri

GET
H2 200 29599_458730_54890.jpg
www.blueillusion.com/productimages/thumb/1/ 40 KB
40 KB 131ms
127ms Image
image/jpeg 104.22.17.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.blueillusion.com/productimages/thumb/1/29599_458730_54890.jpg

Requested by

Host: www.blueillusion.com
URL: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.17.186 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

91bc8837f6adecffff2b816665500dce9acc94da59c605ccdb5d701c365bbdc2

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	NOSNIFF
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:41:59 GMT
via: NS-CACHE-10.0: 1
x-content-type-options: NOSNIFF
cf-cache-status: HIT
age: 4886
cf-polished: origSize=42434, status=webp_bigger
vary: Accept-Encoding
content-length: 40481
x-xss-protection: 1
last-modified: Tue, 10 May 2022 01:58:47 GMT
server: cloudflare
cache-control: max-age=14400
x-frame-options: SAMEORIGIN
etag: "bdc6527c1164d81:0"
strict-transport-security: max-age=15552000
content-type: image/jpeg
xet-cookie
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
accept-ranges: bytes
cf-ray: 74f5c2cceaa9df8d-MEL
cf-bgj: imgq:100,h2pri

GET
H2 200 29616_458857_54807.jpg
www.blueillusion.com/productimages/thumb/1/ 42 KB
43 KB 133ms
128ms Image
image/jpeg 104.22.17.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.blueillusion.com/productimages/thumb/1/29616_458857_54807.jpg

Requested by

Host: www.blueillusion.com
URL: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.17.186 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff09b3db25a670897974ea1c22bfd4bd39f1ef9de6748384ee7831262ff64867

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	NOSNIFF
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:41:59 GMT
via: NS-CACHE-10.0: 1
x-content-type-options: NOSNIFF
cf-cache-status: HIT
age: 4886
cf-polished: origSize=45396, status=webp_bigger
vary: Accept-Encoding
content-length: 43243
x-xss-protection: 1
last-modified: Mon, 02 May 2022 04:00:29 GMT
server: cloudflare
cache-control: max-age=14400
x-frame-options: SAMEORIGIN
etag: "5b43e429d95dd81:0"
strict-transport-security: max-age=15552000
content-type: image/jpeg
xet-cookie
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
accept-ranges: bytes
cf-ray: 74f5c2cceaaadf8d-MEL
cf-bgj: imgq:100,h2pri

GET
H2 200 29658_458972_55235.jpg
www.blueillusion.com/productimages/thumb/1/ 54 KB
55 KB 147ms
143ms Image
image/jpeg 104.22.17.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.blueillusion.com/productimages/thumb/1/29658_458972_55235.jpg

Requested by

Host: www.blueillusion.com
URL: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.17.186 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aeb540b954f4d6fceeaac8787b08fe6697bfb624606b97e650622cc52f73f4a5

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	NOSNIFF
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:41:59 GMT
via: NS-CACHE-10.0: 1
x-content-type-options: NOSNIFF
cf-cache-status: HIT
age: 4886
cf-polished: origSize=59311, status=webp_bigger
vary: Accept-Encoding
content-length: 55520
x-xss-protection: 1
last-modified: Wed, 01 Jun 2022 23:58:01 GMT
server: cloudflare
cache-control: max-age=14400
x-frame-options: SAMEORIGIN
etag: "d363fa6c1376d81:0"
strict-transport-security: max-age=15552000
content-type: image/jpeg
xet-cookie
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
accept-ranges: bytes
cf-ray: 74f5c2cceaacdf8d-MEL
cf-bgj: imgq:100,h2pri

GET
H2 200 29499_458275_53983.jpg
www.blueillusion.com/productimages/thumb/1/ 73 KB
73 KB 130ms
126ms Image
image/jpeg 104.22.17.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.blueillusion.com/productimages/thumb/1/29499_458275_53983.jpg

Requested by

Host: www.blueillusion.com
URL: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.17.186 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d5d6df93fa64a7a6cc985bcfab0bb8a64d3aba472622b1d8451007140d84555

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	NOSNIFF
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:41:59 GMT
via: NS-CACHE-10.0: 1
x-content-type-options: NOSNIFF
cf-cache-status: HIT
age: 4886
cf-polished: origSize=79997, status=webp_bigger
vary: Accept-Encoding
content-length: 74267
x-xss-protection: 1
last-modified: Tue, 29 Mar 2022 04:56:15 GMT
server: cloudflare
cache-control: max-age=14400
x-frame-options: SAMEORIGIN
etag: "5c201f522943d81:0"
strict-transport-security: max-age=15552000
content-type: image/jpeg
xet-cookie
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
accept-ranges: bytes
cf-ray: 74f5c2cceaaddf8d-MEL
cf-bgj: imgq:100,h2pri

GET
H2 200 28536_458531_54427.jpg
www.blueillusion.com/productimages/thumb/1/ 38 KB
38 KB 126ms
121ms Image
image/jpeg 104.22.17.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.blueillusion.com/productimages/thumb/1/28536_458531_54427.jpg

Requested by

Host: www.blueillusion.com
URL: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.17.186 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a602184b84b6b102fbf23e8c711e1c0e7ce9ff26eb855a9cead629307b268fc1

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	NOSNIFF
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:41:59 GMT
via: NS-CACHE-10.0: 1
x-content-type-options: NOSNIFF
cf-cache-status: HIT
age: 4353
cf-polished: origSize=40526, status=webp_bigger
vary: Accept-Encoding
content-length: 38847
x-xss-protection: 1
last-modified: Wed, 06 Apr 2022 23:47:04 GMT
server: cloudflare
cache-control: max-age=14400
x-frame-options: SAMEORIGIN
etag: "c05ca49e104ad81:0"
strict-transport-security: max-age=15552000
content-type: image/jpeg
xet-cookie
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
accept-ranges: bytes
cf-ray: 74f5c2cceaaedf8d-MEL
cf-bgj: imgq:100,h2pri

GET
H2 200 28536_458531_54821.jpg
www.blueillusion.com/productimages/thumb/3/ 618 B
782 B 132ms
127ms Image
image/webp 104.22.17.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.blueillusion.com/productimages/thumb/3/28536_458531_54821.jpg

Requested by

Host: www.blueillusion.com
URL: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.17.186 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c74eb1c3c5c76a98b3fc152f3bec32d2c9f4489289998c53c0bb127823e1cdce

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	NOSNIFF
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
via: NS-CACHE-10.0: 1
etag: "6faf1ec1160d81:0"
cf-cache-status: HIT
age: 4886
cf-polished: origFmt=jpeg, origSize=925
xet-cookie
content-disposition: inline; filename="28536_458531_54821.webp"
strict-transport-security: max-age=15552000
content-length: 618
x-xss-protection: 1
last-modified: Wed, 04 May 2022 23:45:34 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
date: Fri, 23 Sep 2022 19:41:59 GMT
vary: Accept
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 74f5c2cceaafdf8d-MEL
x-content-type-options: NOSNIFF
cf-bgj: imgq:100,h2pri

GET
H2 200 29576_458580_54420.jpg
www.blueillusion.com/productimages/thumb/1/ 31 KB
31 KB 127ms
122ms Image
image/jpeg 104.22.17.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.blueillusion.com/productimages/thumb/1/29576_458580_54420.jpg

Requested by

Host: www.blueillusion.com
URL: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.17.186 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8612977ce71d8daf8b9d65f760f236601995d0bdd3493a5a9f2a8edcdfb45722

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	NOSNIFF
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:41:59 GMT
via: NS-CACHE-10.0: 1
x-content-type-options: NOSNIFF
cf-cache-status: HIT
age: 777
cf-polished: origSize=33571, status=webp_bigger
vary: Accept-Encoding
content-length: 31861
x-xss-protection: 1
last-modified: Wed, 06 Apr 2022 23:41:24 GMT
server: cloudflare
cache-control: max-age=14400
x-frame-options: SAMEORIGIN
etag: "ec9491d3f4ad81:0"
strict-transport-security: max-age=15552000
content-type: image/jpeg
xet-cookie
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
accept-ranges: bytes
cf-ray: 74f5c2cceab0df8d-MEL
cf-bgj: imgq:100,h2pri

GET
H2 200 social-media_01.jpg
www.blueillusion.com/images/assetimages/ 4 KB
4 KB 126ms
122ms Image
image/jpeg 104.22.17.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.blueillusion.com/images/assetimages/social-media_01.jpg

Requested by

Host: www.blueillusion.com
URL: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.17.186 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53be928df59e56c531352745c04cc8d442f144f4725d7e69900a3a9cc0e0963c

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	NOSNIFF
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:41:59 GMT
via: NS-CACHE-10.0: 1
x-content-type-options: NOSNIFF
cf-cache-status: HIT
age: 578
cf-polished: origSize=5212, status=webp_bigger
vary: Accept-Encoding
content-length: 4240
x-xss-protection: 1
last-modified: Thu, 29 Mar 2018 04:41:59 GMT
server: cloudflare
cache-control: max-age=14400
x-frame-options: SAMEORIGIN
etag: "b1e0174618c7d31:0"
strict-transport-security: max-age=15552000
content-type: image/jpeg
xet-cookie
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
accept-ranges: bytes
cf-ray: 74f5c2cceab1df8d-MEL
cf-bgj: imgq:100,h2pri

GET
H2 200 social-media_02.jpg
www.blueillusion.com/images/assetimages/ 962 B
1 KB 130ms
126ms Image
image/webp 104.22.17.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.blueillusion.com/images/assetimages/social-media_02.jpg

Requested by

Host: www.blueillusion.com
URL: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.17.186 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7d54d08a1baf85e92deaa1827269d9ff6d617a2da5b6d6aad35b515fb905d97

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	NOSNIFF
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
via: NS-CACHE-10.0: 1
etag: "1e431a4618c7d31:0"
cf-cache-status: HIT
age: 3169
cf-polished: origFmt=jpeg, origSize=2315
xet-cookie
content-disposition: inline; filename="social-media_02.webp"
strict-transport-security: max-age=15552000
content-length: 962
x-xss-protection: 1
last-modified: Thu, 29 Mar 2018 04:41:59 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
date: Fri, 23 Sep 2022 19:41:59 GMT
vary: Accept
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 74f5c2cceab2df8d-MEL
x-content-type-options: NOSNIFF
cf-bgj: imgq:100,h2pri

GET
H2 200 social-media_03.jpg
www.blueillusion.com/images/assetimages/ 3 KB
3 KB 132ms
128ms Image
image/jpeg 104.22.17.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.blueillusion.com/images/assetimages/social-media_03.jpg

Requested by

Host: www.blueillusion.com
URL: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.17.186 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2cfa73c967797bf6150997f46242a1d2d234d1b56a83bd4371d99e7d2829ebeb

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	NOSNIFF
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:41:59 GMT
via: NS-CACHE-10.0: 1
x-content-type-options: NOSNIFF
cf-cache-status: HIT
age: 578
cf-polished: origSize=4292, status=webp_bigger
vary: Accept-Encoding
content-length: 3344
x-xss-protection: 1
last-modified: Thu, 29 Mar 2018 04:41:59 GMT
server: cloudflare
cache-control: max-age=14400
x-frame-options: SAMEORIGIN
etag: "8fa51c4618c7d31:0"
strict-transport-security: max-age=15552000
content-type: image/jpeg
xet-cookie
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
accept-ranges: bytes
cf-ray: 74f5c2cceab3df8d-MEL
cf-bgj: imgq:100,h2pri

GET
H2 200 footer-logo.png
www.blueillusion.com/images/assetimages/ 6 KB
7 KB 130ms
125ms Image
image/webp 104.22.17.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.blueillusion.com/images/assetimages/footer-logo.png

Requested by

Host: www.blueillusion.com
URL: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.17.186 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f33ba157d36e369dfa9885536d96ede5d2fb94e9707ec82a0276ccb4353300e

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	NOSNIFF
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
via: NS-CACHE-10.0: 1
etag: "5790b42280c5d31:0"
cf-cache-status: HIT
age: 578
cf-polished: origFmt=png, origSize=19877
xet-cookie
content-disposition: inline; filename="footer-logo.webp"
strict-transport-security: max-age=15552000
content-length: 6430
x-xss-protection: 1
last-modified: Tue, 27 Mar 2018 04:00:25 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
date: Fri, 23 Sep 2022 19:41:59 GMT
vary: Accept
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 74f5c2cceab4df8d-MEL
x-content-type-options: NOSNIFF
cf-bgj: imgq:100,h2pri

GET
H2 200 email-decode.min.js Show response
www.blueillusion.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
803 B 99ms
97ms Script
application/javascript 104.22.17.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blueillusion.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.blueillusion.com
URL: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.17.186 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:41:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 21 Sep 2022 17:11:54 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"632b45da-4d7"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 74f5c2ca2974df8d-MEL
expires: Sun, 25 Sep 2022 19:41:58 GMT

GET
H2 200 jquery.js Show response
www.blueillusion.com/Assets/ 91 KB
32 KB 208ms
207ms Script
application/javascript 104.22.17.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blueillusion.com/Assets/jquery.js

Requested by

Host: www.blueillusion.com
URL: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.17.186 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b1f030692803f149f888d6c6fe2f2da71feb30f7bfb92fc283c1059396411da

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	NOSNIFF
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:41:58 GMT
content-encoding: gzip
x-content-type-options: NOSNIFF
cf-cache-status: HIT
age: 577
vary: Accept-Encoding
x-xss-protection: 1
last-modified: Tue, 19 Jul 2022 22:26:03 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"a2ddb187be9bd81:0"
strict-transport-security: max-age=15552000
content-type: application/javascript
cache-control: max-age=14400
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
cf-ray: 74f5c2ca2975df8d-MEL

GET
H2 200 thirdparty.js Show response
www.blueillusion.com/Assets/ 106 KB
29 KB 114ms
113ms Script
application/javascript 104.22.17.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blueillusion.com/Assets/thirdparty.js

Requested by

Host: www.blueillusion.com
URL: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.17.186 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1b44c262fb95e4407d418d5a86533d2190c00c698fbc51e77b9f22624fc064e

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	NOSNIFF
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:41:58 GMT
content-encoding: gzip
x-content-type-options: NOSNIFF
cf-cache-status: HIT
age: 577
vary: Accept-Encoding
x-xss-protection: 1
last-modified: Tue, 19 Jul 2022 22:26:53 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"7c3f91a5be9bd81:0"
strict-transport-security: max-age=15552000
content-type: application/javascript
cache-control: max-age=14400
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
cf-ray: 74f5c2ca2976df8d-MEL

GET
H2 200 required.min.js Show response
www.blueillusion.com/Assets/ 85 KB
23 KB 117ms
116ms Script
application/javascript 104.22.17.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blueillusion.com/Assets/required.min.js

Requested by

Host: www.blueillusion.com
URL: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.17.186 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79b3552dc6375e3ab539e0a8e32a94938840e77fecba4240115f68a9d3d5a0cd

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	NOSNIFF
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:41:58 GMT
content-encoding: gzip
x-content-type-options: NOSNIFF
cf-cache-status: HIT
age: 577
vary: Accept-Encoding
x-xss-protection: 1
last-modified: Tue, 19 Jul 2022 22:26:05 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"72892d89be9bd81:0"
strict-transport-security: max-age=15552000
content-type: application/javascript
cache-control: max-age=14400
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
cf-ray: 74f5c2ca2978df8d-MEL

GET
H2 200 scripts.min.js Show response
www.blueillusion.com/Assets/ 66 KB
20 KB 112ms
111ms Script
application/javascript 104.22.17.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blueillusion.com/Assets/scripts.min.js

Requested by

Host: www.blueillusion.com
URL: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.17.186 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

82832ff4d138a419e97d21bae754fcccc923e89e4b9fff6c9ce8c5d699a75b20

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	NOSNIFF
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:41:58 GMT
content-encoding: gzip
x-content-type-options: NOSNIFF
cf-cache-status: HIT
age: 577
vary: Accept-Encoding
x-xss-protection: 1
last-modified: Tue, 19 Jul 2022 22:26:05 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"b3156389be9bd81:0"
strict-transport-security: max-age=15552000
content-type: application/javascript
cache-control: max-age=14400
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
cf-ray: 74f5c2ca2979df8d-MEL

GET
H2 200 ajax-loader.gif
www.blueillusion.com/Assets/ 0
3 KB 129ms
125ms Other
image/gif 104.22.17.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blueillusion.com/Assets/ajax-loader.gif

Requested by

Host: www.blueillusion.com
URL: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.17.186 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	NOSNIFF
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:41:59 GMT
via: NS-CACHE-10.0: 1
x-content-type-options: NOSNIFF
cf-cache-status: HIT
age: 7093
cf-polished: origSize=2707
xet-cookie
vary: Accept
content-length: 2699
x-xss-protection: 1
last-modified: Mon, 07 May 2018 01:02:19 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "4cf69c9fe5d31:0"
strict-transport-security: max-age=15552000
content-type: image/gif
cache-control: max-age=14400
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
accept-ranges: bytes
cf-ray: 74f5c2cceab6df8d-MEL
cf-bgj: imgq:100,h2pri

GET
H2 200 sprite.png
www.blueillusion.com/Assets/ 0
16 KB 131ms
127ms Other
image/png 104.22.17.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blueillusion.com/Assets/sprite.png

Requested by

Host: www.blueillusion.com
URL: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.17.186 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	NOSNIFF
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:41:59 GMT
via: NS-CACHE-10.0: 1
x-content-type-options: NOSNIFF
cf-cache-status: HIT
age: 1224
cf-polished: origSize=28731
xet-cookie
vary: Accept
content-length: 15983
x-xss-protection: 1
last-modified: Tue, 08 Sep 2020 01:50:10 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "dd10a5628285d61:0"
strict-transport-security: max-age=15552000
content-type: image/png
cache-control: max-age=14400
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
accept-ranges: bytes
cf-ray: 74f5c2cceab7df8d-MEL
cf-bgj: imgq:100,h2pri

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 521ms
178ms Script
text/javascript 74.125.200.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.blueillusion.com
URL: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f113.1e100.net

Software

Golfe2 /

Resource Hash

9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.blueillusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
server: Golfe2
age: 4490
date: Fri, 23 Sep 2022 18:27:09 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19826
expires: Fri, 23 Sep 2022 20:27:09 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 211 KB
70 KB 531ms
190ms Script
application/javascript 172.253.118.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KFG7HQ2

Requested by

Host: www.blueillusion.com
URL: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

06f8f1f3374bd55823b9c80f44bb0bc970b6c0c08c1a0c0306fc5b97b9c8897e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.blueillusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:41:59 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 71047
x-xss-protection: 0
expires: Fri, 23 Sep 2022 19:41:59 GMT

GET
H2 200 framework.css
www.blueillusion.com/Assets/ 194 KB
27 KB 209ms
208ms Stylesheet
text/css 104.22.17.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blueillusion.com/Assets/framework.css

Requested by

Host: www.blueillusion.com
URL: https://www.blueillusion.com/Assets/store_637939095619953556.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.17.186 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1faedeee250256b2c9ffb850d40ebc3df70c4ff340cee3c9b907ae90c5ee52ac

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	NOSNIFF
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.blueillusion.com/Assets/store_637939095619953556.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:41:58 GMT
content-encoding: gzip
x-content-type-options: NOSNIFF
cf-cache-status: HIT
age: 577
vary: Accept-Encoding
x-xss-protection: 1
last-modified: Tue, 19 Jul 2022 22:26:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"b9fa087be9bd81:0"
strict-transport-security: max-age=15552000
content-type: text/css
cache-control: max-age=14400
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
cf-ray: 74f5c2ca2977df8d-MEL

GET
H2 200 fender_analytics.9bd929e66a2449a7cdc1.js Show response
static-tracking.klaviyo.com/onsite/js/ 27 KB
11 KB 270ms
85ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static-tracking.klaviyo.com/onsite/js/fender_analytics.9bd929e66a2449a7cdc1.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=RVwmQH
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 13711036352cc6ee2aaf239ed66306d2e7b04e28158b89ad45d7db2e32fb5dcc

Request headers

Referer: https://www.blueillusion.com/
Origin: https://www.blueillusion.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: DxlKU8PAW5Z2L0V.1wRK5LqPR2sBWhOg
content-encoding: gzip
age: 1218
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 10605
x-amz-id-2: 36f/ps//h2tsvtsRUgp6Mk8LzgnmM0HKjWkeHSxHbhGWZ7W/4R77UIFLmwMJGAxxLaUgzekp6vo=
x-served-by: cache-lga13626-LGA, cache-mel11255-MEL
last-modified: Fri, 26 Aug 2022 20:33:40 GMT
server: AmazonS3
etag: "d48fad1b3f959b474b934ed39d9ba542"
vary: Accept-Encoding
x-amz-request-id: V3VGV2WY5XZ8QSWT
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
content-type: application/javascript
date: Fri, 23 Sep 2022 19:41:59 GMT
x-cache-hits: 2, 109

GET
H2 200 static.444020cd426b0bea12c1.js Show response
static-tracking.klaviyo.com/onsite/js/ 12 KB
5 KB 270ms
85ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static-tracking.klaviyo.com/onsite/js/static.444020cd426b0bea12c1.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=RVwmQH
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 94eb37f3ca8ec6a7d028370dfadf216aaa9a5b6f794a7462707f422aa7098f18

Request headers

Referer: https://www.blueillusion.com/
Origin: https://www.blueillusion.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: ep5t_kHI_qKbZWWytxIKzh5j3YAjdqHx
content-encoding: gzip
age: 1218
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 5219
x-amz-id-2: NVmB6Kd0YFo9iCmGx+yu+eOqiC5jqbz25AtCBJn8Vs1Hbf0QGGXROARgd05prVYM5kfCwyQJ2xk=
x-served-by: cache-lga21951-LGA, cache-mel11255-MEL
last-modified: Thu, 18 Aug 2022 15:05:14 GMT
server: AmazonS3
etag: "1774dcfd43ae7a477e554d4266bbaa8e"
vary: Accept-Encoding
x-amz-request-id: EYA39404SA8WM76Q
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
content-type: application/javascript
date: Fri, 23 Sep 2022 19:41:59 GMT
x-cache-hits: 5, 110

GET
H2 200 runtime.2888bf8d92dced7d992b.js Show response
static.klaviyo.com/onsite/js/ 19 KB
8 KB 259ms
85ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/runtime.2888bf8d92dced7d992b.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=RVwmQH
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0d0ef0d834b9bf032b991f9f29ae3f313e0d9a69a05ad1978aaff2c4c05e6d3a

Request headers

Referer: https://www.blueillusion.com/
Origin: https://www.blueillusion.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: Xxt9HjAXzYk7aCvjcj0Rr49LqJcS8fvM
content-encoding: gzip
age: 1218
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 8075
x-amz-id-2: Q2Jf+teWuwSV3vU3OCDnpvcOL6OVngIxoB9XqGYe7pSEDVFFmnNgCU17s0+YMgeH5WcihxaT0SM=
x-served-by: cache-lga21938-LGA, cache-mel11241-MEL
last-modified: Mon, 19 Sep 2022 20:02:28 GMT
server: AmazonS3
etag: "291533f5634b65eae20f9422baa29d9a"
vary: Accept-Encoding
x-amz-request-id: 9E3EBX78Q5K9YJY0
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
content-type: application/javascript
date: Fri, 23 Sep 2022 19:41:59 GMT
x-cache-hits: 2, 82

