Submitted URL: https://tpknowledge.com/
Effective URL: https://www.tpbluemind.com/
Submission: On November 21 via api from US — Scanned from US

Summary

This website contacted 34 IPs in 1 countries across 37 domains to perform 83 HTTP transactions. The main IP is 2606:4700:3032::6815:3860, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.tpbluemind.com.
TLS certificate: Issued by WE1 on November 4th 2024. Valid for: 3 months.
This is the only time www.tpbluemind.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
36 2606:4700:303... 13335 (CLOUDFLAR...)
2 2600:9000:214... 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
5 34.168.224.78 396982 (GOOGLE-CL...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 18.238.49.101 16509 (AMAZON-02)
2 2a03:2880:f00... 32934 (FACEBOOK)
2 2607:f8b0:400... 15169 (GOOGLE)
2 34.86.110.8 396982 (GOOGLE-CL...)
3 2607:f8b0:400... 15169 (GOOGLE)
1 2 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
21 24 34.150.170.96 396982 (GOOGLE-CL...)
1 69.194.240.13 26120 (RHYTHMONE)
1 2 35.71.139.29 16509 (AMAZON-02)
1 2600:1f18:612... 14618 (AMAZON-AES)
1 2 34.111.113.62 396982 (GOOGLE-CL...)
1 1 13.225.63.83 16509 (AMAZON-02)
1 1 2600:9000:21d... 16509 (AMAZON-02)
1 2 2600:9000:284... 16509 (AMAZON-02)
1 8.28.7.83 62713 (AS-PUBMATIC)
1 63.251.28.230 26558 (FREEWHEEL)
2 2 2600:1901:0:8... 396982 (GOOGLE-CL...)
1 2 216.22.16.40 30633 (LEASEWEB-...)
1 2 34.229.3.43 14618 (AMAZON-AES)
1 2 2001:4998:60:... 14196 (YAHOO-CHA)
1 52.4.194.40 14618 (AMAZON-AES)
1 23.220.132.230 16625 (AKAMAI-AS)
1 2 3.222.126.253 14618 (AMAZON-AES)
1 2 18.210.114.147 14618 (AMAZON-AES)
2 2 35.244.154.8 396982 (GOOGLE-CL...)
1 1 107.178.254.65 396982 (GOOGLE-CL...)
1 2 2620:1ec:21::14 8068 (MICROSOFT...)
1 1 172.253.122.156 15169 (GOOGLE)
1 2 68.67.179.153 29990 (ASN-APPNEX)
1 69.173.146.5 26667 (RUBICONPR...)
1 2 35.244.159.8 396982 (GOOGLE-CL...)
3 3 142.250.31.156 15169 (GOOGLE)
2 2a03:2880:f10... 32934 (FACEBOOK)
83 34
Apex Domain
Subdomains
Transfer
36 tpbluemind.com
www.tpbluemind.com
2 MB
26 simpli.fi
tag.simpli.fi — Cisco Umbrella Rank: 5206
i.simpli.fi — Cisco Umbrella Rank: 4244
um.simpli.fi — Cisco Umbrella Rank: 878
15 KB
7 rlets.com
cdn.rlets.com — Cisco Umbrella Rank: 16426
d6112f1d-da74-44e8-a87e-7dbf4c1daaa6.rlets.com
fault.rlets.com — Cisco Umbrella Rank: 289671
89 KB
6 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
td.doubleclick.net — Cisco Umbrella Rank: 182
cm.g.doubleclick.net — Cisco Umbrella Rank: 284
4 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 3
128 B
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 120
214 B
2 openx.net
us-u.openx.net — Cisco Umbrella Rank: 525
502 B
2 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 281
2 KB
2 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 333
899 B
2 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 476
833 B
2 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 973
895 B
2 crwdcntrl.net
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1026
834 B
2 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 548
531 B
2 exelator.com
loadm.exelator.com — Cisco Umbrella Rank: 2185
2 KB
2 smartadserver.com
sync.smartadserver.com — Cisco Umbrella Rank: 1526
887 B
2 pro-market.net
fei.pro-market.net — Cisco Umbrella Rank: 2363
922 B
2 intentiq.com
sync.intentiq.com — Cisco Umbrella Rank: 1052
2 KB
2 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 550
d.agkn.com — Cisco Umbrella Rank: 758
1 KB
2 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 470
1 KB
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 429
970 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
89 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 192
74 KB
2 reachlocalservices.com
capture-api.reachlocalservices.com — Cisco Umbrella Rank: 19383
589 B
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 419
1 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 96
23 B
1 pippio.com
pippio.com — Cisco Umbrella Rank: 805
633 B
1 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 2213
27 B
1 bfmio.com
sync.bfmio.com — Cisco Umbrella Rank: 1532
421 B
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 619
653 B
1 pubmatic.com
image2.pubmatic.com — Cisco Umbrella Rank: 886
551 B
1 tremorhub.com
simplifi.partners.tremorhub.com — Cisco Umbrella Rank: 6784
175 B
1 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 513
99 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 225
4 KB
1 gstatic.com
fonts.gstatic.com
37 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
1 KB
1 tpknowledge.com
tpknowledge.com
483 B
0 lkqd.net Failed
cs.lkqd.net Failed
83 37
Domain Requested by
36 www.tpbluemind.com www.tpbluemind.com
24 um.simpli.fi 21 redirects
4 d