GET
H2 200 sharedUtils.0bc3da446707ca1edb02.js Show response
static.klaviyo.com/onsite/js/ 34 KB
13 KB 259ms
85ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/sharedUtils.0bc3da446707ca1edb02.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=RVwmQH
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b20593a01294af3962eaaffb903b05d467a10f350b79ba25d6804df9a7e914fb

Request headers

Referer: https://www.blueillusion.com/
Origin: https://www.blueillusion.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: nWL.VwGMlkCnpf2w6hy7LSuPMY5QeZrD
content-encoding: gzip
age: 1218
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 13237
x-amz-id-2: IlT6kPnA9ssToQg2br24zjaYpouwzHuGVmlqFIP+L8Pw+7i15Yy2jhHVcSD2xOHx5RWAdZWRMJE=
x-served-by: cache-lga21938-LGA, cache-mel11241-MEL
last-modified: Thu, 22 Sep 2022 20:56:47 GMT
server: AmazonS3
etag: "af06dc05c43c0e0ef631aa6578eb2b20"
vary: Accept-Encoding
x-amz-request-id: FDHRXCM9F36M1V2Y
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
content-type: application/javascript
date: Fri, 23 Sep 2022 19:41:59 GMT
x-cache-hits: 3, 136

GET
H2 200 montserrat-light-webfont.woff
www.blueillusion.com/Assets/ 24 KB
24 KB 111ms
110ms Font
font/x-woff 104.22.17.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blueillusion.com/Assets/montserrat-light-webfont.woff

Requested by

Host: www.blueillusion.com
URL: https://www.blueillusion.com/Assets/store_637939095619953556.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.17.186 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b4741cc9a5684a15e1745a6e6da941b70d9a4b9fce891d6c50aad95ee074499

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	NOSNIFF
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Referer: https://www.blueillusion.com/Assets/store_637939095619953556.min.css
Origin: https://www.blueillusion.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:41:58 GMT
content-encoding: gzip
x-content-type-options: NOSNIFF
cf-cache-status: HIT
age: 4526
vary: Accept-Encoding
x-xss-protection: 1
last-modified: Tue, 07 Nov 2017 08:57:30 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"0b93e71a657d31:0"
strict-transport-security: max-age=15552000
content-type: font/x-woff
cache-control: max-age=14400
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
cf-ray: 74f5c2cb9a25df8d-MEL

GET
H2 200 montserrat-regular-webfont.woff
www.blueillusion.com/Assets/ 24 KB
24 KB 107ms
107ms Font
font/x-woff 104.22.17.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blueillusion.com/Assets/montserrat-regular-webfont.woff

Requested by

Host: www.blueillusion.com
URL: https://www.blueillusion.com/Assets/store_637939095619953556.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.17.186 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a25b3d15b009e0f2f1655cb1c05632c9c8936c29844d8d421dda90e18bfa4a8

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	NOSNIFF
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Referer: https://www.blueillusion.com/Assets/store_637939095619953556.min.css
Origin: https://www.blueillusion.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:41:58 GMT
content-encoding: gzip
x-content-type-options: NOSNIFF
cf-cache-status: HIT
age: 4526
vary: Accept-Encoding
x-xss-protection: 1
last-modified: Tue, 07 Nov 2017 08:47:42 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"0bc512a557d31:0"
strict-transport-security: max-age=15552000
content-type: font/x-woff
cache-control: max-age=14400
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
cf-ray: 74f5c2cb9a26df8d-MEL

GET
H2

200

asset_composer.js Show response
static.zdassets.com/ekr/
Redirect Chain

https://v2.zopim.com/?3IkR8QQkqj2r7j2FAMHt2RrZhUXkexMa
https://static.zdassets.com/ekr/asset_composer.js

23 KB
7 KB

304ms
103ms

Script
application/javascript

104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/asset_composer.js

Requested by

Host: www.blueillusion.com
URL: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO

Protocol

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c71a7bdc6e1f2f8875556b690007a65be9e5ae1fb285f76d85180c89a3fa52d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.blueillusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:41:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 12
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
strict-transport-security: max-age=0
x-amz-request-id: PQ9ND1X4N0CH2QXE
x-amz-id-2: bTeLel95lxFKMVngczA/xiFJkT/dnzgo7F3CfnyvPDZi85ny7zUWgRWAxEI68Ug6/d+XB1VMmnE=
last-modified: Thu, 28 Jul 2022 23:44:02 GMT
server: cloudflare
etag: W/"5cae6ce528dce0c327b2bcbaad459fdb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N9aTcEw1H8Je4HKYLW097si5qSTT9kV4%2Fh7E8ze6bFjPNjsREnK%2ByHjsSdz3VHDuzRdd9pAsjS4%2FIMEanKVrU776ymwHVmnThFuKTwc5KwnMrP15calqYCcFCvETgWO%2FwIi3sxY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=3600, s-maxage=60
x-amz-version-id: 57KHzv0Z81imwMa0XxScJAmcLiHhq1Ku
cf-ray: 74f5c2d00dbf17cc-MEL

Redirect headers

location: https://static.zdassets.com/ekr/asset_composer.js
date: Fri, 23 Sep 2022 19:41:59 GMT
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server: cloudflare
cf-ray: 74f5c2ce2a0b5a6d-MEL
vary: Accept-Encoding
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 sprite.png
www.blueillusion.com/Assets/ 9 KB
9 KB 115ms
115ms Image
image/webp 104.22.17.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.blueillusion.com/Assets/sprite.png

Requested by

Host: www.blueillusion.com
URL: https://www.blueillusion.com/Assets/store_637939095619953556.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.17.186 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07ffc5fb5f5dce1e83e1c5800597b86a91550de8f7df06fdcc2594fac70ae162

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	NOSNIFF
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.blueillusion.com/Assets/store_637939095619953556.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
via: NS-CACHE-10.0: 1
etag: "dd10a5628285d61:0"
cf-cache-status: HIT
age: 1223
cf-polished: origFmt=png, origSize=28731
xet-cookie
content-disposition: inline; filename="sprite.webp"
strict-transport-security: max-age=15552000
content-length: 9386
x-xss-protection: 1
last-modified: Tue, 08 Sep 2020 01:50:10 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
date: Fri, 23 Sep 2022 19:41:59 GMT
vary: Accept
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 74f5c2cbaa2fdf8d-MEL
x-content-type-options: NOSNIFF
cf-bgj: imgq:100,h2pri

GET
H2 200 montserrat-bold-webfont.woff
www.blueillusion.com/Assets/ 24 KB
24 KB 110ms
110ms Font
font/x-woff 104.22.17.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blueillusion.com/Assets/montserrat-bold-webfont.woff

Requested by

Host: www.blueillusion.com
URL: https://www.blueillusion.com/Assets/store_637939095619953556.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.17.186 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df52f3d62bc75da4e6ce3950143f6e4f4c1ba76067b2b2d49beb0070ca26c777

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	NOSNIFF
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Referer: https://www.blueillusion.com/Assets/store_637939095619953556.min.css
Origin: https://www.blueillusion.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:41:58 GMT
content-encoding: gzip
x-content-type-options: NOSNIFF
cf-cache-status: HIT
age: 4526
vary: Accept-Encoding
x-xss-protection: 1
last-modified: Tue, 07 Nov 2017 09:03:34 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"0b7344aa757d31:0"
strict-transport-security: max-age=15552000
content-type: font/x-woff
cache-control: max-age=14400
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
cf-ray: 74f5c2cbaa28df8d-MEL

GET
H2 200 montserrat-semibold-webfont.woff
www.blueillusion.com/Assets/ 32 KB
32 KB 113ms
112ms Font
font/x-woff 104.22.17.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blueillusion.com/Assets/montserrat-semibold-webfont.woff

Requested by

Host: www.blueillusion.com
URL: https://www.blueillusion.com/Assets/store_637939095619953556.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.17.186 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a054e5d6318b7d1de4e2133091cece586c2bc0ca2d8c66573876e1eb56aca5f0

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	NOSNIFF
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Referer: https://www.blueillusion.com/Assets/store_637939095619953556.min.css
Origin: https://www.blueillusion.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:41:58 GMT
content-encoding: gzip
x-content-type-options: NOSNIFF
cf-cache-status: HIT
age: 1008
vary: Accept-Encoding
x-xss-protection: 1
last-modified: Mon, 30 Apr 2018 09:27:20 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"08cb7065e0d31:0"
strict-transport-security: max-age=15552000
content-type: font/x-woff
cache-control: max-age=14400
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
cf-ray: 74f5c2cbaa29df8d-MEL

GET
H2 200 yellowstar.png
www.blueillusion.com/images/assetimages/icons/ 408 B
790 B 106ms
105ms Image
image/webp 104.22.17.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.blueillusion.com/images/assetimages/icons/yellowstar.png

Requested by

Host: www.blueillusion.com
URL: https://www.blueillusion.com/images/assetimages/css/client.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.17.186 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e072f6d509ad07c0d6e91dcb827a976c8697126881ce7659aeefe35cd731e886

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	NOSNIFF
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.blueillusion.com/images/assetimages/css/client.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
via: NS-CACHE-10.0: 1
etag: "24d67756961d61:0"
cf-cache-status: HIT
age: 7043
cf-polished: origFmt=png, origSize=1720
xet-cookie
content-disposition: inline; filename="yellowstar.webp"
strict-transport-security: max-age=15552000
content-length: 408
x-xss-protection: 1
last-modified: Tue, 24 Mar 2020 04:40:26 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
date: Fri, 23 Sep 2022 19:41:59 GMT
vary: Accept
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 74f5c2cbca38df8d-MEL
x-content-type-options: NOSNIFF
cf-bgj: imgq:100,h2pri

GET
H2 200 crimsontext-semibold-webfont.woff
www.blueillusion.com/Assets/ 33 KB
34 KB 108ms
107ms Font
font/x-woff 104.22.17.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blueillusion.com/Assets/crimsontext-semibold-webfont.woff

Requested by

Host: www.blueillusion.com
URL: https://www.blueillusion.com/Assets/store_637939095619953556.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.17.186 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf92cd843f3a83f137a36ee418703b44d8a62b10b5bb61280707c0b95cfca5df

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	NOSNIFF
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Referer: https://www.blueillusion.com/Assets/store_637939095619953556.min.css
Origin: https://www.blueillusion.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:41:59 GMT
content-encoding: gzip
x-content-type-options: NOSNIFF
cf-cache-status: HIT
age: 4526
vary: Accept-Encoding
x-xss-protection: 1
last-modified: Mon, 30 Apr 2018 08:41:04 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"0906bf95ee0d31:0"
strict-transport-security: max-age=15552000
content-type: font/x-woff
cache-control: max-age=14400
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
cf-ray: 74f5c2cbba34df8d-MEL

GET
H2 200 empty-star.png
www.blueillusion.com/images/assetimages/icons/ 518 B
679 B 130ms
126ms Image
image/webp 104.22.17.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.blueillusion.com/images/assetimages/icons/empty-star.png

Requested by

Host: www.blueillusion.com
URL: https://www.blueillusion.com/images/assetimages/css/client.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.17.186 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1b45d6cd7477e837392fa6d9f744f29f76aff9f1c05ccc5e33c3470754904f9

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	NOSNIFF
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.blueillusion.com/images/assetimages/css/client.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
via: NS-CACHE-10.0: 1
etag: "20f8d54a961d61:0"
cf-cache-status: HIT
age: 7043
cf-polished: origFmt=png, origSize=1909
xet-cookie
content-disposition: inline; filename="empty-star.webp"
strict-transport-security: max-age=15552000
content-length: 518
x-xss-protection: 1
last-modified: Tue, 24 Mar 2020 04:40:06 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
date: Fri, 23 Sep 2022 19:41:59 GMT
vary: Accept
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 74f5c2cceab5df8d-MEL
x-content-type-options: NOSNIFF
cf-bgj: imgq:100,h2pri

GET
H2 403 fraudnetguid Show response
www.blueillusion.com/api/payments/paypal/ 32 B
249 B 168ms
167ms XHR
application/json 104.22.17.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blueillusion.com/api/payments/paypal/fraudnetguid

Requested by

Host: www.blueillusion.com
URL: https://www.blueillusion.com/Assets/jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.17.186 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

77a855580e5777964c215031ff89acd8fcdaa6bd95af17ff1b772f75d4718add

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	NOSNIFF
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept: */*
Referer: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO
X_CART_CSRF_TOKEN: undefined
X-Requested-With: XMLHttpRequest
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:41:59 GMT
x-content-type-options: NOSNIFF
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: no-cache
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
strict-transport-security: max-age=15552000
cf-ray: 74f5c2cc7a7cdf8d-MEL
content-length: 32
x-xss-protection: 1
expires: -1

GET
H2 200 country Show response
www.blueillusion.com/api/location/ 5 B
120 B 184ms
183ms XHR
application/json 104.22.17.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blueillusion.com/api/location/country

Requested by

Host: www.blueillusion.com
URL: https://www.blueillusion.com/Assets/jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.17.186 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b81ec9e7fee0fd3d9304e5bfda6c0a8faff3dfab0e922b496bae42823faa902

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	NOSNIFF
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept: */*
Referer: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO
X-Requested-With: XMLHttpRequest
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:41:59 GMT
x-content-type-options: NOSNIFF
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: no-cache
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
strict-transport-security: max-age=15552000
cf-ray: 74f5c2ccaa89df8d-MEL
content-length: 5
x-xss-protection: 1
expires: -1

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 249C 15 KB
6 KB 513ms
170ms Document
text/html 182.161.73.136
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=www.blueillusion.com&origin=onetag

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

3b699c2cd84c5722e0c9f34ec0c60a9f548901168f95d86b4f1df433a7b5cc60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.blueillusion.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 23 Sep 2022 19:41:59 GMT
server: Kestrel
server-processing-duration-in-ticks: 324968
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 178ms
177ms Script
text/javascript 74.125.200.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f113.1e100.net

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.blueillusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:22:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1187
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1129
x-xss-protection: 0
last-modified: Thu, 30 Dec 2021 12:48:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 23 Sep 2022 20:22:12 GMT

GET
H2 200 3IkR8QQkqj2r7j2FAMHt2RrZhUXkexMa Show response
ekr.zdassets.com/compose/zopim_chat/ 336 B
1 KB 889ms
692ms XHR
application/json 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/zopim_chat/3IkR8QQkqj2r7j2FAMHt2RrZhUXkexMa

Requested by

Host: v2.zopim.com
URL: https://v2.zopim.com/?3IkR8QQkqj2r7j2FAMHt2RrZhUXkexMa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

087dc4dd72225ad6a1f85e7cbb6055ecd94ac44920143e7d10ba086b9e2eaf93

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.blueillusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:42:00 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
cf-ray: 74f5c2d1f96cdfa1-MEL
status: 200 OK
access-control-allow-methods: GET, POST, OPTIONS
strict-transport-security: max-age=0
vary: Origin, Accept-Encoding
x-xss-protection: 1; mode=block
x-request-id: c2fc787a399bb05afbd21a65fe202287, c2fc787a399bb05afbd21a65fe202287
x-runtime: 0.004922
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"087dc4dd72225ad6a1f85e7cbb6055ec"
x-zendesk-zorg: yes
access-control-max-age: 7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yzzjOIJFbNLDdgOXSMCwoWBCNqm%2FfatZp%2FzQomCjsMyoGH0GGyyQkhZzUIVeOTuUgJ%2B4rk6TZQrm3suOZzgjq0lroIPByXacPnzDO2yez6SaA%2BmVUe%2BstPMch8ZQ%2B228NdM%3D"}],"group":"cf-nel","max_age":604800}
x-download-options: noopen
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=600, public, s-maxage=60, stale-while-revalidate=600, stale-if-error=3600
content-type: application/json; charset=utf-8

GET
H2 200 json Show response
gum.criteo.com/sid/ Frame 249C 476 B
584 B 173ms
173ms Fetch
application/json 182.161.73.136
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=onetag&domain=blueillusion.com&sn=ChromeSyncframe&so=0&topUrl=www.blueillusion.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0

Requested by

Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?topUrl=www.blueillusion.com&origin=onetag

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

34ef286f750e956847c7886d894a60bc70aeb301afce4871193ee1cb9f28eda5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://gum.criteo.com/syncframe?topUrl=www.blueillusion.com&origin=onetag
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:41:59 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 2285318
strict-transport-security: max-age=31536000; preload;
expires: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
213 B 179ms
178ms XHR
text/plain 74.125.200.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j97&a=1044647150&t=pageview&cu=AUD&_s=1&dl=https%3A%2F%2Fwww.blueillusion.com%2Fsale%3Futm_source%3Dmobile%26utm_medium%3Dsms%26utm_campaign%3DWK8_TAF50_MNO&ul=en-us&de=UTF-8&dt=SALE%20%7C%20Shop%20Online%20%7C%20Blue%20Illusion&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAEIJAAAAAC~&jid=497540014&gjid=1754001814&cid=856812163.1663962120&tid=UA-2642739-4&_gid=2053788488.1663962120&_r=1&_slc=1&il1nm=Product%20Listing&il1pi1id=114733CNE&il1pi1nm=Cotton%20Embroidered%20Shirt&il1pi1ca=sale&il1pi1ps=1&il1pi1pr=99.99&il1pi2id=19866VEP&il1pi2nm=V%20Neck%20Swing%20Jersey%20Top&il1pi2ca=sale&il1pi2ps=2&il1pi2pr=79.99&il1pi3id=19848VM&il1pi3nm=Neck%20Twist%20Jersey%20Top%20&il1pi3ca=sale&il1pi3ps=3&il1pi3pr=49.99&il1pi4id=114721RNS&il1pi4nm=Stripe%20Rayon%20Shirt&il1pi4ca=sale&il1pi4ps=4&il1pi4pr=99.99&il1pi5id=714730CNP&il1pi5nm=Toile%20De%20Jouy%20Cotton%20Dress&il1pi5ca=sale&il1pi5ps=5&il1pi5pr=149.99&il1pi6id=214726RNC&il1pi6nm=Jacquard%20Ponte%20Pant&il1pi6ca=sale&il1pi6ps=6&il1pi6pr=129.99&il1pi7id=114734VBJ&il1pi7nm=Textured%20Jersey%20Top&il1pi7ca=sale&il1pi7ps=7&il1pi7pr=79.99&il1pi8id=213917CNM&il1pi8nm=Stretch%20Cord%20Pant&il1pi8ca=sale&il1pi8ps=8&il1pi8pr=129.99&il1pi9id=713892VCP&il1pi9nm=Frill%20Detail%20Midi%20Dress&il1pi9ca=sale&il1pi9ps=9&il1pi9pr=149.99&il1pi10id=113885RNP&il1pi10nm=Paisley%20Print%20Blouse&il1pi10ca=sale&il1pi10ps=10&il1pi10pr=99.99&il1pi11id=113936CSP&il1pi11nm=Tile%20Print%20Cotton%20Shirt&il1pi11ca=sale&il1pi11ps=11&il1pi11pr=49.99&il1pi12id=19850MWS&il1pi12nm=Wool%20Jersey%20Tee&il1pi12ca=sale&il1pi12ps=12&il1pi12pr=69.99&il1pi13id=513763CNM&il1pi13nm=Button%20Back%20Jumper&il1pi13ca=sale&il1pi13ps=13&il1pi13pr=79.99&il1pi14id=113874VSP&il1pi14nm=Pierre%20Print%20Top&il1pi14ca=sale&il1pi14ps=14&il1pi14pr=79.99&il1pi15id=513815CNM&il1pi15nm=Cotton%20Lattice%20Cardigan&il1pi15ca=sale&il1pi15ps=15&il1pi15pr=79.99&il1pi16id=712929VSP&il1pi16nm=Pierre%20Print%20Dress&il1pi16ca=sale&il1pi16ps=16&il1pi16pr=129.99&il1pi17id=17939CNP&il1pi17nm=Waterfall%20Floral%20Shirt&il1pi17ca=sale&il1pi17ps=17&il1pi17pr=49.99&il1pi18id=213905PNM&il1pi18nm=Vegan%20Leather%20Legging%20&il1pi18ca=sale&il1pi18ps=18&il1pi18pr=49.99&il1pi19id=113895WOM&il1pi19nm=Boiled%20Wool%20Top%20&il1pi19ca=sale&il1pi19ps=19&il1pi19pr=129.99&il1pi20id=513886PLM&il1pi20nm=Quilted%20Puffer%20Coat&il1pi20ca=sale&il1pi20ps=20&il1pi20pr=149.99&il1pi21id=713907CCP&il1pi21nm=Button%20Cotton%20Cord%20Dress&il1pi21ca=sale&il1pi21ps=21&il1pi21pr=129.99&il1pi22id=113848VCP&il1pi22nm=Tile%20Print%20Shirt&il1pi22ca=sale&il1pi22ps=22&il1pi22pr=99.99&il1pi23id=511852CNM&il1pi23nm=Cotton%20Cable%20Knit%20&il1pi23ca=sale&il1pi23ps=23&il1pi23pr=69.99&il1pi24id=27942PNP&il1pi24nm=Printed%20Ponte%20Pant%20&il1pi24ca=sale&il1pi24ps=24&il1pi24pr=99.99&z=1429131571

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f113.1e100.net

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.blueillusion.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:41:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.blueillusion.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 101 KB
27 KB 520ms
172ms Script
application/x-javascript 157.240.235.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.blueillusion.com
URL: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.1 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-04-sin6.fbcdn.net

Software

Resource Hash

844bfb2ff3311ad9b5611b51d8c72e0c483a8ceafe7c625a5c321637f9277399

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.blueillusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26839
x-xss-protection: 0
pragma: public
x-fb-debug: MVenrlj4U9bpXAnPCR5B6owVxbd/KQ0NtGQ37u5W3QMKay4ppaFvRkuTuoON4iFIS6cL4b//Pe9U4gUS84ICjQ==
x-fb-trip-id: 548340344
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 23 Sep 2022 19:42:00 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 snippet.js Show response
static.zdassets.com/ekr/ 23 KB
6 KB 107ms
104ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/snippet.js?key=46f21e58-cae5-412d-bcf3-30ae415576ad

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KFG7HQ2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c71a7bdc6e1f2f8875556b690007a65be9e5ae1fb285f76d85180c89a3fa52d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.blueillusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:42:00 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 32
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
strict-transport-security: max-age=0
x-amz-request-id: JGRRH48ZV2EK1N4J
x-amz-id-2: Gm2UXkGbde6EKIhjpG69ICq6LBzQ1XmgQembXT7dRGnkoV3R+EMY52ckJ5BGQzSijnmwv/oqKII=
last-modified: Thu, 28 Jul 2022 23:44:02 GMT
server: cloudflare
etag: W/"5cae6ce528dce0c327b2bcbaad459fdb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c3ltb4qq6btExeqQBsvuRrYIz90Z%2BbXMb53Y6L8XY%2FPwbq62UgQxPFQenU%2F3CFzoQyglaGpxf8XZEQWmzCtMwPKUjiw1g4aEcKEJyzdJ1kH6yJgKChzC2S9dATSqYu3U6Y9A%2Fr8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=3600, s-maxage=60
x-amz-version-id: TCAqq4sghBBBAAXd3MLZ8Fy8XIds..vO
cf-ray: 74f5c2d24f2d17cc-MEL

GET
H2

200

67931 Show response
cfjump.blueillusion.com/tag/
Redirect Chain

https://t.cfjump.com/tag/67931
https://cfjump.blueillusion.com/tag/67931

4 KB
2 KB

315ms
99ms

Script
application/javascript

40.82.218.196
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://cfjump.blueillusion.com/tag/67931

Requested by

Host: www.blueillusion.com
URL: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO

Protocol

Server

40.82.218.196 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

commissionfactory.com

Software

Resource Hash

62ee613ca8b541649ee0a4d2837ded36aa87991ef1030a31cf2030410ff30d5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.blueillusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
date: Fri, 23 Sep 2022 19:41:59 GMT
vary: Accept-Encoding
p3p: policyref="https://t.cfjump.com/w3c/p3p.xml", CP="NOI DEVa TAIa OUR BUS UNI STA"
cache-control: private, max-age=900
content-type: application/javascript; charset=utf-8
content-length: 1526

Redirect headers

location: https://cfjump.blueillusion.com/tag/67931
strict-transport-security: max-age=300
cache-control: private, max-age=900
p3p: policyref="https://t.cfjump.com/w3c/p3p.xml", CP="NOI DEVa TAIa OUR BUS UNI STA"
date: Fri, 23 Sep 2022 19:41:59 GMT
content-length: 158
content-type: text/html; charset=utf-8

GET
H2 200 code.js Show response
td.yieldify.com/yieldify/ 502 KB
72 KB 271ms
85ms Script
text/javascript 151.101.128.233
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://td.yieldify.com/yieldify/code.js?w_uuid=afdcaa85-0322-47cc-8217-bdc10ef8fd14&k=1&loca=https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO

Requested by

Host: www.blueillusion.com
URL: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.128.233 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8fe5270f7c1f91fd6b75e0357d1b92bde3adfdbae4d8822de29003517b37ba92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.blueillusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
age: 33771
x-cache: HIT
x-device: desktop
content-length: 73751
x-xss-protection: 1; mode=block
x-served-by: cache-mel11263-MEL
last-modified: Fri, 23 Sep 2022 10:19:04 GMT
x-timer: S1663962120.228118,VS0,VE0
date: Fri, 23 Sep 2022 19:42:00 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
via: 1.1 varnish
cache-control: no-cache, no-store, must-revalidate
etag: "a2bf8aacd6b7a882a3cc89435ab417d4"
accept-ranges: bytes
x-cache-hits: 3

GET
H2 404 yieldify-sw.js
www.blueillusion.com/images/assetimages/css/ 0
0 110ms
108ms Script
text/html 104.22.17.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blueillusion.com/images/assetimages/css/yieldify-sw.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KFG7HQ2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.17.186 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	NOSNIFF
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:42:00 GMT
content-encoding: gzip
x-content-type-options: NOSNIFF
cf-cache-status: HIT
server: cloudflare
age: 155
x-frame-options: SAMEORIGIN
content-type: text/html
cache-control: max-age=14400
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
strict-transport-security: max-age=15552000
cf-ray: 74f5c2d24c93df8d-MEL
vary: Accept-Encoding
x-xss-protection: 1

GET
H2 200 lxt.js Show response
tag.lexer.io/ 13 KB
4 KB 566ms
171ms Script
application/javascript 13.227.254.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.lexer.io/lxt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KFG7HQ2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.254.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-254-49.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7c06f887788ce85eec98f8e7225c79ffcb58bfe0e3d605a2d353d519f799d5fb

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.blueillusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 20:59:40 GMT
content-encoding: gzip
last-modified: Tue, 22 Sep 2020 03:20:53 GMT
server: AmazonS3
age: 81836
etag: W/"6e3c20ea155eb0a14053b9fb929baa9c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 c57dcf725f15a754ea7be2a7d262cec2.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
x-amz-cf-id: pvWHAYLy1jF5FGNX6UyzHTave1KW4QtQCzl8qORNoGnlpJlgUhBsUg==

GET
H2 200 8qyb4swwdp Show response
www.clarity.ms/tag/ 2 KB
2 KB 531ms
306ms Script
application/x-javascript 13.107.246.59
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/8qyb4swwdp?ref=gtm2
Requested by: Host: www.blueillusion.com
URL: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.246.59 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: b29c4cf57b0910df71382f2dfe1cf3f3980092ed8f4610442f8a5f4a66c7e935

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.blueillusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:41:59 GMT
x-powered-by: ASP.NET
x-azure-ref: 0CAwuYwAAAABNRZ3T0/r/QpzJgBZA+4EvTUVMMDFFREdFMDkxNQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
request-context: appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0
content-length: 1831
expires: -1

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 1 KB
1 KB 991ms
441ms Script
application/javascript 23.207.36.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KFG7HQ2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.207.36.192 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-207-36-192.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: dbcef3b5ce770e8a3e8350473f04fbe627a78fa93a4441a24afec965643733e8

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.blueillusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

akamai-x-true-ttl: 7200
x-cdn: akamai
etag: "cd5f811dc7c19de8566479150bc37ef8"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=7200
accept-ranges: bytes
content-length: 1146
access-control-expose-headers: X-CDN

GET
H2 200 event Show response
sslwidget.criteo.com/ 10 KB
5 KB 524ms
181ms Script
application/x-javascript 182.161.73.146
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://sslwidget.criteo.com/event?a=22812&v=5.12.1&p0=e%3Dce%26m%3D%255Bmarketing%252540blueillusion.com%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvl%26p%3D%255B114733CNE%252C19866VEP%252C19848VM%255D&p3=e%3Ddis&adce=1&bundle=_LMVuV9YMXFJY0lUcEtCb2ozczBmczFwQWFFWTZYcENYa3NUTnFHdWMyRkVUOFBnJTJCTnIlMkZ0b0ZjemclMkJJTWElMkZ6dSUyRjZsRjZ0ekdvJTJGSiUyQjlIZndyb2RhMkZLZ1RjNFcxaUYlMkZqcGxFZmpGVUh6Zms4NW5sUGhLejZZSUhWdnJMZVpzRlVMOUxtekxJY3lKZUV4ZWtHcmx1QmhkWTg1RiUyQlVVcyUyRkhqQk4xTHJxVWtkRmUzWSUzRA&tld=blueillusion.com&fu=https%253A%252F%252Fwww.blueillusion.com%252Fsale%253Futm_source%253Dmobile%2526utm_medium%253Dsms%2526utm_campaign%253DWK8_TAF50_MNO&dtycbr=49737

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.146 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

616223bd857eba383d459bf05660155c37e3fcc2f2d141bee32aa58111d1bdcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.blueillusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:41:59 GMT
content-encoding: gzip
server: Kestrel
timing-allow-origin: *
strict-transport-security: max-age=31536000; preload;
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 10525371
content-type: application/x-javascript
expires: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 8 B
450 B 518ms
178ms XHR
text/plain 142.251.10.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-2642739-4&cid=856812163.1663962120&jid=497540014&gjid=1754001814&_gid=2053788488.1663962120&_u=aGBAAEIIAAAAAC~&z=241231094

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f156.1e100.net

Software

Golfe2 /

Resource Hash

7817ee889e9c73351b96c97c740c9dd746ba87ebd6c6fcab3cd77cd021920ce7

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.blueillusion.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 23 Sep 2022 19:42:00 GMT
content-type: text/plain
access-control-allow-origin: https://www.blueillusion.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 46f21e58-cae5-412d-bcf3-30ae415576ad Show response
ekr.zdassets.com/compose/ 336 B
544 B 707ms
707ms XHR
application/json 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/46f21e58-cae5-412d-bcf3-30ae415576ad

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=46f21e58-cae5-412d-bcf3-30ae415576ad

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

087dc4dd72225ad6a1f85e7cbb6055ecd94ac44920143e7d10ba086b9e2eaf93

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.blueillusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:42:00 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
cf-ray: 74f5c2d2f9c1dfa1-MEL
status: 200 OK
access-control-allow-methods: GET, POST, OPTIONS
strict-transport-security: max-age=0
vary: Origin, Accept-Encoding
x-xss-protection: 1; mode=block
x-request-id: a9d0d310adea2dc08f4d570555d16633, a9d0d310adea2dc08f4d570555d16633
x-runtime: 0.005344
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"087dc4dd72225ad6a1f85e7cbb6055ec"
x-zendesk-zorg: yes
access-control-max-age: 7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DHEor2yFD7ALPuKrVMhkCzQ%2FwHS57rlCUZ%2FgK%2FssftdjpuV4OURa9jOfV%2F6qfrZ49DVnq1dS4fxC1vEFCBNLl8CLTB4tU0swK7RX4x17Owkai4ChRTVJe8uhXHN5ZtHneRA%3D"}],"group":"cf-nel","max_age":604800}
x-download-options: noopen
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=600, public, s-maxage=60, stale-while-revalidate=600, stale-if-error=3600
content-type: application/json; charset=utf-8

GET
H2 200 bundle.js Show response
custom.yieldify.com/v1/100297/100493/edd3d78bd8/ 318 KB
94 KB 92ms
87ms Script
application/javascript 151.101.128.233
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://custom.yieldify.com/v1/100297/100493/edd3d78bd8/bundle.js

Requested by

Host: td.yieldify.com
URL: https://td.yieldify.com/yieldify/code.js?w_uuid=afdcaa85-0322-47cc-8217-bdc10ef8fd14&k=1&loca=https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.128.233 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

401164c260ffefce79148d8c45b166684159392b61315b04c04f791b73bb5290

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.blueillusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
age: 33925
x-cache: HIT
content-length: 95742
x-amz-id-2: DKGQH33CcwmlKNIoP3nw4WomjIAClw/rrj9KjTfg7pAtKCioUvqjVw6h3HPJYe6zMEd/GGmLzEQ=
x-served-by: cache-mel11263-MEL
last-modified: Fri, 09 Sep 2022 10:07:12 GMT
server: AmazonS3
x-timer: S1663962121.505110,VS0,VE0
date: Fri, 23 Sep 2022 19:42:00 GMT
vary: Accept-Encoding
x-amz-request-id: KG39151Z07TPXMQK
via: 1.1 varnish
x-xss-protection: 1; mode=block
cache-control: max-age=86400, public
etag: "47624ecf18e0f4258a455aacbd9ca984"
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 14

GET
H2 200 main-web-worker.js Show response
td.yieldify.com/0.0.1/tag/1.294.0/ 242 KB
66 KB 263ms
85ms Fetch
text/javascript 151.101.128.233
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://td.yieldify.com/0.0.1/tag/1.294.0/main-web-worker.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.128.233 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

8d0d7857e633a9fa63e678728b5cd267fd731d2076fdb6f5dda45e92aa128814

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.blueillusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
age: 121295
via: 1.1 varnish
x-cache: HIT
x-device: desktop
content-length: 67521
x-xss-protection: 1; mode=block
x-served-by: cache-mel11230-MEL
last-modified: Thu, 22 Sep 2022 10:00:04 GMT
server: AmazonS3
x-timer: S1663962121.683133,VS0,VE0
date: Fri, 23 Sep 2022 19:42:00 GMT
vary: Accept-Encoding
access-control-allow-methods: OPTIONS,GET
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
etag: "2eabf38502217108f93f1eb567108ee5"
accept-ranges: bytes
x-cache-hits: 6197

GET
H2 200 clarity.js Show response
www.clarity.ms/eus/s/0.6.40/ 54 KB
23 KB 304ms
304ms Script
application/javascript 13.107.246.59
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus/s/0.6.40/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/8qyb4swwdp?ref=gtm2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.246.59 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: bbffae0d03e6d48b808856596e595ab718c08bbc4476e7323bfcff4a6f833260

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.blueillusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:41:59 GMT
content-encoding: br
etag: "1d8c7baa5622330"
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
x-azure-ref: 0CAwuYwAAAAC/TLIyzXDYRqEMId+h0N7wTUVMMDFFREdFMDkxNQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
accept-ranges: bytes
content-length: 23442
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

GET
H2 200 favicon.ico Show response
www.blueillusion.com/ 1 KB
481 B 122ms
122ms Fetch
image/x-icon 104.22.17.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blueillusion.com/favicon.ico

Requested by

Host: custom.yieldify.com
URL: https://custom.yieldify.com/v1/100297/100493/edd3d78bd8/bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.17.186 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4de2b90f62761956cfd3287c360d02aeb100ed79b3e5f76ac0f3d513169be366

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	NOSNIFF
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:42:00 GMT
via: NS-CACHE-10.0: 1
x-content-type-options: NOSNIFF
cf-cache-status: HIT
age: 155
content-encoding: gzip
vary: Accept-Encoding
x-xss-protection: 1
last-modified: Thu, 21 Jan 2010 02:10:28 GMT
server: cloudflare
cache-control: max-age=14400
x-frame-options: SAMEORIGIN
etag: W/"52ab4e63e9aca1:0"
strict-transport-security: max-age=15552000
content-type: image/x-icon
xet-cookie
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
cf-ray: 74f5c2d60deadf8d-MEL

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 525ms
177ms Image
image/gif 142.251.10.147
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-2642739-4&cid=856812163.1663962120&jid=497540014&_u=aGBAAEIIAAAAAC~&z=1540758650

Requested by

Host: www.blueillusion.com
URL: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.147 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f147.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.blueillusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:42:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com.au/ads/ 42 B
501 B 517ms
175ms Image
image/gif 172.253.118.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.au/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-2642739-4&cid=856812163.1663962120&jid=497540014&_u=aGBAAEIIAAAAAC~&z=1540758650

Requested by

Host: www.blueillusion.com
URL: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.blueillusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:42:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 web-widget-framework-401beb9ea3bd83e9b796.js Show response
static.zdassets.com/web_widget/latest/ Frame F6B0 147 KB
48 KB 107ms
106ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-framework-401beb9ea3bd83e9b796.js

Requested by

Host: v2.zopim.com
URL: https://v2.zopim.com/?3IkR8QQkqj2r7j2FAMHt2RrZhUXkexMa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6783bc22d46ca05d14703dfa990a15809e5ff306e89779b3583c9faadfc352df

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:42:00 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 410238
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: PC52SYZVDYMCQ5E8
x-amz-id-2: jUxO0dBy7oBT0AiNrqd6h6IFN9suiylsiOfBn6VICyXQpXZmav8/JjCJGTBe6xmvE6Ub/KxVzRw=
last-modified: Sun, 18 Sep 2022 23:58:39 GMT
server: cloudflare
etag: W/"ca364dd1a5fc1e2861160ee6bffcd7fc"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lZLU2miMJgLgvCa9qnBx7xiggunp%2FgClTz7qBXFcTLQVDP9%2FT1rCK0eI%2BT5qfBQPmXTnTAhQxedDSNi%2FuHOgVQR%2BCPQCiEQ6gpZask0820eL4MpkeFk4p6HrlNyW5lqSdhkGu2I%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: UReOa9Mepubnz5Cn2_rcFnisRumO4QKg
cf-ray: 74f5c2d6598117cc-MEL
expires: Mon, 18 Sep 2023 23:58:37 GMT

GET
H3 200 1642436512635525 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 552ms
380ms Script
application/x-javascript 157.240.235.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1642436512635525?v=2.9.83&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.235.1 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-04-sin6.fbcdn.net

Software

Resource Hash

66e3b33f383f4f19f62ab96e5af48726e51d1b1e0c65ca365b4d47d6a8822900

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.blueillusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: y7qylujxxiOrTJh1XU5rwmEQh0+IaPhoyyfiXo0cTrea0nHaGde5C3hL2RdvO0D6dV/vh24tXd4ClJLhAf4uzA==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 23 Sep 2022 19:42:01 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 favicon.ico
www.blueillusion.com/ 1 KB
423 B 109ms
108ms Image
image/x-icon 104.22.17.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.blueillusion.com/favicon.ico

Requested by

Host: www.blueillusion.com
URL: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.17.186 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4de2b90f62761956cfd3287c360d02aeb100ed79b3e5f76ac0f3d513169be366

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	NOSNIFF
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Referer: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO
Origin: https://www.blueillusion.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:42:00 GMT
via: NS-CACHE-10.0: 1
x-content-type-options: NOSNIFF
cf-cache-status: HIT
age: 2457
content-encoding: gzip
vary: Accept-Encoding
x-xss-protection: 1
last-modified: Thu, 21 Jan 2010 02:10:28 GMT
server: cloudflare
cache-control: max-age=14400
x-frame-options: SAMEORIGIN
etag: W/"52ab4e63e9aca1:0"
strict-transport-security: max-age=15552000
content-type: image/x-icon
xet-cookie
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
cf-ray: 74f5c2d6de30df8d-MEL

GET
H2 200 config Show response
blueillusionhelp.zendesk.com/embeddable/ Frame F6B0 748 B
1 KB 349ms
115ms Fetch
application/json 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blueillusionhelp.zendesk.com/embeddable/config
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-401beb9ea3bd83e9b796.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ccaf019806ce540fa9dd30cee710e5695ec0cd5d5a0e6f31591ba091585061b1

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:42:01 GMT
content-encoding: br
vary: Origin, Accept-Encoding
cf-cache-status: UPDATING
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 366
x-zendesk-origin-server: embeddable-app-server-5475c9ffc5-748k6
access-control-allow-methods: GET
x-cached: STALE
x-request-id: 0f702f2493e689db664be2aae5447088
x-runtime: 0.001845
last-modified: Fri, 23 Sep 2022 19:35:55 GMT
server: cloudflare
access-control-max-age: 7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dSWQh9NTKlXtBtvQqg3WfBB%2FdA7UEKNs0G1vtl11s%2Bpzt7%2F%2Buffb86JWSIQI0%2B8AQPwflo4H0klRdK7krGiR12A16%2B80YXU98P2h9xxvENSna4hfdPdbau4UeBLnbEgCA6GvWMk3J%2BXexfL76UU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
cf-ray: 74f5c2d8acd65aa4-MEL

GET
H2 200 web-widget-framework-401beb9ea3bd83e9b796.js Show response
static.zdassets.com/web_widget/latest/ Frame 7AA9 147 KB
48 KB 109ms
108ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-framework-401beb9ea3bd83e9b796.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=46f21e58-cae5-412d-bcf3-30ae415576ad

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6783bc22d46ca05d14703dfa990a15809e5ff306e89779b3583c9faadfc352df

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:42:00 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 410238
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: PC52SYZVDYMCQ5E8
x-amz-id-2: jUxO0dBy7oBT0AiNrqd6h6IFN9suiylsiOfBn6VICyXQpXZmav8/JjCJGTBe6xmvE6Ub/KxVzRw=
last-modified: Sun, 18 Sep 2022 23:58:39 GMT
server: cloudflare
etag: W/"ca364dd1a5fc1e2861160ee6bffcd7fc"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sRiH3wRCuhsrQbAlHAloCqRZlvSgTkT4hWAIcIajplaVUQW989QH8Mh4DzJi%2BWgq%2BY9dQj49JFjImLCubQdzxjeuenwwJfxwG2xert4mfqIww1SiU8yZ7uPHH3URLV%2F4Njp8gWg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: UReOa9Mepubnz5Cn2_rcFnisRumO4QKg
cf-ray: 74f5c2d77a2b17cc-MEL
expires: Mon, 18 Sep 2023 23:58:37 GMT

GET
H/1.1 200
OK i Show response
v2.dc.yieldify.com/ 43 B
418 B 1633ms
429ms Fetch
image/gif 99.81.145.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://v2.dc.yieldify.com/i?e=ue&ue_px=eyJkYXRhIjp7ImRhdGEiOnsibHZsIjoiV0FSTiIsIm1zZyI6IntcIm1zZ1wiOlwiVzAzNFwiLFwiYXJnc1wiOntcIm1lc3NhZ2VcIjpcIkZhaWxlZCB0byBjb25zdHJ1Y3QgJ1dvcmtlcic6IEFjY2VzcyB0byB0aGUgc2NyaXB0IGF0ICdibG9iOmh0dHBzOi8vd3d3LmJsdWVpbGx1c2lvbi5jb20vODUyNmQ5MjUtZTBmMy00NzEyLThmYTItZmYwNDJhMmZjYjc0JyBpcyBkZW5pZWQgYnkgdGhlIGRvY3VtZW50J3MgQ29udGVudCBTZWN1cml0eSBQb2xpY3kuXCJ9fSIsImV0IjoiVGFnTG9nIiwib2lkIjoxMDAyOTcsIndpZCI6MTAwNDkzLCJkZXYiOiJkZXNrdG9wIiwiZHdlbGwiOjB9fX0%3D&tv=2-3.4.0&aid=100493&yuid=5e07de21-f196-47f6-9013-204ff36fae8e&url=https%3A%2F%2Fwww.blueillusion.com%2Fsale%3Futm_source%3Dmobile%26utm_medium%3Dsms%26utm_campaign%3DWK8_TAF50_MNO&dtm=1663962120842&sc=1&ec=1&trv=1.294.0&tuuid=e669a88a-0514-4a02-8e40-f19cfba83b77&bid=e333e24b-9246-4307-bcc4-9e6af92336f4&hcc=false
Requested by: Host: td.yieldify.com
URL: https://td.yieldify.com/yieldify/code.js?w_uuid=afdcaa85-0322-47cc-8217-bdc10ef8fd14&k=1&loca=https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.81.145.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-81-145-251.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.blueillusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 23 Sep 2022 19:42:02 GMT
Connection: keep-alive
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Content-Length: 43
Vary: Origin
Content-Type: image/gif

GET
H2 200 main.html
td.yieldify.com/0.0.1/tag/1.294.0/ Frame 69F2 0
0 86ms
85ms Document
text/html 151.101.128.233
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://td.yieldify.com/0.0.1/tag/1.294.0/main.html

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.128.233 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.blueillusion.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
age: 121280
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 68647
content-type: text/html; charset=UTF-8
date: Fri, 23 Sep 2022 19:42:00 GMT
etag: "1824e81542439a4111b1405af626dc1e"
last-modified: Thu, 22 Sep 2022 10:00:04 GMT
origin-agent-cluster: ?1
server: AmazonS3
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 195
x-content-type-options: nosniff
x-device: desktop
x-served-by: cache-mel11263-MEL
x-timer: S1663962121.889989,VS0,VE0
x-xss-protection: 1; mode=block

GET
H2 200 config Show response
blueillusionhelp.zendesk.com/embeddable/ Frame 7AA9 748 B
744 B 203ms
141ms Fetch
application/json 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blueillusionhelp.zendesk.com/embeddable/config
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-401beb9ea3bd83e9b796.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ccaf019806ce540fa9dd30cee710e5695ec0cd5d5a0e6f31591ba091585061b1

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:42:01 GMT
content-encoding: br
vary: Origin, Accept-Encoding
cf-cache-status: EXPIRED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server: embeddable-app-server-5475c9ffc5-748k6
access-control-allow-methods: GET
x-cached: STALE
x-request-id: e1969d4c7645f939eda189092e79084e
x-runtime: 0.001525
last-modified: Fri, 23 Sep 2022 19:35:55 GMT
server: cloudflare
access-control-max-age: 7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x9Te7meF%2B19kVQEsgHVJkVAEg3fkbku3OxZh%2F%2FAgEyMXTDPF5c8jvD54a5lww6a4UpMhHjMV%2FwVVfNJQ5QYTjI5bKHx6eofpnck8Co3XO92t1YMy93F%2BN2rGO4sVg9yaQsXN4WAfmrr2WnOlVCA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
cf-ray: 74f5c2d8acd75aa4-MEL

POST
H2 204 collect Show response
d.clarity.ms/ 0
180 B 1194ms
594ms XHR
text/plain 40.76.174.66
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus/s/0.6.40/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.76.174.66 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.blueillusion.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin: https://www.blueillusion.com
date: Fri, 23 Sep 2022 19:42:01 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

GET
H2 200 main.8f82d377.js Show response
s.pinimg.com/ct/lib/ 53 KB
18 KB 453ms
452ms Script
application/javascript 23.207.36.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.8f82d377.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.207.36.192 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-207-36-192.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4f25f48fb8f5b3c62c284b36c633d0b6575511eb96bb76f690493a86a30523c0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.blueillusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

akamai-x-true-ttl: 1209600
content-encoding: gzip
x-cdn: akamai
etag: "a6d88dfc00c49311bf8bfb0c93dd49d4"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 18620
access-control-expose-headers: X-CDN

GET
H2 200 web-widget-classic-4959cd4.js Show response
static.zdassets.com/web_widget/latest/classic/ Frame F6B0 13 KB
4 KB 104ms
104ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-4959cd4.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-401beb9ea3bd83e9b796.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3caf19893483cd06da959888158dbe3d510e854ca18aa791150e6ed536aca74b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:42:01 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 410239
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: ZGGRM5K29Q75H60H
x-amz-id-2: FyDXNhRUioQeCFhrw9l8qKNh3BCbdkaB7yW5aS7L/rwlM+GSTscNgRnnl//e2DrV+Gmv5P8bCX8=
last-modified: Sun, 18 Sep 2022 23:58:51 GMT
server: cloudflare
etag: W/"2c6d6e70bc75361eb638897d59167f88"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B7Cn8%2BFTqct9hrohel9EYmO%2FUxeviOEgtSW%2F8qUjyWlvWHh913QempB1ANoQTiC5IhZ1pgGbAFu%2FTuak5myXi76qBQ7Hu6jUeVR6wsOTMWFZUdD9EFb4nIJfoZ0c1UPgG%2Fgq9oA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: PeIFmheKLB0W1j6uanpnO.FllYN6RFSf
cf-ray: 74f5c2d95b9e17cc-MEL
expires: Mon, 18 Sep 2023 23:58:50 GMT

GET
H2 200 web-widget-classic-4959cd4.js Show response
static.zdassets.com/web_widget/latest/classic/ Frame 7AA9 13 KB
4 KB 104ms
103ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-4959cd4.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-401beb9ea3bd83e9b796.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3caf19893483cd06da959888158dbe3d510e854ca18aa791150e6ed536aca74b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:42:01 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 410239
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: ZGGRM5K29Q75H60H
x-amz-id-2: FyDXNhRUioQeCFhrw9l8qKNh3BCbdkaB7yW5aS7L/rwlM+GSTscNgRnnl//e2DrV+Gmv5P8bCX8=
last-modified: Sun, 18 Sep 2022 23:58:51 GMT
server: cloudflare
etag: W/"2c6d6e70bc75361eb638897d59167f88"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tLGqnHg85lLcf5lxV2IMCZNIf48sbdUgjozLMGyZFy%2FJIX1dJCE2oSILskRkhdiNZ8M4nPQwujV5j9rfJmr3RXE%2BVDmCH7qQZMaiXfMwQNh73npm5Zlu%2Fq%2BlaHts9ZtMLaGWNJk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: PeIFmheKLB0W1j6uanpnO.FllYN6RFSf
cf-ray: 74f5c2d98bb217cc-MEL
expires: Mon, 18 Sep 2023 23:58:50 GMT

GET
H2 200 web-widget-8165-4959cd4.js Show response
static.zdassets.com/web_widget/latest/classic/ Frame F6B0 663 KB
190 KB 124ms
122ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/classic/web-widget-8165-4959cd4.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-4959cd4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d9fe3344f6ffaaaaaf42a2adab7e1b57944a8312985777943283a47f766fd036

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:42:01 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 410238
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: ZGGW8XRHM42VXG0J
x-amz-id-2: pT1uEbfNXibyywoQBzE59PVK629h2KnKtb/lk+Z10L/q9MHVKoeTeBDCjFtgrrAQiYt6O9hNYyU=
last-modified: Sun, 18 Sep 2022 23:58:51 GMT
server: cloudflare
etag: W/"3fb1755f31689e15a362e7877ecd38ff"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UrhBH2CcVc%2Fw46jCKoky1TWMnQylZDYTsyl7zUg58TAgRye%2BgQtamlmqu%2BZlv5Jtm39kCviXImQ5iyLicG31kPLbJIIDs0vxOP9CyGFn%2BbuAnzXZ5f7B95aBm946D4%2BQRVO8QLc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: rJnU1TWQi90NeD6TSIuD9or16ORGl_E2
cf-ray: 74f5c2da2c1517cc-MEL
expires: Mon, 18 Sep 2023 23:58:50 GMT

GET
H2 200 web-widget-5324-4959cd4.js Show response
static.zdassets.com/web_widget/latest/classic/ Frame F6B0 490 KB
108 KB 113ms
111ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/classic/web-widget-5324-4959cd4.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-4959cd4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

daa83f1cc86dc92a59563b5f374af858f688cf37f90beb60a3da3d266c637f3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:42:01 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 410238
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: ZGGZCG6W31JV83MW
x-amz-id-2: /mfRsJSfffxXezrazsoTNBQ1S9Q2EDEIVv463IiXVCTgVgJurIP4oGUJtlvL1X51Tw9KArxOqWQ=
last-modified: Sun, 18 Sep 2022 23:58:51 GMT
server: cloudflare
etag: W/"366f7cf263407282b93cb68444e2d663"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VclC%2BKWWkaUMrZWAnCB%2FglEDEhD8hUzS9Fh1UgkPPTt3fJqJGsjfu3Qmi4OL6nHWWgzCvGuYoDCiIGz20U%2BAxVz2TeG0JKnnf%2BrfXnW8xhJTnuEVdTi%2BGt%2BUB8%2F%2Fom2ljfkWuFE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: joYHRdGcYo0sEFaysm_reFc2G4fOBaTM
cf-ray: 74f5c2da2c1717cc-MEL
expires: Mon, 18 Sep 2023 23:58:50 GMT

GET
H2 200 web-widget-8165-4959cd4.js Show response
static.zdassets.com/web_widget/latest/classic/ Frame 7AA9 663 KB
190 KB 121ms
120ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/classic/web-widget-8165-4959cd4.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-4959cd4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d9fe3344f6ffaaaaaf42a2adab7e1b57944a8312985777943283a47f766fd036

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:42:01 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 410238
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: ZGGW8XRHM42VXG0J
x-amz-id-2: pT1uEbfNXibyywoQBzE59PVK629h2KnKtb/lk+Z10L/q9MHVKoeTeBDCjFtgrrAQiYt6O9hNYyU=
last-modified: Sun, 18 Sep 2022 23:58:51 GMT
server: cloudflare
etag: W/"3fb1755f31689e15a362e7877ecd38ff"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8%2Fq%2BpEiLj0E2BNSP7c%2BNBM%2FydAcm4IR2mR1tnX7v%2FYZ5akNBqysmc73KdXiP9%2Fxh4%2BD%2BLQHa4uRb2iREG4r23UyVyk1PypJDBl8aKYjxM%2FkfHLwuvo%2F3zfU8cLwdT09%2FZx9OBkw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: rJnU1TWQi90NeD6TSIuD9or16ORGl_E2
cf-ray: 74f5c2da3c1817cc-MEL
expires: Mon, 18 Sep 2023 23:58:50 GMT

GET
H2 200 web-widget-5324-4959cd4.js Show response
static.zdassets.com/web_widget/latest/classic/ Frame 7AA9 490 KB
108 KB 210ms
210ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/classic/web-widget-5324-4959cd4.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-4959cd4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

daa83f1cc86dc92a59563b5f374af858f688cf37f90beb60a3da3d266c637f3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:42:01 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 410238
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: ZGGZCG6W31JV83MW
x-amz-id-2: /mfRsJSfffxXezrazsoTNBQ1S9Q2EDEIVv463IiXVCTgVgJurIP4oGUJtlvL1X51Tw9KArxOqWQ=
last-modified: Sun, 18 Sep 2022 23:58:51 GMT
server: cloudflare
etag: W/"366f7cf263407282b93cb68444e2d663"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ow5IxbzW79c2CMBf6CildX%2Bt6%2B%2BnHdGkYPi7K52lzgX5eILmTSKvrgFkY0g7fRPcbFC%2FCFPgxUhddjQ8HZaXpbJmB8AVQ6VdGQxKUSUviPDixoTNqzR3s3AdtdaVBldLTzcGDOY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: joYHRdGcYo0sEFaysm_reFc2G4fOBaTM
cf-ray: 74f5c2da3c1a17cc-MEL
expires: Mon, 18 Sep 2023 23:58:50 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 534 B
861 B 452ms
439ms XHR
application/json 23.207.36.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?tid=2614014757853&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1663962121510

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.8f82d377.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.207.36.192 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-207-36-192.deploy.static.akamaitechnologies.com

Software

Resource Hash

a0573b1cbad051abc649639d29bc88a0f0722bf135eb35cac6606837694387b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.blueillusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:42:01 GMT
content-encoding: gzip
vary: Accept-Encoding
x-cdn: akamai
akamai-grn: 0.d6753217.1663962121.2e3c8197
x-envoy-upstream-service-time: 1
x-pinterest-rid: 9834919835581171
pin-unauth: dWlkPVpEQm1NekpsTW1NdE1UTmtaQzAwTnpJMExXRmtZMkl0Tm1JNE1XVmpabU0wWkdReg
access-control-allow-origin: https://www.blueillusion.com
referrer-policy: origin
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: application/json; charset=utf-8
pragma: no-cache
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
content-length: 377
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 534 B
861 B 443ms
431ms XHR
application/json 23.207.36.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%7D&tid=2614014757853&cb=1663962121512

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.8f82d377.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.207.36.192 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-207-36-192.deploy.static.akamaitechnologies.com

Software

Resource Hash

a0573b1cbad051abc649639d29bc88a0f0722bf135eb35cac6606837694387b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.blueillusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:42:01 GMT
content-encoding: gzip
vary: Accept-Encoding
x-cdn: akamai
akamai-grn: 0.d6753217.1663962121.2e3c8187
x-envoy-upstream-service-time: 1
x-pinterest-rid: 1560542001600825
pin-unauth: dWlkPVpEQmpPVFJqTlRBdFltUXlNUzAwWWpjd0xUazNOMll0TlRVeFptSm1NemcyWmpVNA
access-control-allow-origin: https://www.blueillusion.com
referrer-policy: origin
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: application/json; charset=utf-8
pragma: no-cache
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
content-length: 377
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
333 B 444ms
433ms Image
image/gif 23.207.36.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2614014757853&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.blueillusion.com%2Fsale%3Futm_source%3Dmobile%26utm_medium%3Dsms%26utm_campaign%3DWK8_TAF50_MNO%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%228f82d377%22%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1663962121513

Requested by

Host: www.blueillusion.com
URL: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.207.36.192 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-207-36-192.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.blueillusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:42:01 GMT
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.d6753217.1663962121.2e3c81a7
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
content-length: 35
x-pinterest-rid: 1016454615165733
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 embeddable_blip Show response
blueillusionhelp.zendesk.com/ Frame F6B0 0
344 B 128ms
128ms XHR
text/plain 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blueillusionhelp.zendesk.com/embeddable_blip?type=analytics&data=eyJhbmFseXRpY3MiOnsidmFsdWUiOnsicmF3Q2xpZW50TG9jYWxlIjoiZW4tVVMiLCJyYXdTZXJ2ZXJMb2NhbGUiOiJlbi1BVSIsImNsaWVudExvY2FsZSI6ImVuLXVzIiwic2VydmVyTG9jYWxlIjoiZW4tYXUiLCJ1c2VyQWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA1LjAuNTE5NS4xMjUgU2FmYXJpLzUzNy4zNiIsImlzTW9iaWxlIjpmYWxzZX0sImFjdGlvbiI6ImxvY2FsZU1pc21hdGNoIiwiY2F0ZWdvcnkiOiJsb2NhbGUifSwiYnVpZCI6IjY1M2FhZjgxZTliNDRkOTRhNTYyYjYzNWJiNzBkMWFhIiwic3VpZCI6IjkwZjQxOTQzNTQ1YzQzOGY5NDdiMjFhMmNkZTcxNzdlIiwidmVyc2lvbiI6IjQ5NTljZDQiLCJ0aW1lc3RhbXAiOiIyMDIyLTA5LTIzVDE5OjQyOjAxLjYwMFoiLCJ1cmwiOiJodHRwczovL3d3dy5ibHVlaWxsdXNpb24uY29tL3NhbGU%2FdXRtX3NvdXJjZT1tb2JpbGUmdXRtX21lZGl1bT1zbXMmdXRtX2NhbXBhaWduPVdLOF9UQUY1MF9NTk8ifQ%3D%3D
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-401beb9ea3bd83e9b796.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:42:01 GMT
cf-cache-status: MISS
last-modified: Fri, 23 Sep 2022 19:42:01 GMT
server: cloudflare
x-zendesk-zorg: yes
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gdKdBqxBsYJ4E9Qj5ZnNH%2FRhQcDHJPUC4QSOZgPE%2Baaeb2Ymhvk6eFhQnbzsaub8dsJuotv0WlyPfQidxzeMGci8YLviYONe6C%2BICVLkH7y6HffJn83OxJKlWR%2FeSKjvumWI38A%2BA5u0ZHmbrIc%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74f5c2dc48cf5aa4-MEL
content-length: 0
x-request-id: f3c4d460b22e1070f6908aafbea99b98

GET
H2 200 en-au-json-4959cd4.js Show response
static.zdassets.com/web_widget/latest/classic/web-widget-locales/classic/ Frame F6B0 25 KB
6 KB 103ms
103ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/classic/web-widget-locales/classic/en-au-json-4959cd4.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-4959cd4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f6380f735899499b6f205cbc905d7464ed2b7ef2622479a7818d7a03909eee4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:42:01 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 410238
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: 09JSD58HG1Y039ZN
x-amz-id-2: 2O2BBe3rleJbrMTWvo5rNvjtmdiMNfv9bZzL4YjLywSISibSfPeBhjCvwB1HlmTLCF3uyqgM7q4=
last-modified: Sun, 18 Sep 2022 23:58:51 GMT
server: cloudflare
etag: W/"448ed82e58eeea9b6a6a1716e3a3bc4f"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HnPjaX3T5%2F%2BXnX%2FGR39ks%2FBRjHGBWj%2FHG4qpylsrhtiyved2%2FtC7lJmumNY5%2FfMBpaiXslvDBM1lxhdW%2Bn9N4WxxaxyzHSZN6gI2YTruFkTXy0N71iXuD9rJdn8zON3%2FLEtbkf4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: GEFh1A1IUgW3GAmzCB6yhcNL_weCpAmW
cf-ray: 74f5c2dc5d5f17cc-MEL
expires: Mon, 18 Sep 2023 23:58:50 GMT

GET
H2 200 embeddable_blip Show response
blueillusionhelp.zendesk.com/ Frame 7AA9 0
292 B 125ms
125ms XHR
text/plain 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blueillusionhelp.zendesk.com/embeddable_blip?type=analytics&data=eyJhbmFseXRpY3MiOnsidmFsdWUiOnsicmF3Q2xpZW50TG9jYWxlIjoiZW4tVVMiLCJyYXdTZXJ2ZXJMb2NhbGUiOiJlbi1BVSIsImNsaWVudExvY2FsZSI6ImVuLXVzIiwic2VydmVyTG9jYWxlIjoiZW4tYXUiLCJ1c2VyQWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA1LjAuNTE5NS4xMjUgU2FmYXJpLzUzNy4zNiIsImlzTW9iaWxlIjpmYWxzZX0sImFjdGlvbiI6ImxvY2FsZU1pc21hdGNoIiwiY2F0ZWdvcnkiOiJsb2NhbGUifSwiYnVpZCI6IjY1M2FhZjgxZTliNDRkOTRhNTYyYjYzNWJiNzBkMWFhIiwic3VpZCI6IjkwZjQxOTQzNTQ1YzQzOGY5NDdiMjFhMmNkZTcxNzdlIiwidmVyc2lvbiI6IjQ5NTljZDQiLCJ0aW1lc3RhbXAiOiIyMDIyLTA5LTIzVDE5OjQyOjAxLjY3MloiLCJ1cmwiOiJodHRwczovL3d3dy5ibHVlaWxsdXNpb24uY29tL3NhbGU%2FdXRtX3NvdXJjZT1tb2JpbGUmdXRtX21lZGl1bT1zbXMmdXRtX2NhbXBhaWduPVdLOF9UQUY1MF9NTk8ifQ%3D%3D
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-401beb9ea3bd83e9b796.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:42:01 GMT
cf-cache-status: MISS
last-modified: Fri, 23 Sep 2022 19:42:01 GMT
server: cloudflare
x-zendesk-zorg: yes
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s6fzUWrAHM%2FfUuoohlVqsgoHDrFUsV4Ju1Q1%2FLIh96ZIdc2NYU3S%2FLC2QWZ5K3fM6Bu%2FnC3QIugF7zjCVSA6N4sEapernOURrosEJWpZmunXEJkF6Cud4SyY6zKTf%2BuGurp2j75P9cDybhgF0r4%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74f5c2dcb9205aa4-MEL
content-length: 0
x-request-id: b552d31ed665676ef8e5da6d89629a8f

GET
H2 200 en-au-json-4959cd4.js Show response
static.zdassets.com/web_widget/latest/classic/web-widget-locales/classic/ Frame 7AA9 25 KB
6 KB 104ms
103ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/classic/web-widget-locales/classic/en-au-json-4959cd4.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-4959cd4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f6380f735899499b6f205cbc905d7464ed2b7ef2622479a7818d7a03909eee4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:42:01 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 410238
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: 09JSD58HG1Y039ZN
x-amz-id-2: 2O2BBe3rleJbrMTWvo5rNvjtmdiMNfv9bZzL4YjLywSISibSfPeBhjCvwB1HlmTLCF3uyqgM7q4=
last-modified: Sun, 18 Sep 2022 23:58:51 GMT
server: cloudflare
etag: W/"448ed82e58eeea9b6a6a1716e3a3bc4f"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=48X0vhki%2BdpkROmcm2SJVjxEygc42sUy77U6S4ia4JXBRshA1gXHVfsJh8EniW63RgffW7mACAyJ92K1vTESgDMSNSZBfgODNPnlM6zlbrrndSXLEPOKs%2BDGqrU%2Bz%2BFhOynXBx8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: GEFh1A1IUgW3GAmzCB6yhcNL_weCpAmW
cf-ray: 74f5c2dcbda817cc-MEL
expires: Mon, 18 Sep 2023 23:58:50 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
204 B 515ms
171ms Image
text/plain 157.240.235.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1642436512635525&ev=PageView&dl=https%3A%2F%2Fwww.blueillusion.com%2Fsale%3Futm_source%3Dmobile%26utm_medium%3Dsms%26utm_campaign%3DWK8_TAF50_MNO&rl=&if=false&ts=1663962121713&sw=1600&sh=1200&v=2.9.83&r=stable&ec=0&o=30&fbp=fb.1.1663962121712.1739776437&it=1663962120704&coo=false&rqm=GET

Requested by

Host: www.blueillusion.com
URL: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.35 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-04-sin6.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.blueillusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Fri, 23 Sep 2022 19:42:02 GMT
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 web-widget-chat-sdk-4959cd4.js Show response
static.zdassets.com/web_widget/latest/classic/ Frame F6B0 202 KB
51 KB 111ms
111ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/classic/web-widget-chat-sdk-4959cd4.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-4959cd4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

83b6f9b5c75ff60e6d4228b0a46fa4c0c80c18dabef5d89534d9c7255e10df35

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:42:01 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 410237
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: NRPRKE2B8CH4Y5GP
x-amz-id-2: eXNRBdHZH1xenk9y57b1F5V/+DUsrYEM+NWRgEu1wa8JToYMF9A+2RAY0hpv1NzV6HY6VWT7MX8=
last-modified: Sun, 18 Sep 2022 23:58:51 GMT
server: cloudflare
etag: W/"865d0cd066636165cf7f35fb97a1d90d"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SnRiOxhL9ff8d%2Bh2BGIDuOOIkpd2gircpr%2FAfQfrw73YIWIzwEqmhTTmVZ9f9zBndW65%2FAq7fsEWBebBN8Gl6CPNclHft3FvgPlPP90bRcFV0XtcgPaBd3RON%2FRJeLiSiI0DRWU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: mcrGAfdmRCum.4Zfq4KLz1VKbDDdWDWX
cf-ray: 74f5c2dd0dcd17cc-MEL
expires: Mon, 18 Sep 2023 23:58:50 GMT

GET
H2 200 web-widget-chat-sdk-4959cd4.js Show response
static.zdassets.com/web_widget/latest/classic/ Frame 7AA9 202 KB
51 KB 109ms
109ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/classic/web-widget-chat-sdk-4959cd4.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-4959cd4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

83b6f9b5c75ff60e6d4228b0a46fa4c0c80c18dabef5d89534d9c7255e10df35

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:42:01 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 410237
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: NRPRKE2B8CH4Y5GP
x-amz-id-2: eXNRBdHZH1xenk9y57b1F5V/+DUsrYEM+NWRgEu1wa8JToYMF9A+2RAY0hpv1NzV6HY6VWT7MX8=
last-modified: Sun, 18 Sep 2022 23:58:51 GMT
server: cloudflare
etag: W/"865d0cd066636165cf7f35fb97a1d90d"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lAqyhNj%2FbEMcDgLzMIAq4XPE9xPjJ5AjQF%2Fzec5KqzeRxDqvq4ZoivHApydxOeI9kDYaeqMQdcAVCsJvhFbkh50BosFLd7FgoY7itA2WjjrName02kC8MLCrQyhlhsqe7xHCZMM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: mcrGAfdmRCum.4Zfq4KLz1VKbDDdWDWX
cf-ray: 74f5c2dd7e3517cc-MEL
expires: Mon, 18 Sep 2023 23:58:50 GMT

GET
H2 200 8067915d-b653-4b6c-92b8-5648fd6285b1.png
assets-v2.yieldify.com/images/145982/2020/10/15/ 229 B
608 B 563ms
170ms Image
image/png 13.224.250.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-v2.yieldify.com/images/145982/2020/10/15/8067915d-b653-4b6c-92b8-5648fd6285b1.png
Requested by: Host: www.blueillusion.com
URL: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.250.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-250-108.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d53f22e1722967d5bc5c5154abccc1e0e22fca1627d1163370a992e05e2ca1d7

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.blueillusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sun, 11 Sep 2022 21:10:24 GMT
via: 1.1 5e9560902c947c0c0082c46d3ef672b8.cloudfront.net (CloudFront)
last-modified: Thu, 15 Oct 2020 10:21:14 GMT
server: AmazonS3
age: 1031499
etag: "1b4632ecae68d4f96efe11f35c8fab6a"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: SIN52-C2
accept-ranges: bytes
content-length: 229
x-amz-cf-id: WtteBzEyVPXt3yMOTHr3OZG_rytkgZZim5de-keLyrguBa7MeVIxUA==

GET
H2 200 0bfe7c62-65d0-4450-89ff-9ca4124ea663.jpg
assets-v2.yieldify.com/images/201606/2022/8/31/ 46 KB
47 KB 761ms
369ms Image
image/jpeg 13.224.250.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-v2.yieldify.com/images/201606/2022/8/31/0bfe7c62-65d0-4450-89ff-9ca4124ea663.jpg
Requested by: Host: www.blueillusion.com
URL: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.250.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-250-108.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2988b2f9b3bd94459a1facc11e9af5159ab4ac9bdb204c78c9ad79feca5ba5bc

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.blueillusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 12 Sep 2022 13:26:40 GMT
via: 1.1 5e9560902c947c0c0082c46d3ef672b8.cloudfront.net (CloudFront)
last-modified: Wed, 31 Aug 2022 08:57:13 GMT
server: AmazonS3
age: 972922
etag: "0b84e64ba244e32eece58d958fe10908"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: SIN52-C2
accept-ranges: bytes
content-length: 47408
x-amz-cf-id: vS1Q1XbPI1GcEviARbNJ-YFSz77-UxoF7KrCELxYOPQtJr3ty9uG2w==

GET
H2 200 708e60fb-98c5-493d-8eca-c3015c042228.jpg
assets-v2.yieldify.com/images/201606/2022/8/31/ 52 KB
53 KB 898ms
505ms Image
image/jpeg 13.224.250.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-v2.yieldify.com/images/201606/2022/8/31/708e60fb-98c5-493d-8eca-c3015c042228.jpg
Requested by: Host: www.blueillusion.com
URL: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.250.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-250-108.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 886edadd16c1ce3b4de7832431cfa4cb690bbf40b7b3cdbb3ee109ecc798727b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.blueillusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sun, 11 Sep 2022 21:10:24 GMT
via: 1.1 5e9560902c947c0c0082c46d3ef672b8.cloudfront.net (CloudFront)
last-modified: Wed, 31 Aug 2022 08:57:19 GMT
server: AmazonS3
age: 1031499
etag: "ccc294a73011fb7fe97c1b0b50632391"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: SIN52-C2
accept-ranges: bytes
content-length: 53445
x-amz-cf-id: nv3dmXWMRkh2r1On4sij2aNc94H0GoHAKEgX4uFHGl1NuBNTnadzhQ==

GET
H2 200 87cebdb8-14f6-4973-ad21-f1c29cc4fdb0.jpg
assets-v2.yieldify.com/images/201606/2022/8/31/ 35 KB
35 KB 591ms
199ms Image
image/jpeg 13.224.250.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-v2.yieldify.com/images/201606/2022/8/31/87cebdb8-14f6-4973-ad21-f1c29cc4fdb0.jpg
Requested by: Host: www.blueillusion.com
URL: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.250.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-250-108.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: be05e1bcd4e71058e4a4d9ddfe040006a37f44de45655cf54ec28425e2bbc8ee

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.blueillusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 12 Sep 2022 13:26:40 GMT
via: 1.1 5e9560902c947c0c0082c46d3ef672b8.cloudfront.net (CloudFront)
last-modified: Wed, 31 Aug 2022 08:57:25 GMT
server: AmazonS3
age: 972923
etag: "a61e52448d5f4f3a9ccee550f8ce0c5f"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: SIN52-C2
accept-ranges: bytes
content-length: 35787
x-amz-cf-id: _iMzcg4sL4XXePVmxtM6TOpjrovtthquf7fqyUTFZRVcpkr2MwiBxg==

GET
H2 200 close-button-shadow.svg
assets.yieldify.com/global/close-button/ 1 KB
853 B 535ms
170ms Image
image/svg+xml 52.84.251.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.yieldify.com/global/close-button/close-button-shadow.svg
Requested by: Host: www.blueillusion.com
URL: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.251.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-251-17.sin5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3963c23be9d30c18d4035d649bc3c95d0c179423ebdf132e0575dd74cc5644e

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.blueillusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 19:24:01 GMT
content-encoding: gzip
last-modified: Thu, 10 May 2018 12:57:00 GMT
server: AmazonS3
age: 1556282
etag: W/"89ace91884f20486537c385cc361d972"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 fa00891de7530b64fd59452dc928b0b6.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: SIN5-C1
x-amz-cf-id: zWMXQAOhq6rk68VX0CwuimVKsge0UqnKj4F_o30wGtUu8l7W0YwrrA==

GET
H2 200 c77851a0-c206-478f-99d7-610742917c09.otf
fonts.yieldify-production.com/fonts/100493/ 169 KB
170 KB 546ms
197ms Font
application/octet-stream 13.224.250.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.yieldify-production.com/fonts/100493/c77851a0-c206-478f-99d7-610742917c09.otf
Requested by: Host: www.blueillusion.com
URL: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.250.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-250-28.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 19df229ec3cbfb038f8c19b20de282dfa6907251f62d5190c58d6489a96efef1

Request headers

Referer: https://www.blueillusion.com/
Origin: https://www.blueillusion.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:35:15 GMT
via: 1.1 6b0d2463e38d8b2224f25b309fde2ba2.cloudfront.net (CloudFront)
age: 1660008
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 172868
last-modified: Thu, 08 Oct 2020 10:03:47 GMT
server: AmazonS3
etag: "fdd10873f9b2b8ffe414ef939a36cf23"
vary: Origin
access-control-allow-methods: GET, PUT, POST
content-type: otf
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-pop: SIN52-C2
accept-ranges: bytes
x-amz-cf-id: eOCj8xjRthUYuI7dqSdJOAWCEF6KF1dpwG8cu0EXqd_S6AVB4clfig==

GET
H2 200 8b8c95d9-e9a9-4823-ae11-18066f651f92.otf
fonts.yieldify-production.com/fonts/100493/ 220 KB
221 KB 764ms
415ms Font
application/octet-stream 13.224.250.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.yieldify-production.com/fonts/100493/8b8c95d9-e9a9-4823-ae11-18066f651f92.otf
Requested by: Host: www.blueillusion.com
URL: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.250.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-250-28.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fc4425d8541af253a192a43736a9547f645e209650445404c197e46d189e9aec

Request headers

Referer: https://www.blueillusion.com/
Origin: https://www.blueillusion.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 00:24:54 GMT
via: 1.1 6b0d2463e38d8b2224f25b309fde2ba2.cloudfront.net (CloudFront)
age: 1279029
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 225768
last-modified: Thu, 08 Oct 2020 10:04:00 GMT
server: AmazonS3
etag: "f425b037436a75ddfbe7a54602ee0601"
vary: Origin
access-control-allow-methods: GET, PUT, POST
content-type: otf
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-pop: SIN52-C2
accept-ranges: bytes
x-amz-cf-id: otqTfDPt1_9OQ_axQHEAgtGXO-n5ti1CtP3ekuTS0e8jaGUFYUphsw==

GET
H2 200 font
fonts.gstatic.com/l/ 7 KB
7 KB 522ms
177ms Font
font/woff2 142.251.10.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=JTUSjIg1_i6t8kCHKm45xWtz0y7cuJIw7Wfu5SNsGisC9NvbXNyj3uAlGGHFp8f0&skey=7bc19f711c0de8f&v=v25

Requested by

Host: www.blueillusion.com
URL: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f94.1e100.net

Software

ESF /

Resource Hash

8e6c090e023f84a48bc784044a57f7a2ff9ae1bc68a96b68bb5e7edb9941cd66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.blueillusion.com/
Origin: https://www.blueillusion.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 16:46:46 GMT
x-content-type-options: nosniff
age: 10516
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6928
x-xss-protection: 0
last-modified: Thu, 22 Sep 2022 05:27:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 24 Sep 2022 16:46:46 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
577 B 439ms
439ms Image
image/gif 23.207.36.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%7D&tid=2614014757853&cb=1663962121512&pd=%7B%22np%22%3A%22gtm%22%2C%22aem_country%22%3A%22b8d31e852725afb1e26d53bab6095b2bff1749c9275be13ed1c05a56ed31ec09%22%2C%22aem_eligible_list%22%3A%5B%22country%22%5D%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.blueillusion.com%2Fsale%3Futm_source%3Dmobile%26utm_medium%3Dsms%26utm_campaign%3DWK8_TAF50_MNO%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%228f82d377%22%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1663962121961

Requested by

Host: www.blueillusion.com
URL: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.207.36.192 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-207-36-192.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.blueillusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:42:02 GMT
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.d6753217.1663962122.2e3c9202
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 3
content-length: 35
x-pinterest-rid: 1404546910532079
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect Show response
d.clarity.ms/ 0
25 B 469ms
469ms XHR
text/plain 40.76.174.66
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus/s/0.6.40/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.76.174.66 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.blueillusion.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin: https://www.blueillusion.com
date: Fri, 23 Sep 2022 19:42:01 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 177ms
177ms Image
image/gif 74.125.200.113
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j97&a=1044647150&t=event&ni=1&cu=AUD&_s=2&dl=https%3A%2F%2Fwww.blueillusion.com%2Fsale%3Futm_source%3Dmobile%26utm_medium%3Dsms%26utm_campaign%3DWK8_TAF50_MNO&ul=en-us&de=UTF-8&dt=SALE%20%7C%20Shop%20Online%20%7C%20Blue%20Illusion&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Clarity&ea=ier43g&_u=aHBAAEIJAAAAAC~&jid=&gjid=&cid=856812163.1663962120&tid=UA-2642739-4&_gid=2053788488.1663962120&cd5=https%3A%2F%2Fclarity.microsoft.com%2Fga%2F8qyb4swwdp%2F1fismvx%2Fier43g&z=693541153

Requested by

Host: www.blueillusion.com
URL: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.200.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f113.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.blueillusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 06:48:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 46407
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame E0EB 0
18 B 344ms
170ms Document
text/plain 157.240.235.35
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.blueillusion.com
URL: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.235.35 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-04-sin6.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.blueillusion.com
Referer: https://www.blueillusion.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.blueillusion.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Fri, 23 Sep 2022 19:42:02 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=BF9852C460DF45FD81AA2E6833B2B237&RedC=c.clarity.ms&MXFR=143A9DFE30AB6AFA0CA38FD634AB64DF
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=BF9852C460DF45FD81AA2E6833B2B237&MUID=25DCE1A0666062220175F388678A639D

42 B
442 B

235ms
235ms

Image
image/gif

52.231.207.240
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=BF9852C460DF45FD81AA2E6833B2B237&MUID=25DCE1A0666062220175F388678A639D
Protocol: H2
Server: 52.231.207.240 Busan, Korea, Republic Of, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.blueillusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:42:03 GMT
last-modified: Tue, 13 Sep 2022 03:22:00 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "8766f3fc1fc7d81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:42:03 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 30F4AC9110C74905ACEFDE87B9B153C9 Ref B: MEL01EDGE1119 Ref C: 2022-09-23T19:42:03Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=BF9852C460DF45FD81AA2E6833B2B237&MUID=25DCE1A0666062220175F388678A639D
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 ct.html Show response
ct.pinterest.com/ Frame FC42 565 B
591 B 429ms
429ms Document
text/html 23.207.36.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/ct.html

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.8f82d377.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.207.36.192 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-207-36-192.deploy.static.akamaitechnologies.com

Software

Resource Hash

f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer: https://www.blueillusion.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

akamai-grn: 0.d6753217.1663962123.2e3cbbff
cache-control: max-age=86400
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Fri, 23 Sep 2022 19:42:03 GMT
referrer-policy: origin
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-cdn: akamai
x-envoy-upstream-service-time: 0
x-pinterest-rid: 6063227399202086

GET
H3 200 /
www.facebook.com/tr/ Frame C7E5 0
15 B 353ms
353ms Image
text/plain 157.240.235.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1796750030595432&ev=Search&cd[content_type]=product&cd[content_ids]=%5B%228505905407556101502%22%2C%222865543867647252930%22%2C%2285622526125653531%22%5D&cd[product_catalog_id]=1702524693402780&cd[product_category]=0&cd[criteo_audience_3_0]=B3&cd[external_id]=861166d7-84c8-4eff-a56c-5dca4daca1f8&cd[application_id]=423936147658676

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.235.35 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-04-sin6.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Fri, 23 Sep 2022 19:42:03 GMT
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i

GET
H2 200 ld.js Show response
static.criteo.net/js/ld/ 42 KB
14 KB 171ms
171ms Script
text/javascript 182.161.73.129
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/ld.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KFG7HQ2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

561c579d66ced3002754404f18100a5b84c2b6fb62ad20dbc9d0c290a65ac712

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.blueillusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:42:03 GMT
content-encoding: gzip
last-modified: Thu, 25 Aug 2022 11:02:07 GMT
server: nginx
etag: W/"630756af-a8d9"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 24 Sep 2022 19:42:03 GMT

GET
H/1.1

200
OK

sync
x.bidswitch.net/ul_cb/ Frame E116
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-O5L_qHh6SWaQ1U7Yu67U_wNDvqbnjHVvB5T8uQ&expires=30
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-O5L_qHh6SWaQ1U7Yu67U_wNDvqbnjHVvB5T8uQ&expires=30

43 B
510 B

219ms
219ms

Image
image/gif

35.213.12.39
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-O5L_qHh6SWaQ1U7Yu67U_wNDvqbnjHVvB5T8uQ&expires=30
Protocol: HTTP/1.1
Server: 35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS: 39.12.213.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 19:42:03 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-O5L_qHh6SWaQ1U7Yu67U_wNDvqbnjHVvB5T8uQ&expires=30
Date: Fri, 23 Sep 2022 19:42:03 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame E116
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-R-xXsHh6SWaQ1U7Yu67U_wNDvqZ57p1bpKXweQ&google_cm&google_hm=ay1SLXhYc0hoNlNXYVExVTdZdTY3VV93TkR2cVo1N3AxY...
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-R-xXsHh6SWaQ1U7Yu67U_wNDvqZ57p1bpKXweQ&google_cm=&google_hm=ay1SLXhYc0hoNlNXYVExVTdZdTY3VV93TkR2cVo1N3A...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-R-xXsHh6SWaQ1U7Yu67U_wNDvqZ57p1bpKXweQ&google_gid=CAESELmzahakciZ71biTE6d7tH8&google_cver=1&google_ula=913071,0

43 B
369 B

170ms
170ms

Image
image/gif

182.161.73.146
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-R-xXsHh6SWaQ1U7Yu67U_wNDvqZ57p1bpKXweQ&google_gid=CAESELmzahakciZ71biTE6d7tH8&google_cver=1&google_ula=913071,0

Protocol

Server

182.161.73.146 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:42:04 GMT
content-type: image/gif
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 741222
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:42:04 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-R-xXsHh6SWaQ1U7Yu67U_wNDvqZ57p1bpKXweQ&google_gid=CAESELmzahakciZ71biTE6d7tH8&google_cver=1&google_ula=913071,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame E116
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=8694170598883745787

43 B
370 B

173ms
173ms

Image
image/gif

182.161.73.146
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=8694170598883745787

Protocol

Server

182.161.73.146 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:42:04 GMT
content-type: image/gif
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2839566
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 23 Sep 2022 19:42:03 GMT
X-Proxy-Origin: 103.209.254.113; 103.209.254.113; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 9d345b7b-3870-4c2f-9cf1-b24e74eb5d15
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=8694170598883745787
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

rum
r.casalemedia.com/ Frame E116
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-wsZ7fnh6SWaQ1U7Yu67U_wNDvqaD9EuvI6fn8g
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-wsZ7fnh6SWaQ1U7Yu67U_wNDvqaD9EuvI6fn8g&C=1

43 B
833 B

453ms
356ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-wsZ7fnh6SWaQ1U7Yu67U_wNDvqaD9EuvI6fn8g&C=1
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray: 74f5c2e8bcab3775-MEL
pragma: no-cache
date: Fri, 23 Sep 2022 19:42:03 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2cETRCV1ONlPLIAVuZBd%2BgXti9Lp0%2FSX8kzC1NGlP0AACpwLRH1O8gq5%2FJN9yStZX1WXD95S6X9LKBRxYTYMY1fVE23625vZ6m%2BS9eSGrmwZW4WzkqLwdSZx77V7Dm6yhQjn"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:42:03 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6%2BwqHXAZrUfTfJP%2FRh94r7pmowa0OnZNpwE%2BtpYz%2FDHLDjkgreup1AmuQGr3qpBIo8ly7dKtlQ3C8LyFZf28d4n4LIx3s%2BUGijZRnlY%2FKhFSfqHGiTjpNDtEBqwq%2BAZWM4OY"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=20&external_user_id=k-wsZ7fnh6SWaQ1U7Yu67U_wNDvqaD9EuvI6fn8g&C=1
cache-control: no-cache
cf-ray: 74f5c2e6db0a5ab0-MEL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame E116
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-gubO73h6SWaQ1U7Yu67U_wNDvqbXsEHLqc72_A
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-gubO73h6SWaQ1U7Yu67U_wNDvqbXsEHLqc72_A

43 B
445 B

173ms
173ms

Image
image/gif

13.228.202.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-gubO73h6SWaQ1U7Yu67U_wNDvqbXsEHLqc72_A
Protocol: H2
Server: 13.228.202.61 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-228-202-61.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 23 Sep 2022 19:42:03 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-gubO73h6SWaQ1U7Yu67U_wNDvqbXsEHLqc72_A
date: Fri, 23 Sep 2022 19:42:03 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 cksync.php
contextual.media.net/ Frame E116 45 B
786 B 581ms
208ms Image
image/gif 23.207.36.20
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-4z59W3h6SWaQ1U7Yu67U_wNDvqbdAyiJybEwEg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.207.36.20 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-207-36-20.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
server: Apache
date: Fri, 23 Sep 2022 19:42:03 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 45
x-mnet-hl2: E
expires: Fri, 23 Sep 2022 19:42:03 GMT

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame E116 0
878 B 1162ms
378ms Image
text/html 18.195.149.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-fzr3a3h6SWaQ1U7Yu67U_wNDvqZeOgKraPCPVQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.149.35 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-149-35.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:42:04 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame E116 0
308 B 1289ms
320ms Image
text/plain 66.225.223.159
NTTA-3946

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-G-uhfHh6SWaQ1U7Yu67U_wNDvqa52E9paaCvxA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 66.225.223.159 Sacramento, United States, ASN3949 (NTTA-3946, US),
Reverse DNS: sa.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 19:42:04 GMT
Cache-Control: no-cache
X-TraceId: 39fc71c0fc7dd4fddf01a6207a528a65
Content-Length: 0

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame E116 42 B
578 B 580ms
191ms Image
image/gif 103.231.98.194
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-SA7Klnh6SWaQ1U7Yu67U_wNDvqaFiP4stTh-zA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:42:03 GMT
cache-control: no-store, no-cache, private
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame E116 42 B
787 B 824ms
171ms Image
image/gif 69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-u1lRNXh6SWaQ1U7Yu67U_wNDvqayre1o48IaDA&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 94869a3d6d62a785bc2a9351b08a70bb
Content-Type: image/gif

GET
H2 200 v1
match.sharethrough.com/sync/ Frame E116 68 B
280 B 522ms
170ms Image
image/png 54.255.75.208
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-pYD0snh6SWaQ1U7Yu67U_wNDvqY6jHQzNtruWA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.255.75.208 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-255-75-208.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:42:04 GMT
cache-control: no-cache
content-length: 68
content-type: image/png

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame E116 43 B
688 B 592ms
169ms Image
image/gif 23.106.127.53
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-T5sOMnh6SWaQ1U7Yu67U_wNDvqaKz_kcYRwMuA
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.106.127.53 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:42:03 GMT
cache-control: no-cache,no-store
content-type: image/gif
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame E116 0
231 B 518ms
169ms Image
text/plain 141.226.229.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-68q3iHh6SWaQ1U7Yu67U_wNDvqbpFBCB1c7kfg
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:42:04 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 168524

GET
H2 200 um
criteo-sync.teads.tv/ Frame E116 23 B
286 B 840ms
284ms Image
image/gif 23.50.119.72
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-82pIynh6SWaQ1U7Yu67U_wNDvqambrjC4_GQmw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.50.119.72 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-50-119-72.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:42:04 GMT
cache-control: max-age=0, no-cache, no-store
expires: Fri, 23 Sep 2022 19:42:04 GMT
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

GET
H2

200

xuid
eb2.3lift.com/ Frame E116
Redirect Chain

https://eb2.3lift.com/xuid?mid=2711&xuid=k-ntHn4nh6SWaQ1U7Yu67U_wNDvqbWw29bhhuq_g&dongle=013b
https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-ntHn4nh6SWaQ1U7Yu67U_wNDvqbWw29bhhuq_g&dongle=013b&gdpr=0&cmp_cs=&us_privacy=

37 B
353 B

190ms
190ms

Image
image/gif

35.71.178.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-ntHn4nh6SWaQ1U7Yu67U_wNDvqbWw29bhhuq_g&dongle=013b&gdpr=0&cmp_cs=&us_privacy=
Protocol: H2
Server: 35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ade9ecc7904667038.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:42:04 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=2711&xuid=k-ntHn4nh6SWaQ1U7Yu67U_wNDvqbWw29bhhuq_g&dongle=013b&gdpr=0&cmp_cs=&us_privacy=
date: Fri, 23 Sep 2022 19:42:04 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

204

sync
ups.analytics.yahoo.com/ups/58301/ Frame E116
Redirect Chain

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-kbYwV3h6SWaQ1U7Yu67U_wNDvqadjXGHNrxTXg
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-kbYwV3h6SWaQ1U7Yu67U_wNDvqadjXGHNrxTXg&verify=true

0
121 B

173ms
173ms

Image
text/plain

52.74.13.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-kbYwV3h6SWaQ1U7Yu67U_wNDvqadjXGHNrxTXg&verify=true

Protocol

Server

52.74.13.196 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-74-13-196.ap-southeast-1.compute.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:42:04 GMT
server: ATS/9.1.10.25
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-kbYwV3h6SWaQ1U7Yu67U_wNDvqadjXGHNrxTXg&verify=true
date: Fri, 23 Sep 2022 19:42:04 GMT
server: ATS/9.1.10.25
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame E116 0
522 B 802ms
392ms Image
text/plain 104.76.133.249
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dm_id=8666&ext_id=k-d8zH-Hh6SWaQ1U7Yu67U_wNDvqaV_XokcKH2Wg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.76.133.249 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-76-133-249.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 23 Sep 2022 19:42:04 GMT
x-content-type-options: nosniff
x-frame-options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-application-context: application
Expires: Thu, 22 Sep 2022 19:42:04 GMT

GET
H/1.1 200
OK sync
adgen.socdm.com/rtb/ Frame E116 43 B
829 B 797ms
268ms Image
image/gif 124.146.215.2
INFOSPHERE NTT PC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adgen.socdm.com/rtb/sync?proto=adgen&dspid=23
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 124.146.215.2 , Japan, ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

X-SO-Cluster-ID: 48
Date: Fri, 23 Sep 2022 19:42:04 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/rtb\/sync?proto=adgen&dspid=23","cluster_id":48,"gdpr":false,"ipv4":"103.209.254.113","key":"Yy4MDMCo8HMAAH.XY20AAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40015"}
X-SO-Ads-Time: 7
X-SO-Key: Yy4MDMCo8HMAAH.XY20AAAAA
Server: nginx
X-SO-Upstream-ID: a-ad40015
P3P: CP="See also http://www.scaleout.jp/privacy/"
Cache-Control: private
X-SO-HostName: a-ad40015.dc2p.scaleout.jp
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-SO-LB-Hostname: m-ng15.dc4p.scaleout.jp
X-SO-IP: 103.209.254.113

GET
H/1.1 200
OK idsync
tg.socdm.com/aux/ Frame E116 43 B
874 B 728ms
242ms Image
image/gif 124.146.215.49
INFOSPHERE NTT PC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tg.socdm.com/aux/idsync?proto=criteo&dsp_uid=k-ACwKKXh6SWaQ1U7Yu67U_wNDvqb-Aou46e2yKQ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 124.146.215.49 , Japan, ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

X-SO-Cluster-ID: 49
Date: Fri, 23 Sep 2022 19:42:04 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=criteo&dsp_uid=k-ACwKKXh6SWaQ1U7Yu67U_wNDvqb-Aou46e2yKQ","cluster_id":49,"gdpr":false,"ipv4":"103.209.254.113","key":"Yy4MDMCo8XcAAFprG30AAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40365"}
X-SO-Ads-Time: 1
X-SO-Key: Yy4MDMCo8XcAAFprG30AAAAA
Server: nginx
X-SO-Upstream-ID: a-ad40365
P3P: CP="See also http://www.scaleout.jp/privacy/"
Cache-Control: private
X-SO-HostName: a-ad40365.dc2p.scaleout.jp
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-SO-LB-Hostname: m-tgng19.dc4p.scaleout.jp
X-SO-IP: 103.209.254.113

GET
H2

200

sync
tags.bluekai.com/site/29001/ Frame E116
Redirect Chain

https://gum.criteo.com/sync?c=4&r=1&a=1&u=https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=%40USERID%40
https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=5dORYn9T7DMr8d0IaRT_zbUalPuJTH2z

62 B
558 B

845ms
456ms

Image
image/gif

23.207.37.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=5dORYn9T7DMr8d0IaRT_zbUalPuJTH2z
Protocol: H2
Server: 23.207.37.206 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-207-37-206.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:42:04 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
content-length: 62
bk-server: c790
content-type: image/gif

Redirect headers

location: https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=5dORYn9T7DMr8d0IaRT_zbUalPuJTH2z
date: Fri, 23 Sep 2022 19:42:02 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
server: Kestrel
server-processing-duration-in-ticks: 1263713
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 204 pixel
adx.dable.io/ Frame E116 0
141 B 792ms
265ms Image
text/plain 13.125.31.135
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adx.dable.io/pixel?dsp_id=6&uid=k-z7Z_wnh6SWaQ1U7Yu67U_wNDvqZq7JhcPvw9Yg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.125.31.135 , Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-125-31-135.ap-northeast-2.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:42:05 GMT
server: nginx

GET
H2 200 /
cs.adingo.jp/sync/ Frame E116 43 B
413 B 728ms
240ms Image
image/gif 54.248.114.10
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.adingo.jp/sync/?from=criteo&id=k-tZ3df3h6SWaQ1U7Yu67U_wNDvqabhWHf4Pf1Jw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.248.114.10 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-248-114-10.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:42:05 GMT
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: image/gif
server: nginx
p3p: CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 362338.gif
idsync.rlcdn.com/ Frame E116 42 B
449 B 489ms
275ms Image
image/gif 35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/362338.gif?partner_uid=k-XP5taXh6SWaQ1U7Yu67U_wNDvqatfvTlQ3dC_A
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 23 Sep 2022 19:42:04 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2

204

/
s.ad.smaato.net/c/ Frame E116
Redirect Chain

https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-vTgR-3h6SWaQ1U7Yu67U_wNDvqZ-SDope3mxxQ
https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-vTgR-3h6SWaQ1U7Yu67U_wNDvqZ-SDope3mxxQ&cookieCheck=1

0
556 B

172ms
172ms

Image
text/plain

13.227.254.99
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-vTgR-3h6SWaQ1U7Yu67U_wNDvqZ-SDope3mxxQ&cookieCheck=1
Protocol: H2
Server: 13.227.254.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-254-99.sin52.r.cloudfront.net
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:42:05 GMT
via: 1.1 95d5bc8b4873ccfdcd27d17cb5965ff8.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: SIN52-C3
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
cache-control: max-age=300
x-amz-cf-id: ATC3PGIeihJVjx8k9pBrSkrEnKY1TBzG406YP8ceWrD03t_qEUZySg==

Redirect headers

date: Fri, 23 Sep 2022 19:42:04 GMT
via: 1.1 95d5bc8b4873ccfdcd27d17cb5965ff8.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: SIN52-C3
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-vTgR-3h6SWaQ1U7Yu67U_wNDvqZ-SDope3mxxQ&cookieCheck=1
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: vov__eqcAYtDddTNRwgdq1-1_f2uzIN4intshnIaMv0uNtJStkDTRA==

GET
H2 200 sync.htm
ade.clmbtech.com/uid/ Frame E116 68 B
280 B 811ms
256ms Image
image/jpeg 23.50.117.203
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.clmbtech.com/uid/sync.htm?pid=13079&cuid=k-dIs8S3h6SWaQ1U7Yu67U_wNDvqZ8P1Asvo9OgA

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.50.117.203 Jakarta, Indonesia, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-50-117-203.deploy.static.akamaitechnologies.com

Software

Bhoot /

Resource Hash

2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
x-content-type-options: nosniff
server: Bhoot
date: Fri, 23 Sep 2022 19:42:05 GMT
x-frame-options: sameorigin
content-type: image/jpeg
x-request-time: 0.001
content-disposition: inline;filename=f.txt
content-length: 68
x-xss-protection: 1; mode=block

GET
H2

200

1x1.png
cdn.aralego.net/img/ Frame E116
Redirect Chain

https://sync.aralego.com/idSync/?ucf_nid=dsp-833DD22BEB97673FB4E8B8DBB882B99&ucf_user_id=k-JX-lUXh6SWaQ1U7Yu67U_wNDvqaSX94kXZy4Dw
https://cm.g.doubleclick.net/pixel?google_nid=ucfunnel&google_hm=YjFiMWE5ZWItYzI2YS0zOWNiLTg2ZWMtMGNmNWUwMThjZWMw&google_redir=https%3A%2F%2Fcdn.aralego.net%2Fimg%2F1x1.png
https://cdn.aralego.net/img/1x1.png

68 B
645 B

300ms
101ms

Image
image/png

104.26.4.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.aralego.net/img/1x1.png
Protocol: H2
Server: 104.26.4.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:42:05 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2761
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 68
last-modified: Wed, 12 Jun 2019 06:09:43 GMT
server: cloudflare
etag: "5d009727-44"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TJiCUW4dXhT%2B6Dh1ohms8aHgAtC64lndvzaEEiNdW%2Bd2npAmdMjPprmt%2Bb8FOcD2ssH4T29Oi%2FLXzpBjRrP5Uax%2FlvE5UMxoVz1z8rCCEXQImVjHb8Crt9TzHPahdA2Dtg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 74f5c2f75eef3771-MEL
cf-bgj: imgq:85,h2pri

Redirect headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:42:05 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cdn.aralego.net/img/1x1.png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 232
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sync
sync-criteo.ads.yieldmo.com/ Frame E116 43 B
468 B 523ms
170ms Image
image/gif 52.77.191.160
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-nzFl7Hh6SWaQ1U7Yu67U_wNDvqYFHGAFvwzccg&pn_id=criteo&ext=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.77.191.160 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-77-191-160.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 23 Sep 2022 19:42:05 GMT
content-type: image/gif
content-length: 43
access-control-allow-methods: GET, OPTIONS
access-control-request-headers: Cache-Control, Pragma

GET
H3 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
884 B 178ms
177ms Script
text/javascript 74.125.200.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.200.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f113.1e100.net

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.blueillusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:12:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1753
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 23 Sep 2022 20:12:50 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
19 KB 178ms
178ms Script
text/javascript 74.125.200.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KFG7HQ2

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.200.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f113.1e100.net

Software

Golfe2 /

Resource Hash

9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.blueillusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
server: Golfe2
age: 4494
date: Fri, 23 Sep 2022 18:27:09 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19826
expires: Fri, 23 Sep 2022 20:27:09 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 8 B
74 B 480ms
178ms XHR
text/plain 142.251.10.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-2642739-4&cid=856812163.1663962120&jid=1044459658&gjid=2125270059&_gid=2053788488.1663962120&_u=aHDAgEIrAAAAAG~&z=1406720038

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f156.1e100.net

Software

Golfe2 /

Resource Hash

7817ee889e9c73351b96c97c740c9dd746ba87ebd6c6fcab3cd77cd021920ce7

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.blueillusion.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 23 Sep 2022 19:42:03 GMT
content-type: text/plain
access-control-allow-origin: https://www.blueillusion.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 178ms
177ms Image
image/gif 74.125.200.113
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j97&a=1044647150&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.blueillusion.com%2Fsale%3Futm_source%3Dmobile%26utm_medium%3Dsms%26utm_campaign%3DWK8_TAF50_MNO&ul=en-us&de=UTF-8&dt=SALE%20%7C%20Shop%20Online%20%7C%20Blue%20Illusion&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll&ea=10%25&_u=aHDAgEIrAAAAAC~&jid=1044459658&gjid=2125270059&cid=856812163.1663962120&tid=UA-2642739-4&_gid=2053788488.1663962120&gtm=2wg9l0KFG7HQ2&cd2=1663962123087.yltu17op&cd3=2022-09-23T19%3A42%3A03.87%2B00%3A00&cd4=&cd1=856812163.1663962120&z=1102846681

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.200.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f113.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.blueillusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 06:48:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 46408
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 event Show response
sslwidget.criteo.com/ 10 KB
5 KB 184ms
184ms Script
application/x-javascript 182.161.73.146
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://sslwidget.criteo.com/event?a=22812&v=5.12.1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvl%26p%3D%255B114733CNE%252C19866VEP%252C19848VM%255D&p3=e%3Ddis%26a%3D%255B22812%252C22812%255D&adce=1&bundle=_LMVuV9YMXFJY0lUcEtCb2ozczBmczFwQWFFWTZYcENYa3NUTnFHdWMyRkVUOFBnJTJCTnIlMkZ0b0ZjemclMkJJTWElMkZ6dSUyRjZsRjZ0ekdvJTJGSiUyQjlIZndyb2RhMkZLZ1RjNFcxaUYlMkZqcGxFZmpGVUh6Zms4NW5sUGhLejZZSUhWdnJMZVpzRlVMOUxtekxJY3lKZUV4ZWtHcmx1QmhkWTg1RiUyQlVVcyUyRkhqQk4xTHJxVWtkRmUzWSUzRA&tld=blueillusion.com&fu=https%253A%252F%252Fwww.blueillusion.com%252Fsale%253Futm_source%253Dmobile%2526utm_medium%253Dsms%2526utm_campaign%253DWK8_TAF50_MNO&dtycbr=8742

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.146 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

639276fcafc124e1775486d01271e9f86558828eb07aab11910f8a07d4eb6c72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.blueillusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:42:03 GMT
content-encoding: gzip
server: Kestrel
timing-allow-origin: *
strict-transport-security: max-age=31536000; preload;
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 12946431
content-type: application/x-javascript
expires: 0

GET
H3 200 /
www.facebook.com/tr/ Frame AABE 0
15 B 170ms
170ms Image
text/plain 157.240.235.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.235.35 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-04-sin6.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Fri, 23 Sep 2022 19:42:03 GMT
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame E316 43 B
235 B 219ms
219ms Image
image/gif 35.213.12.39
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-O5L_qHh6SWaQ1U7Yu67U_wNDvqbnjHVvB5T8uQ&expires=30
Requested by: Host: www.blueillusion.com
URL: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS: 39.12.213.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 19:42:05 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame E316
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-R-xXsHh6SWaQ1U7Yu67U_wNDvqZ57p1bpKXweQ&google_cm&google_hm=ay1SLXhYc0hoNlNXYVExVTdZdTY3VV93TkR2cVo1N3AxY...
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-R-xXsHh6SWaQ1U7Yu67U_wNDvqZ57p1bpKXweQ&google_cm=&google_hm=ay1SLXhYc0hoNlNXYVExVTdZdTY3VV93TkR2cVo1N3A...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-R-xXsHh6SWaQ1U7Yu67U_wNDvqZ57p1bpKXweQ&google_gid=CAESEBppO68_WNvsbo_3Ib8uWVk&google_cver=1&google_ula=913071,0

43 B
369 B

170ms
170ms

Image
image/gif

182.161.73.146
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-R-xXsHh6SWaQ1U7Yu67U_wNDvqZ57p1bpKXweQ&google_gid=CAESEBppO68_WNvsbo_3Ib8uWVk&google_cver=1&google_ula=913071,0

Protocol

Server

182.161.73.146 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:42:03 GMT
content-type: image/gif
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 761531
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:42:04 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-R-xXsHh6SWaQ1U7Yu67U_wNDvqZ57p1bpKXweQ&google_gid=CAESEBppO68_WNvsbo_3Ib8uWVk&google_cver=1&google_ula=913071,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame E316
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=8694170598883745787

43 B
370 B

171ms
171ms

Image
image/gif

182.161.73.146
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=8694170598883745787

Protocol

Server

182.161.73.146 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:42:04 GMT
content-type: image/gif
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1046954
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 23 Sep 2022 19:42:05 GMT
X-Proxy-Origin: 103.209.254.113; 103.209.254.113; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 532b9fe8-045c-4981-addf-613e4743262a
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=8694170598883745787
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 rum
r.casalemedia.com/ Frame E316 43 B
869 B 301ms
200ms Image
image/gif 104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-wsZ7fnh6SWaQ1U7Yu67U_wNDvqaD9EuvI6fn8g
Requested by: Host: www.blueillusion.com
URL: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray: 74f5c2e8bcac3775-MEL
pragma: no-cache
date: Fri, 23 Sep 2022 19:42:03 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a3rsOU%2FXjXuaV%2BpptsGqyxArF2LwpzOz%2BisRFcVeuDuiMoUM%2BQfOSO0mJeac8QSQ9uJAZ96pbxhxGPcGwzXLEIz0UWbjMMRZRoEpFlXDd6BgBIXMqnwLn70H2YVQl%2FPXPuc1"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame E316
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-gubO73h6SWaQ1U7Yu67U_wNDvqbXsEHLqc72_A
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-gubO73h6SWaQ1U7Yu67U_wNDvqbXsEHLqc72_A

43 B
445 B

172ms
172ms

Image
image/gif

13.228.202.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-gubO73h6SWaQ1U7Yu67U_wNDvqbXsEHLqc72_A
Protocol: H2
Server: 13.228.202.61 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-228-202-61.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 23 Sep 2022 19:42:03 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-gubO73h6SWaQ1U7Yu67U_wNDvqbXsEHLqc72_A
date: Fri, 23 Sep 2022 19:42:03 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 cksync.php
contextual.media.net/ Frame E316 45 B
786 B 228ms
225ms Image
image/gif 23.207.36.20
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-4z59W3h6SWaQ1U7Yu67U_wNDvqbdAyiJybEwEg

Requested by

Host: www.blueillusion.com
URL: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.207.36.20 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-207-36-20.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
server: Apache
date: Fri, 23 Sep 2022 19:42:03 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 45
x-mnet-hl2: E
expires: Fri, 23 Sep 2022 19:42:03 GMT

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame E316 0
877 B 375ms
374ms Image
text/html 18.195.149.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-fzr3a3h6SWaQ1U7Yu67U_wNDvqZeOgKraPCPVQ
Requested by: Host: www.blueillusion.com
URL: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.149.35 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-149-35.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:42:05 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame E316 0
145 B 320ms
320ms Image
text/plain 66.225.223.159
NTTA-3946

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-G-uhfHh6SWaQ1U7Yu67U_wNDvqa52E9paaCvxA
Requested by: Host: www.blueillusion.com
URL: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 66.225.223.159 Sacramento, United States, ASN3949 (NTTA-3946, US),
Reverse DNS: sa.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 19:42:05 GMT
Cache-Control: no-cache
X-TraceId: d6396937cf1f19b29e7315771f89bc6c
Content-Length: 0

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame E316 42 B
97 B 193ms
190ms Image
image/gif 103.231.98.194
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-SA7Klnh6SWaQ1U7Yu67U_wNDvqaFiP4stTh-zA
Requested by: Host: www.blueillusion.com
URL: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:42:03 GMT
cache-control: no-store, no-cache, private
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame E316 42 B
787 B 170ms
169ms Image
image/gif 69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-u1lRNXh6SWaQ1U7Yu67U_wNDvqayre1o48IaDA&expires=30
Requested by: Host: www.blueillusion.com
URL: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 550b0c1400f70e56269f7c1848fb3166
Content-Type: image/gif

GET
H2 200 v1
match.sharethrough.com/sync/ Frame E316 68 B
279 B 171ms
171ms Image
image/png 54.255.75.208
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-pYD0snh6SWaQ1U7Yu67U_wNDvqY6jHQzNtruWA
Requested by: Host: www.blueillusion.com
URL: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.255.75.208 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-255-75-208.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:42:05 GMT
cache-control: no-cache
content-length: 68
content-type: image/png

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame E316 43 B
429 B 170ms
169ms Image
image/gif 23.106.127.53
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-T5sOMnh6SWaQ1U7Yu67U_wNDvqaKz_kcYRwMuA
Requested by: Host: www.blueillusion.com
URL: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.106.127.53 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:42:04 GMT
cache-control: no-cache,no-store
content-type: image/gif
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame E316 0
230 B 170ms
170ms Image
text/plain 141.226.229.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-68q3iHh6SWaQ1U7Yu67U_wNDvqbpFBCB1c7kfg
Requested by: Host: www.blueillusion.com
URL: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:42:05 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 168447

GET
H2 200 um
criteo-sync.teads.tv/ Frame E316 23 B
172 B 297ms
296ms Image
image/gif 23.50.119.72
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-82pIynh6SWaQ1U7Yu67U_wNDvqambrjC4_GQmw
Requested by: Host: www.blueillusion.com
URL: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.50.119.72 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-50-119-72.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:42:05 GMT
cache-control: max-age=0, no-cache, no-store
expires: Fri, 23 Sep 2022 19:42:05 GMT
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

GET
H2 200 xuid
eb2.3lift.com/ Frame E316 37 B
353 B 191ms
190ms Image
image/gif 35.71.178.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-ntHn4nh6SWaQ1U7Yu67U_wNDvqbWw29bhhuq_g&dongle=013b
Requested by: Host: www.blueillusion.com
URL: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ade9ecc7904667038.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:42:05 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58301/ Frame E316 0
311 B 174ms
174ms Image
text/plain 52.74.13.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-kbYwV3h6SWaQ1U7Yu67U_wNDvqadjXGHNrxTXg

Requested by

Host: www.blueillusion.com
URL: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.74.13.196 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-74-13-196.ap-southeast-1.compute.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:42:05 GMT
server: ATS/9.1.10.25
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame E316 0
522 B 396ms
396ms Image
text/plain 104.76.133.249
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dm_id=8666&ext_id=k-d8zH-Hh6SWaQ1U7Yu67U_wNDvqaV_XokcKH2Wg

Requested by

Host: www.blueillusion.com
URL: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.76.133.249 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-76-133-249.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 23 Sep 2022 19:42:05 GMT
x-content-type-options: nosniff
x-frame-options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-application-context: application
Expires: Thu, 22 Sep 2022 19:42:05 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/adgeneration/ Frame E316
Redirect Chain

https://adgen.socdm.com/rtb/sync?proto=adgen&dspid=23
https://dis.criteo.com/dis/rtb/adgeneration/cookiematch.aspx?maid=Yy4MDMCo8XcAAFprG30AAAAA

43 B
370 B

173ms
172ms

Image
image/gif

182.161.73.146
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/adgeneration/cookiematch.aspx?maid=Yy4MDMCo8XcAAFprG30AAAAA

Protocol

Server

182.161.73.146 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:42:05 GMT
content-type: image/gif
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2126321
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Fri, 23 Sep 2022 19:42:05 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/rtb\/sync?proto=adgen&dspid=23","cluster_id":49,"gdpr":false,"ipv4":"103.209.254.113","key":"Yy4MDMCo8XcAAFprG30AAAAA","privacy_sensitive":false,"uid":"Yy4MDMCo8XcAAFprG30AAAAA","upstream_id":"a-ad40365"}
X-SO-Key: Yy4MDMCo8XcAAFprG30AAAAA
X-SO-Upstream-ID: a-ad40365
P3P: CP="See also http://www.scaleout.jp/privacy/"
X-SO-HostName: a-ad40365.dc2p.scaleout.jp
X-SO-UID: Yy4MDMCo8XcAAFprG30AAAAA
Connection: keep-alive
Content-Length: 0
X-SO-IP: 103.209.254.113
X-SO-Cluster-ID: 49
Server: nginx
Location: https://dis.criteo.com/dis/rtb/adgeneration/cookiematch.aspx?maid=Yy4MDMCo8XcAAFprG30AAAAA
Cache-Control: private
X-SO-Ads-Time: 5
X-SO-LB-Hostname: m-ng15.dc4p.scaleout.jp

GET
H/1.1 200
OK idsync
tg.socdm.com/aux/ Frame E316 43 B
935 B 282ms
281ms Image
image/gif 124.146.215.49
INFOSPHERE NTT PC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tg.socdm.com/aux/idsync?proto=criteo&dsp_uid=k-ACwKKXh6SWaQ1U7Yu67U_wNDvqb-Aou46e2yKQ
Requested by: Host: www.blueillusion.com
URL: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 124.146.215.49 , Japan, ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 19:42:05 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=criteo&dsp_uid=k-ACwKKXh6SWaQ1U7Yu67U_wNDvqb-Aou46e2yKQ","cluster_id":49,"gdpr":false,"ipv4":"103.209.254.113","key":"Yy4MDMCo8XcAAFprG30AAAAA","privacy_sensitive":false,"uid":"Yy4MDMCo8XcAAFprG30AAAAA","upstream_id":"a-ad40365"}
X-SO-Key: Yy4MDMCo8XcAAFprG30AAAAA
X-SO-Upstream-ID: a-ad40365
P3P: CP="See also http://www.scaleout.jp/privacy/"
X-SO-HostName: a-ad40365.dc2p.scaleout.jp
X-SO-UID: Yy4MDMCo8XcAAFprG30AAAAA
Connection: keep-alive
Content-Length: 43
X-SO-IP: 103.209.254.113
X-SO-Cluster-ID: 49
Server: nginx
Content-Type: image/gif
Cache-Control: private
X-SO-Ads-Time: 40
X-SO-LB-Hostname: m-tgng19.dc4p.scaleout.jp

GET
H2

200

sync
tags.bluekai.com/site/29001/ Frame E316
Redirect Chain

https://gum.criteo.com/sync?c=4&r=1&a=1&u=https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=%40USERID%40
https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=fsjbx-ENM4az1uV8WW5CSxF0hwjofv4m

62 B
555 B

384ms
384ms

Image
image/gif

23.207.37.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=fsjbx-ENM4az1uV8WW5CSxF0hwjofv4m
Protocol: H2
Server: 23.207.37.206 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-207-37-206.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:42:03 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
content-length: 62
bk-server: 71f8
content-type: image/gif

Redirect headers

location: https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=fsjbx-ENM4az1uV8WW5CSxF0hwjofv4m
date: Fri, 23 Sep 2022 19:42:03 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
server: Kestrel
server-processing-duration-in-ticks: 1362042
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 204 pixel
adx.dable.io/ Frame E316 0
140 B 260ms
259ms Image
text/plain 13.125.31.135
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adx.dable.io/pixel?dsp_id=6&uid=k-z7Z_wnh6SWaQ1U7Yu67U_wNDvqZq7JhcPvw9Yg
Requested by: Host: www.blueillusion.com
URL: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.125.31.135 , Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-125-31-135.ap-northeast-2.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:42:05 GMT
server: nginx

GET
H2 200 /
cs.adingo.jp/sync/ Frame E316 43 B
412 B 241ms
240ms Image
image/gif 54.248.114.10
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.adingo.jp/sync/?from=criteo&id=k-tZ3df3h6SWaQ1U7Yu67U_wNDvqabhWHf4Pf1Jw
Requested by: Host: www.blueillusion.com
URL: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.248.114.10 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-248-114-10.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:42:05 GMT
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: image/gif
server: nginx
p3p: CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H3 200 362338.gif
idsync.rlcdn.com/ Frame E316 42 B
60 B 447ms
274ms Image
image/gif 35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/362338.gif?partner_uid=k-XP5taXh6SWaQ1U7Yu67U_wNDvqatfvTlQ3dC_A
Requested by: Host: www.blueillusion.com
URL: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 23 Sep 2022 19:42:05 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 204 /
s.ad.smaato.net/c/ Frame E316 0
373 B 173ms
172ms Image
text/plain 13.227.254.99
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-vTgR-3h6SWaQ1U7Yu67U_wNDvqZ-SDope3mxxQ
Requested by: Host: www.blueillusion.com
URL: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.254.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-254-99.sin52.r.cloudfront.net
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:42:05 GMT
via: 1.1 95d5bc8b4873ccfdcd27d17cb5965ff8.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: SIN52-C3
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
cache-control: max-age=300
x-amz-cf-id: tx0znHTG2TPtVaY2oCDXIhQa2CC9RPx6SmXzfz55ptYNOuH8IQWWuw==

GET
H2 200 sync.htm
ade.clmbtech.com/uid/ Frame E316 68 B
280 B 357ms
265ms Image
image/jpeg 23.50.117.203
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.clmbtech.com/uid/sync.htm?pid=13079&cuid=k-dIs8S3h6SWaQ1U7Yu67U_wNDvqZ8P1Asvo9OgA

Requested by

Host: www.blueillusion.com
URL: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.50.117.203 Jakarta, Indonesia, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-50-117-203.deploy.static.akamaitechnologies.com

Software

Bhoot /

Resource Hash

2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
x-content-type-options: nosniff
server: Bhoot
date: Fri, 23 Sep 2022 19:42:05 GMT
x-frame-options: sameorigin
content-type: image/jpeg
x-request-time: 0.001
content-disposition: inline;filename=f.txt
content-length: 68
x-xss-protection: 1; mode=block

GET
H3

200

1x1.png
cdn.aralego.net/img/ Frame E316
Redirect Chain

https://sync.aralego.com/idSync/?ucf_nid=dsp-833DD22BEB97673FB4E8B8DBB882B99&ucf_user_id=k-JX-lUXh6SWaQ1U7Yu67U_wNDvqaSX94kXZy4Dw
https://cm.g.doubleclick.net/pixel?google_nid=ucfunnel&google_hm=YjFiMWE5ZWItYzI2YS0zOWNiLTg2ZWMtMGNmNWUwMThjZWMw&google_redir=https%3A%2F%2Fcdn.aralego.net%2Fimg%2F1x1.png
https://cdn.aralego.net/img/1x1.png

68 B
621 B

208ms
109ms

Image
image/png

104.26.4.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.aralego.net/img/1x1.png
Protocol: H3
Server: 104.26.4.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:42:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2762
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 68
last-modified: Wed, 12 Jun 2019 06:09:43 GMT
server: cloudflare
etag: "5d009727-44"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4V8Q%2FeCcAERXqUV8Wk1GJPH2YoeHSTpPxeiPilR0MClTCsppE1I37cHNfvtFBfMUJsArHGhKFL5RQnmpIRN2C9nDUVo68MIAIXcba7BblO%2FofC15QTE9e3o4ZTWq%2F%2FUK6g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 74f5c2f8bd935ab8-MEL
cf-bgj: imgq:85,h2pri

Redirect headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:42:05 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cdn.aralego.net/img/1x1.png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 232
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sync
sync-criteo.ads.yieldmo.com/ Frame E316 43 B
467 B 171ms
171ms Image
image/gif 52.77.191.160
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-nzFl7Hh6SWaQ1U7Yu67U_wNDvqYFHGAFvwzccg&pn_id=criteo&ext=1
Requested by: Host: www.blueillusion.com
URL: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.77.191.160 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-77-191-160.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 23 Sep 2022 19:42:05 GMT
content-type: image/gif
content-length: 43
access-control-allow-methods: GET, OPTIONS
access-control-request-headers: Cache-Control, Pragma

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 478ms
177ms Image
image/gif 142.251.10.147
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-2642739-4&cid=856812163.1663962120&jid=1044459658&_u=aHDAgEIrAAAAAG~&z=1727152022

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.147 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f147.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.blueillusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:42:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com.au/ads/ 42 B
107 B 476ms
176ms Image
image/gif 172.253.118.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.au/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-2642739-4&cid=856812163.1663962120&jid=1044459658&_u=aHDAgEIrAAAAAG~&z=1727152022

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.blueillusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 19:42:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 web-widget-chat-incoming-message-notification-4959cd4.js Show response
static.zdassets.com/web_widget/latest/classic/ Frame 7AA9 208 B
581 B 107ms
107ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/classic/web-widget-chat-incoming-message-notification-4959cd4.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-4959cd4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53be1dac57456d1c758599183b9f5b14c95fe22ea6bc0ee70da5d989ef8a9407

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:42:04 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 410238
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: KR0B44W0A4S49C6C
x-amz-id-2: tMC3v11S4L1TDeCi1q8cOE1DW2zxoPwB2EYM2mC7H74pDx7Aw1w+c4U/4kYN+QcFuYRXRvIhk4A=
last-modified: Sun, 18 Sep 2022 23:58:51 GMT
server: cloudflare
etag: W/"659635f5ad1b6653645380f46aa42236"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xjn1Tc%2FYClTUGTKrAN77Ywa8Glf7QOm2gIqMuBkTGpZ3gzKBE3W4Zr2dTY7yCjABmV6t8rwBHFQMHF5FYAOkq9AtaUAnuaLajrwM%2BYzo6IbEZl9w3c%2FCxs0moR5Pv2rPs3YCdr4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: 4fgjzpJQl4P.Ave6W.y_VChPtaXRgJTl
cf-ray: 74f5c2eb4d8217cc-MEL
expires: Mon, 18 Sep 2023 23:58:50 GMT

GET
H2 200 web-widget-chat-incoming-message-notification-4959cd4.js Show response
static.zdassets.com/web_widget/latest/classic/ Frame F6B0 208 B
474 B 104ms
103ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/classic/web-widget-chat-incoming-message-notification-4959cd4.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-4959cd4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53be1dac57456d1c758599183b9f5b14c95fe22ea6bc0ee70da5d989ef8a9407

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:42:04 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 410238
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: KR0B44W0A4S49C6C
x-amz-id-2: tMC3v11S4L1TDeCi1q8cOE1DW2zxoPwB2EYM2mC7H74pDx7Aw1w+c4U/4kYN+QcFuYRXRvIhk4A=
last-modified: Sun, 18 Sep 2022 23:58:51 GMT
server: cloudflare
etag: W/"659635f5ad1b6653645380f46aa42236"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pleO%2Fp%2B2S0ZaiIwUOIvNWjnk%2FP7xLQcGoRYCSNAbx5t1EMgQ7sOUrgYM4XBGhysylr%2B3A4HbwD3o4lJymianZi5pcf7mFyDqLgmD7aZU0cUBIOo5QRhuHXt8613l2m1QqmBpsJA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: 4fgjzpJQl4P.Ave6W.y_VChPtaXRgJTl
cf-ray: 74f5c2ebadb017cc-MEL
expires: Mon, 18 Sep 2023 23:58:50 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame E316
Redirect Chain

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=54nWtBH32jFbrxeCvc1PLozR4bcMBxAJ

0
337 B

942ms
304ms

Image
text/plain

52.11.93.130
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=54nWtBH32jFbrxeCvc1PLozR4bcMBxAJ
Protocol: H2
Server: 52.11.93.130 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-11-93-130.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:42:05 GMT
cache-control: private, no-cache, no-store
x-request-time: D=28 t=1663962125
x-served-by: beacon-n008-pdx-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=54nWtBH32jFbrxeCvc1PLozR4bcMBxAJ
date: Fri, 23 Sep 2022 19:42:03 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
server: Kestrel
server-processing-duration-in-ticks: 936979
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame E116
Redirect Chain

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=HkrF-i9OItvpFJUE7mICbANzM30PyiQM

0
338 B

914ms
304ms

Image
text/plain

52.11.93.130
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=HkrF-i9OItvpFJUE7mICbANzM30PyiQM
Protocol: H2
Server: 52.11.93.130 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-11-93-130.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 19:42:05 GMT
cache-control: private, no-cache, no-store
x-request-time: D=25 t=1663962125
x-served-by: beacon-n001-pdx-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=HkrF-i9OItvpFJUE7mICbANzM30PyiQM
date: Fri, 23 Sep 2022 19:42:03 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
server: Kestrel
server-processing-duration-in-ticks: 917150
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 206 fda6cd35495c75f83508d9d2e77ee33d.mp3
static.zdassets.com/web_widget/latest/classic/ Frame 7AA9 19 KB
20 KB 104ms
104ms Media
audio/mpeg 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/classic/fda6cd35495c75f83508d9d2e77ee33d.mp3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Range: bytes=0-

Response headers

date: Fri, 23 Sep 2022 19:42:04 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17347068
x-amz-server-side-encryption: AES256
Content-Range: bytes 0-19697/19698
x-amz-replication-status: COMPLETED
x-amz-request-id: 234PACY6YHN3DT8X
x-amz-id-2: Ib7+GgCmlz+ighldJssEMO/nJReUd3ZjUNym48qj2NG2M9HGx4Qm7908eRP1/9BQIp39gdXjfMM=
last-modified: Sat, 05 Mar 2022 21:30:07 GMT
server: cloudflare
etag: "f11ce9e8f40a392830217253fe75d6de"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d8oG7M71yGYVXX%2FigcWYpM%2Fujj0MhfUfIRgHxB2927enhvpkEalboTdvDYm4KC0k6PZXP42%2Fdj4jwBqdfNdXP2UsmtQdhRaHgYzUjSvX774w6THbMVjY4aqLI0SGtZ0Y5GciZLo%3D"}],"group":"cf-nel","max_age":604800}
content-type: audio/mpeg; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: rEiIcwVoP6Gqhntax3yVPyGX.ebLEQ6h
Content-Length: 19698
cf-ray: 74f5c2ebfdeb17cc-MEL
expires: Sun, 05 Mar 2023 21:30:06 GMT

GET
H2 206 fda6cd35495c75f83508d9d2e77ee33d.mp3
static.zdassets.com/web_widget/latest/classic/ Frame F6B0 19 KB
20 KB 105ms
105ms Media
audio/mpeg 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/classic/fda6cd35495c75f83508d9d2e77ee33d.mp3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Range: bytes=0-

Response headers

date: Fri, 23 Sep 2022 19:42:04 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17347068
x-amz-server-side-encryption: AES256
Content-Range: bytes 0-19697/19698
x-amz-replication-status: COMPLETED
x-amz-request-id: 234PACY6YHN3DT8X
x-amz-id-2: Ib7+GgCmlz+ighldJssEMO/nJReUd3ZjUNym48qj2NG2M9HGx4Qm7908eRP1/9BQIp39gdXjfMM=
last-modified: Sat, 05 Mar 2022 21:30:07 GMT
server: cloudflare
etag: "f11ce9e8f40a392830217253fe75d6de"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f3SxBEflFQ5HaWu2nIYaZfUeMgxClExiqdgn0M%2FQpPv857hIliN9CBOoCyPUzr5ZXmtJI6aVdCZuvBp7xTH0IBC8ttbKGeGGy5LhYDpHeZqr53JQ6v%2FGGTcrFVO1M4UZ85jYyhg%3D"}],"group":"cf-nel","max_age":604800}
content-type: audio/mpeg; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: rEiIcwVoP6Gqhntax3yVPyGX.ebLEQ6h
Content-Length: 19698
cf-ray: 74f5c2ec4e0417cc-MEL
expires: Sun, 05 Mar 2023 21:30:06 GMT

POST
H2 204 collect Show response
d.clarity.ms/ 0
48 B 298ms
298ms XHR
text/plain 40.76.174.66
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus/s/0.6.40/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.76.174.66 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.blueillusion.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin: https://www.blueillusion.com
date: Fri, 23 Sep 2022 19:42:03 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame E116 0
522 B 588ms
392ms Image
text/plain 104.76.133.249
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-d8zH-Hh6SWaQ1U7Yu67U_wNDvqaV_XokcKH2Wg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.76.133.249 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-76-133-249.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 23 Sep 2022 19:42:05 GMT
x-content-type-options: nosniff
x-frame-options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-application-context: application
Expires: Thu, 22 Sep 2022 19:42:05 GMT

GET
H3

200

397596.gif
idsync.rlcdn.com/ Frame E116
Redirect Chain

https://gum.criteo.com/sync?c=6&r=1&k=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40
https://idsync.rlcdn.com/397596.gif?partner_uid=D6PU9piTIykrOjguQyYpYNNYbJLycADg

42 B
60 B

299ms
275ms

Image
image/gif

35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/397596.gif?partner_uid=D6PU9piTIykrOjguQyYpYNNYbJLycADg
Protocol: H3
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 23 Sep 2022 19:42:05 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

location: https://idsync.rlcdn.com/397596.gif?partner_uid=D6PU9piTIykrOjguQyYpYNNYbJLycADg
date: Fri, 23 Sep 2022 19:42:04 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
server: Kestrel
server-processing-duration-in-ticks: 1198151
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H3

200

397596.gif
idsync.rlcdn.com/ Frame E316
Redirect Chain

https://gum.criteo.com/sync?c=6&r=1&k=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40
https://idsync.rlcdn.com/397596.gif?partner_uid=w5mBPoYR0jJ-hPEy8-HZSWr1iB0s-2CB

42 B
60 B

301ms
277ms

Image
image/gif

35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/397596.gif?partner_uid=w5mBPoYR0jJ-hPEy8-HZSWr1iB0s-2CB
Protocol: H3
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 23 Sep 2022 19:42:05 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

location: https://idsync.rlcdn.com/397596.gif?partner_uid=w5mBPoYR0jJ-hPEy8-HZSWr1iB0s-2CB
date: Fri, 23 Sep 2022 19:42:04 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
server: Kestrel
server-processing-duration-in-ticks: 1329932
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame E316 0
522 B 594ms
392ms Image
text/plain 104.76.133.249
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-d8zH-Hh6SWaQ1U7Yu67U_wNDvqaV_XokcKH2Wg

Requested by

Host: www.blueillusion.com
URL: https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.76.133.249 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-76-133-249.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 23 Sep 2022 19:42:06 GMT
x-content-type-options: nosniff
x-frame-options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-application-context: application
Expires: Thu, 22 Sep 2022 19:42:05 GMT

POST
H2 204 collect Show response
d.clarity.ms/ 0
48 B 297ms
297ms XHR
text/plain 40.76.174.66
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus/s/0.6.40/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.76.174.66 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.blueillusion.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin: https://www.blueillusion.com
date: Fri, 23 Sep 2022 19:42:06 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

Verdicts & Comments Add Verdict or Comment

92 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

78 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
view.tallbob.com/	1970-01-20 06:42:42	Name: ci_session Value: 1ciGNQ6NvGj61vNqBbymC7bgAsiSbED1FoUCqCWB7S3k9XYK8ndsap%2B%2B71j0ld1IsOiL%2BrGoGZfh%2BE2yd5e0G74tJDToeYGFhyqnYOzOKQ%2Bdtdyf5fXCToE1ChHjcRgSKi50eWC5lvEKpUBoEvqd7Yyz1nzdVeguwNZxzZF4YAXPqiOz139IoYOORDIwvKwOXTgvBbz9h2tfw%2FGP7KLbNEfScY3l8tIHbvkZp2sLCII8eOKVnsmDyCmd%2B%2F3Cb2reI9QOse%2B7c2o9YxE2UoRTLKIHnjSxW90vPSL9BP0hbj%2BZkyArb3aJAdczOA30pBsvTFGHPSD%2FAUXQ7vxSbIsqBUEYi37VWzECo2Aalh810dp%2BKAxIPgawQs7EMaK8dkGJNRk17trzC%2FEtfechV%2Brb227mWR%2FQszyFcIsUMOZY6YximeJE9wyjixg2%2BNcbA5SGJ1Lk3xW6PY1ZGOEPetPOiw%3D%3D543f3c36c7c839ad7fc87ffb530b10a24ebb81e2
www.blueillusion.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: cy0oiys2irqbr2yjbrz1fboo
www.blueillusion.com/	1969-12-31 23:59:59	Name: iSAMS Value: YzgSQ1sgO5Jv8g2MjWjIOOLrVUy1DB0Tk3KVJlw20m35WubUUW+MivoS/+Mh5WN8ma0oSUDZ2h9uVtn2t6EfnA==
www.blueillusion.com/	1970-01-20 15:48:42	Name: __kla_id Value: eyIkcmVmZXJyZXIiOnsidHMiOjE2NjM5NjIxMTksInZhbHVlIjoiIiwiZmlyc3RfcGFnZSI6Imh0dHBzOi8vd3d3LmJsdWVpbGx1c2lvbi5jb20vc2FsZT91dG1fc291cmNlPW1vYmlsZSZ1dG1fbWVkaXVtPXNtcyZ1dG1fY2FtcGFpZ249V0s4X1RBRjUwX01OTyJ9LCIkbGFzdF9yZWZlcnJlciI6eyJ0cyI6MTY2Mzk2MjExOSwidmFsdWUiOiIiLCJmaXJzdF9wYWdlIjoiaHR0cHM6Ly93d3cuYmx1ZWlsbHVzaW9uLmNvbS9zYWxlP3V0bV9zb3VyY2U9bW9iaWxlJnV0bV9tZWRpdW09c21zJnV0bV9jYW1wYWlnbj1XSzhfVEFGNTBfTU5PIn19
.blueillusion.com/	1970-01-20 15:48:42	Name: _ga Value: GA1.2.856812163.1663962120
.blueillusion.com/	1970-01-20 06:14:08	Name: _gid Value: GA1.2.2053788488.1663962120
.criteo.com/	1970-01-20 15:34:18	Name: uid Value: a4160da9-18ec-46c1-a1d1-56d91222b7b3
.blueillusion.com/	1970-01-20 06:12:42	Name: _gat Value: 1
.blueillusion.com/	1970-01-20 15:42:06	Name: cto_bundle Value: _LMVuV9YMXFJY0lUcEtCb2ozczBmczFwQWFFWTZYcENYa3NUTnFHdWMyRkVUOFBnJTJCTnIlMkZ0b0ZjemclMkJJTWElMkZ6dSUyRjZsRjZ0ekdvJTJGSiUyQjlIZndyb2RhMkZLZ1RjNFcxaUYlMkZqcGxFZmpGVUh6Zms4NW5sUGhLejZZSUhWdnJMZVpzRlVMOUxtekxJY3lKZUV4ZWtHcmx1QmhkWTg1RiUyQlVVcyUyRkhqQk4xTHJxVWtkRmUzWSUzRA
www.clarity.ms/	1970-01-20 14:58:18	Name: CLID Value: abbe2d7438f34967ba7f8ffdfc5e20a7.20220923.20230923
.blueillusion.com/	1970-01-20 14:58:18	Name: _clck Value: 1fismvx\|1\|f54\|0
www.blueillusion.com/	1970-01-20 14:58:18	Name: _y2 Value: 1%3AeyJjIjp7fX0%3D%3AMTc0OTg2MjMwNA%3D%3D%3A99
.blueillusion.com/	1970-01-20 08:22:18	Name: _fbp Value: fb.1.1663962121712.1739776437
.blueillusion.com/	1970-01-20 14:58:18	Name: _pin_unauth Value: dWlkPVpEQm1NekpsTW1NdE1UTmtaQzAwTnpJMExXRmtZMkl0Tm1JNE1XVmpabU0wWkdReg
.blueillusion.com/	1970-01-20 06:14:08	Name: _clsk Value: ier43g\|1663962122163\|1\|1\|d.clarity.ms/collect
.ct.pinterest.com/	1970-01-20 14:58:18	Name: _pinterest_ct_ua Value: "TWc9PSZBM2lwcERwWjh2dmZyQngyTm1JVFlKRFoxcStwMGlDTXdYQk00aG5vb1VxN3V4NkJjK3loZEZKZFUxWmtUamVmcUFBaWcwOHk1MFhMMjNCZTFyamJtS0Y0ZGk0OVYxNjFKSU9FODNqaGZMZz0mL0ViRTIxcWtGdWViU2pLM2x0Q2RBcVlUWFo0PQ=="
widget-mediator.zopim.com/	1970-01-20 06:22:46	Name: AWSALBCORS Value: ngfYZ6lJLJcqrhPaQ90ZC18Hzv4Y5nH+ExdHX4XLdi1V6dlX4ebJPGNgE+7CD2yD68P2okgR5sRD9Qtyo2YNVz8XGhha4TGJyOq5EEloSZb1dXfBaNvt0P3ZwOR2
.blueillusion.com/	1970-01-20 06:12:42	Name: _dc_gtm_UA-2642739-4 Value: 1
.casalemedia.com/	1970-01-20 14:58:18	Name: CMID Value: Yy4MC8t7eJtDXVNRcnir9QAA
.casalemedia.com/	1970-01-20 08:22:18	Name: CMPS Value: 5330
.casalemedia.com/	1970-01-20 08:22:18	Name: CMPRO Value: 5330
.360yield.com/	1970-01-20 08:22:18	Name: tuuid_lu Value: 1663962123
.pubmatic.com/	1970-01-20 06:55:54	Name: KRTBCOOKIE_97 Value: 3385-uid:k-SA7Klnh6SWaQ1U7Yu67U_wNDvqaFiP4stTh-zA&KRTB&23144-uid:k-SA7Klnh6SWaQ1U7Yu67U_wNDvqaFiP4stTh-zA&KRTB&23286-uid:k-SA7Klnh6SWaQ1U7Yu67U_wNDvqaFiP4stTh-zA&KRTB&23287-uid:k-SA7Klnh6SWaQ1U7Yu67U_wNDvqaFiP4stTh-zA
.pubmatic.com/	1970-01-20 06:55:54	Name: PugT Value: 1663962123
.media.net/	1970-01-20 06:55:54	Name: data-c-ts Value: 1663962123
.media.net/	1970-01-20 06:55:54	Name: data-c Value: k-4z59W3h6SWaQ1U7Yu67U_wNDvqbdAyiJybEwEg~~3
.360yield.com/	1970-01-20 08:22:18	Name: tuuid Value: 7bd55efb-1e15-4eac-ba8d-e2ec8c5e7576
.media.net/	1970-01-20 14:58:18	Name: visitor-id Value: 3069637231540901000V10
.bidswitch.net/	1970-01-20 14:58:18	Name: tuuid Value: 11080902-ad27-4b67-8312-aaa741763595
.bidswitch.net/	1970-01-20 14:58:18	Name: c Value: 1663962123
.bidswitch.net/	1970-01-20 14:58:18	Name: tuuid_lu Value: 1663962123
.adnxs.com/	1970-01-20 08:22:18	Name: uuid2 Value: 8694170598883745787
.360yield.com/	1970-01-20 08:22:18	Name: umeh Value: !38,0,1726170123,-1
.360yield.com/	1970-01-20 08:22:18	Name: um Value: !38,xbRhuDG-GE6i.-HPxMURjstnWu7usUajf3wj3PuvJ8tD21TapNmskSd48EUgEi1Wg62h0rRZ,1671738123
.casalemedia.com/	1970-01-20 08:22:18	Name: CMTS Value: 5339
.blueillusion.com/	1970-01-20 14:58:18	Name: __zlcmid Value: 1C6lFUujca68ikR
.bluekai.com/	1970-01-20 10:31:54	Name: bkdc Value: phx
.bluekai.com/	1970-01-20 10:31:54	Name: bkpa Value: KJpEnXTLu5DlLMxy1BxFgLhn+Mzruik/nY3onYNmnzo1LEPBXxIvpn111U4hnqJ/14O1e93Jg6GvEzyJvwDvXEY39QYIUHUP
.bluekai.com/	1970-01-20 10:31:54	Name: bku Value: uUW999L1nZmOnXQX
.doubleclick.net/	1970-01-20 15:48:42	Name: IDE Value: AHWqTUnq2GKFLKo3mX6SHy-SxEqJMMrJsjcjrRvrp8CORvtVONNDoruhcz4nFkFw32o
.sharethrough.com/	1970-01-20 06:55:54	Name: stx_user_id Value: f2bde052-beb4-44b4-a14b-61f282ee38ff
.bing.com/	1970-01-20 15:34:18	Name: MUID Value: 25DCE1A0666062220175F388678A639D
.c.bing.com/	1970-01-20 06:22:46	Name: MR Value: 0
.c.bing.com/	1970-01-20 15:34:18	Name: SRM_B Value: 25DCE1A0666062220175F388678A639D
exchange.mediavine.com/	1970-01-20 06:32:51	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%22ccbed980-3b77-11ed-9cc7-4f2aecaec6c7%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 06:32:51	Name: mv_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%22ccbed980-3b77-11ed-9cc7-4f2aecaec6c7%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 06:32:51	Name: am_tokens Value: %7B%22mv_uuid%22%3A%22ccbed980-3b77-11ed-9cc7-4f2aecaec6c7%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 06:32:51	Name: am_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%22ccbed980-3b77-11ed-9cc7-4f2aecaec6c7%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 06:32:51	Name: criteo Value: %7B%22id%22%3A%22k-fzr3a3h6SWaQ1U7Yu67U_wNDvqZeOgKraPCPVQ%22%2C%22version%22%3A%22criteo%22%7D
.outbrain.com/	1970-01-20 08:22:18	Name: obuid Value: 1f88b1fc-4887-499c-9db7-fe48dc3d9dd2
.smartadserver.com/	1970-01-20 15:41:30	Name: pid Value: 4624738737940012782
.smartadserver.com/	1970-01-20 15:41:30	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-20 14:58:18	Name: csync Value: 79:k-T5sOMnh6SWaQ1U7Yu67U_wNDvqaKz_kcYRwMuA
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 15:34:18	Name: MUID Value: 25DCE1A0666062220175F388678A639D
.c.clarity.ms/	1970-01-20 06:22:46	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 06:12:42	Name: ANONCHK Value: 0
.taboola.com/	1970-01-20 14:58:18	Name: t_gid Value: 5b56aec3-80e6-41e1-8af6-a7eb0c2701ed-tucta27918c
.rubiconproject.com/	1970-01-20 14:58:18	Name: khaos Value: L8EW34AE-15-63KQ
.3lift.com/	1970-01-20 08:22:18	Name: tluid Value: 155843586050881901352
.yahoo.com/	1970-01-20 14:58:39	Name: A3 Value: d=AQABBAwMLmMCEETfSISyhi_WiYgePwvCnnwFEgEBAQFdL2M3YwAAAAAA_eMAAA&S=AQAAAnY85BifMnHWNoS1Qmh4iuU
.teads.tv/	1970-01-20 14:56:51	Name: tt_viewer Value: cad1867a-6a12-4863-81b1-cf1f3d00d151
.analytics.yahoo.com/	1970-01-20 14:58:18	Name: IDSYNC Value: 18zh~27bv
.rlcdn.com/	1970-01-20 07:39:06	Name: pxrc Value: CAA=
.smaato.net/	1970-01-20 06:42:56	Name: SCM Value: 06c25ebb
.yieldlab.net/	1970-01-20 14:58:18	Name: id Value: 2b8e03d4-0a39-46fa-bbb2-bd3195d07cbe
.socdm.com/	1970-01-20 15:48:42	Name: SOC Value: Yy4MDMCo8XcAAFprG30AAAAA
.adingo.jp/	1970-01-20 06:55:54	Name: criteo_dsp Value: k-tZ3df3h6SWaQ1U7Yu67U_wNDvqabhWHf4Pf1Jw
.krxd.net/	1970-01-20 10:31:54	Name: _kuid_ Value: PGMSqRl1
.smaato.net/	1970-01-20 06:27:49	Name: SCM1001851 Value: 06c25ebb
.dable.io/	1970-01-20 08:36:42	Name: uid Value: 13563470.1663962125076
.rubiconproject.com/	1970-01-20 14:58:18	Name: audit Value: 1\|2Puvfye5O4WDEHvzRpkmuIegQvL51hM5CL8GtLF6llwigdPgPP+TmtrkAalxzqbHSA6k5OcXaCgwHTRO1/p4iCck1N7K9KkV0dqlR5NoluSCD9zFQIvrTddnyi/TAKsegBJpw5SxgORP49Cz8AR45Q81RaZiaMAQNhtdZHbqZOl16h2LKXkYaJDy+KCnXKr4N6JXMcYuiJM=
.ads.yieldmo.com/	1970-01-20 14:58:18	Name: ptrcriteo Value: k-nzFl7Hh6SWaQ1U7Yu67U_wNDvqYFHGAFvwzccg
.socdm.com/	1970-01-20 15:48:42	Name: SOSYNC Value: anNvbjp7ImFkZzIzIjoxNjYzOTYyMTI1fQ
.yieldmo.com/	1970-01-20 14:58:18	Name: yieldmo_id Value: g430acc59d16d0ad9cb0%7C1663962125435%7C0%7C
.aralego.com/	1970-01-20 14:58:18	Name: sspid Value: b1b1a9eb-c26a-39cb-86ec-0cf5e018cec0
.rlcdn.com/	1970-01-20 14:58:18	Name: rlas3 Value: UO5OdNkvLw9ZxE+ZL7mPnESpTlgmmwQJvql106tgYtc=
www.blueillusion.com/	1970-01-20 14:58:18	Name: _yi Value: 1%3AeyJsaSI6bnVsbCwic2UiOnsiYyI6MSwiZWMiOjI4LCJsYSI6MTY2Mzk2MjEyNjk5NywicCI6MSwic2MiOjZ9LCJ1Ijp7ImlkIjoiMGJkZWYyMzItZDgxNS00MTIwLWI5NDQtYjRmZDM1ZWJkZjhiIiwiZmwiOiIwIn19%3ALTE0MzE4NDYxMTI%3D%3A99

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://script.crazyegg.com/pages/scripts/0068/8856.js Message: Failed to load resource: the server responded with a status of 410 ()
network	error	URL: https://www.blueillusion.com/api/payments/paypal/fraudnetguid Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://www.blueillusion.com/images/assetimages/css/yieldify-sw.js Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://td.yieldify.com/yieldify/code.js?w_uuid=afdcaa85-0322-47cc-8217-bdc10ef8fd14&k=1&loca=https://www.blueillusion.com/sale?utm_source=mobile&utm_medium=sms&utm_campaign=WK8_TAF50_MNO Message: Refused to create a worker from 'blob:https://www.blueillusion.com/8526d925-e0f3-4712-8fa2-ff042a2fcb74' because it violates the following Content Security Policy directive: "default-src * 'unsafe-inline' 'unsafe-eval'". Note that 'worker-src' was not explicitly set, so 'default-src' is used as a fallback. Note that '*' matches only URLs with network schemes ('http', 'https', 'ws', 'wss'), or URLs whose scheme matches `self`'s scheme. The scheme 'blob:' must be added explicitly.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' ; img-src * data: 'unsafe-inline' ; font-src * data: 'unsafe-inline' ; media-src * blob: 'unsafe-inline' ; frame-src * data: 'unsafe-inline' 'unsafe-eval' ;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	NOSNIFF
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.360yield.com
ad.yieldlab.net
ade.clmbtech.com
adgen.socdm.com
adx.dable.io
assets-v2.yieldify.com
assets.yieldify.com
beacon.krxd.net
blue-il.co
blueillusionhelp.zendesk.com
c.bing.com
c.clarity.ms
cdn.aralego.net
cfjump.blueillusion.com
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
criteo-sync.teads.tv
cs.adingo.jp
ct.pinterest.com
custom.yieldify.com
d.clarity.ms
dis.criteo.com
eb2.3lift.com
ekr.zdassets.com
exchange.mediavine.com
fonts.gstatic.com
fonts.yieldify-production.com
gum.criteo.com
ib.adnxs.com
idsync.rlcdn.com
match.sharethrough.com
pixel.rubiconproject.com
r.casalemedia.com
rtb-csync.smartadserver.com
s.ad.smaato.net
s.pinimg.com
script.crazyegg.com
simage2.pubmatic.com
sslwidget.criteo.com
static-tracking.klaviyo.com
static.criteo.net
static.klaviyo.com
static.zdassets.com
stats.g.doubleclick.net
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.aralego.com
sync.outbrain.com
t.cfjump.com
tag.lexer.io
tags.bluekai.com
td.yieldify.com
tg.socdm.com
ups.analytics.yahoo.com
v2.dc.yieldify.com
v2.zopim.com
view.tallbob.com
www.blueillusion.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.com.au
www.googletagmanager.com
x.bidswitch.net
103.231.98.194
103.254.153.160
104.16.107.139
104.16.51.111
104.18.19.126
104.18.70.113
104.18.72.113
104.19.148.8
104.22.17.186
104.254.151.36
104.26.4.103
104.76.133.249
124.146.215.2
124.146.215.49
13.107.246.59
13.125.31.135
13.224.250.108
13.224.250.28
13.227.254.49
13.227.254.99
13.228.202.61
141.226.229.48
142.251.10.147
142.251.10.156
142.251.10.94
142.251.12.154
151.101.128.233
151.101.2.133
151.101.66.133
157.240.235.1
157.240.235.35
172.253.118.94
172.253.118.97
18.195.149.35
182.161.73.129
182.161.73.136
182.161.73.146
204.79.197.200
23.106.127.53
23.207.36.192
23.207.36.20
23.207.37.206
23.50.117.203
23.50.119.72
35.190.60.146
35.213.12.39
35.71.178.8
40.76.174.66
40.82.218.196
52.11.93.130
52.231.207.240
52.62.2.200
52.64.18.187
52.74.13.196
52.77.191.160
52.84.251.17
54.248.114.10
54.255.75.208
66.225.223.159
69.173.158.64
74.125.200.113
99.81.145.251
001830bef80f752fdff86e9c4b1c3352ef31604b397cc632ef7dae1c5601cccc
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
06f8f1f3374bd55823b9c80f44bb0bc970b6c0c08c1a0c0306fc5b97b9c8897e
07ffc5fb5f5dce1e83e1c5800597b86a91550de8f7df06fdcc2594fac70ae162
087dc4dd72225ad6a1f85e7cbb6055ecd94ac44920143e7d10ba086b9e2eaf93
0a540dcbec34af2646cb424e6dae1f4e3355da7de91c015edd56f07835ce7573
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0d0ef0d834b9bf032b991f9f29ae3f313e0d9a69a05ad1978aaff2c4c05e6d3a
0e8b9cd4fa62c9836fe6d12828dc49cf1546820b3d29119578857b042790f13c
13711036352cc6ee2aaf239ed66306d2e7b04e28158b89ad45d7db2e32fb5dcc
19df229ec3cbfb038f8c19b20de282dfa6907251f62d5190c58d6489a96efef1
1b7701a6c28d3a3b512f7890dae6c7d13ab137a7e3d43247563b6fd642e015c7
1b81ec9e7fee0fd3d9304e5bfda6c0a8faff3dfab0e922b496bae42823faa902
1faedeee250256b2c9ffb850d40ebc3df70c4ff340cee3c9b907ae90c5ee52ac
22a76c178715d4f766404156aa659c188901b8c99540daddaa1ee1a179ef7ab2
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
27b068919101fdec06e83abd8987742bc3cc59fa17263c3aeeedef5549f1ee46
2988b2f9b3bd94459a1facc11e9af5159ab4ac9bdb204c78c9ad79feca5ba5bc
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2cfa73c967797bf6150997f46242a1d2d234d1b56a83bd4371d99e7d2829ebeb
2f33ba157d36e369dfa9885536d96ede5d2fb94e9707ec82a0276ccb4353300e
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
34ef286f750e956847c7886d894a60bc70aeb301afce4871193ee1cb9f28eda5
362c6cba4b8d9b7b018f8f0297ea5873ed68f997c0d1ce722edc2ad8f5ab2c11
3708dbeb2f8005876354181955c480019bd6dc01204793c57ea40fd54c8620de
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3b699c2cd84c5722e0c9f34ec0c60a9f548901168f95d86b4f1df433a7b5cc60
3caf19893483cd06da959888158dbe3d510e854ca18aa791150e6ed536aca74b
401164c260ffefce79148d8c45b166684159392b61315b04c04f791b73bb5290
419ec224745af5a55429e87f0747486adef092413c6551be10f48c2a6e5b43e1
435c880e179d12be3b4acf0cac3510c686adc74d588122512d8127c85a8cc7d6
43f81d49837e428a81e3316149c3bae7e7c20b4a21d8006088ac5c0f30bf032c
4de2b90f62761956cfd3287c360d02aeb100ed79b3e5f76ac0f3d513169be366
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f25f48fb8f5b3c62c284b36c633d0b6575511eb96bb76f690493a86a30523c0
4ff02944fe0e8ca62ab9c2f37eac4bf83a580fd7589f500a02923d1636f9afbf
53be1dac57456d1c758599183b9f5b14c95fe22ea6bc0ee70da5d989ef8a9407
53be928df59e56c531352745c04cc8d442f144f4725d7e69900a3a9cc0e0963c
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
561c579d66ced3002754404f18100a5b84c2b6fb62ad20dbc9d0c290a65ac712
5a25b3d15b009e0f2f1655cb1c05632c9c8936c29844d8d421dda90e18bfa4a8
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
616223bd857eba383d459bf05660155c37e3fcc2f2d141bee32aa58111d1bdcc
62ee613ca8b541649ee0a4d2837ded36aa87991ef1030a31cf2030410ff30d5d
639276fcafc124e1775486d01271e9f86558828eb07aab11910f8a07d4eb6c72
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
648d72138fecb1e47b936287d4745ce68b1dc446a706c50f6a5cd967c323d354
64c761a18ac5cc27576d209ac90dc894275bcd6d08fd772350003f83e5b333e3
66e3b33f383f4f19f62ab96e5af48726e51d1b1e0c65ca365b4d47d6a8822900
6783bc22d46ca05d14703dfa990a15809e5ff306e89779b3583c9faadfc352df
6f6380f735899499b6f205cbc905d7464ed2b7ef2622479a7818d7a03909eee4
77a855580e5777964c215031ff89acd8fcdaa6bd95af17ff1b772f75d4718add
7817ee889e9c73351b96c97c740c9dd746ba87ebd6c6fcab3cd77cd021920ce7
79a5a3589b73776b5a034ef8064b3b46eaf2db44ffdd6989fc207b254673559c
79b3552dc6375e3ab539e0a8e32a94938840e77fecba4240115f68a9d3d5a0cd
7c06f887788ce85eec98f8e7225c79ffcb58bfe0e3d605a2d353d519f799d5fb
82832ff4d138a419e97d21bae754fcccc923e89e4b9fff6c9ce8c5d699a75b20
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83495d7831277f5d62fd1ab5f51154c56b5d45c71dfc3722a60a663e229b0273
83b6f9b5c75ff60e6d4228b0a46fa4c0c80c18dabef5d89534d9c7255e10df35
844bfb2ff3311ad9b5611b51d8c72e0c483a8ceafe7c625a5c321637f9277399
8612977ce71d8daf8b9d65f760f236601995d0bdd3493a5a9f2a8edcdfb45722
886edadd16c1ce3b4de7832431cfa4cb690bbf40b7b3cdbb3ee109ecc798727b
8928a78d6f24634ebf94e6094b751502b59e444c7d7b612b53b38be65c20fd41
89687591af20287276c1c2bfd328ed816eeb2bcd0d302b8fdf054245eb1a4041
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8b1f030692803f149f888d6c6fe2f2da71feb30f7bfb92fc283c1059396411da
8b4741cc9a5684a15e1745a6e6da941b70d9a4b9fce891d6c50aad95ee074499
8b811c0359a12866f2c8d635e47ecb255110961faffe22e09593ead4343025fc
8d0d7857e633a9fa63e678728b5cd267fd731d2076fdb6f5dda45e92aa128814
8e6c090e023f84a48bc784044a57f7a2ff9ae1bc68a96b68bb5e7edb9941cd66
8fe5270f7c1f91fd6b75e0357d1b92bde3adfdbae4d8822de29003517b37ba92
91bc8837f6adecffff2b816665500dce9acc94da59c605ccdb5d701c365bbdc2
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
94eb37f3ca8ec6a7d028370dfadf216aaa9a5b6f794a7462707f422aa7098f18
94fea59b348efbddbc07319acfde2f47fa183aca247c038cd649628c5e501b2c
97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9d5d6df93fa64a7a6cc985bcfab0bb8a64d3aba472622b1d8451007140d84555
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
9f2120098bb77b57b5c1f7562d1e94bbf1ef57553a0cf07b7bbe7bc28c214380
9fa662f6fe91d859a21b38349206a808d580baddc34a599ad92794e8e8ad5f9d
a054e5d6318b7d1de4e2133091cece586c2bc0ca2d8c66573876e1eb56aca5f0
a0573b1cbad051abc649639d29bc88a0f0722bf135eb35cac6606837694387b5
a3cf2c21737c2474bdb2afa56f660c81846d693ff9ee714cc0d3f36010eecfd4
a602184b84b6b102fbf23e8c711e1c0e7ce9ff26eb855a9cead629307b268fc1
aeb540b954f4d6fceeaac8787b08fe6697bfb624606b97e650622cc52f73f4a5
aec5c932ebecd2e59a8656c5c06ad6bc9db136db068dc501e702a5d3d9044474
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af94cbc94cac6900c473b2a54aeadb3fe8d2dbd812c8e6ca6973a71b453d3ec1
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1b45d6cd7477e837392fa6d9f744f29f76aff9f1c05ccc5e33c3470754904f9
b20593a01294af3962eaaffb903b05d467a10f350b79ba25d6804df9a7e914fb
b29c4cf57b0910df71382f2dfe1cf3f3980092ed8f4610442f8a5f4a66c7e935
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbffae0d03e6d48b808856596e595ab718c08bbc4476e7323bfcff4a6f833260
be05e1bcd4e71058e4a4d9ddfe040006a37f44de45655cf54ec28425e2bbc8ee
bedbd2b9054a723b6dce3f4967888aaed233a5171273854b6d73a2e61ecaaf42
c154510b7c8ce506b2a9fcc49a3da40b2e7472ff1ba43627b7ffeeda27a3080c
c71a7bdc6e1f2f8875556b690007a65be9e5ae1fb285f76d85180c89a3fa52d2
c74eb1c3c5c76a98b3fc152f3bec32d2c9f4489289998c53c0bb127823e1cdce
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cc5e922d595d2382ce8d9d562c7d92a59124a39cb6dd751605a14a947339b830
ccaf019806ce540fa9dd30cee710e5695ec0cd5d5a0e6f31591ba091585061b1
cf92cd843f3a83f137a36ee418703b44d8a62b10b5bb61280707c0b95cfca5df
d135ffa4ffc76d58e8b55f2eed44d3a7720b95a7a38569d607b818fcc2d84cfa
d53f22e1722967d5bc5c5154abccc1e0e22fca1627d1163370a992e05e2ca1d7
d5e46e0dbb16e9e74e596c4cf540f51cd9cfd97c3452253f042db4f4f0186383
d9fe3344f6ffaaaaaf42a2adab7e1b57944a8312985777943283a47f766fd036
daa83f1cc86dc92a59563b5f374af858f688cf37f90beb60a3da3d266c637f3a
dbcef3b5ce770e8a3e8350473f04fbe627a78fa93a4441a24afec965643733e8
dd9637bc499921928f02e9b7a7fbedf395fd7c9e8276b9ef7d63f3ad1ac11947
df52f3d62bc75da4e6ce3950143f6e4f4c1ba76067b2b2d49beb0070ca26c777
e072f6d509ad07c0d6e91dcb827a976c8697126881ce7659aeefe35cd731e886
e3963c23be9d30c18d4035d649bc3c95d0c179423ebdf132e0575dd74cc5644e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb704e4d08695f5edcaa46d930344936bb15e7b4ec679686187c8aa3181d1a30
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1b44c262fb95e4407d418d5a86533d2190c00c698fbc51e77b9f22624fc064e
f7d54d08a1baf85e92deaa1827269d9ff6d617a2da5b6d6aad35b515fb905d97
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3
fc4425d8541af253a192a43736a9547f645e209650445404c197e46d189e9aec
fee408c89465fc6d779ba4faad31ea24a38fd917f4ee9dc915ca6acb254328db
ff09b3db25a670897974ea1c22bfd4bd39f1ef9de6748384ee7831262ff64867

www.blueillusion.com Open in urlscan Pro 104.22.17.186 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

209 Requests

89 %HTTPS

0 %IPv6

53 Domains

66 Subdomains

55 IPs

10 Countries

3623 kBTransfer

8084 kBSize

78 Cookies

12 Outgoing links

Page URL History

Redirected requests

209 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.blueillusion.com Open in urlscan Pro
104.22.17.186 Public Scan

Screenshot
Live screenshot

Full Image

209
Requests

89 %
HTTPS

0 %
IPv6

53
Domains

66
Subdomains

55
IPs

10
Countries

3623 kB
Transfer

8084 kB
Size

78
Cookies

209 HTTP transactions
0 data transactions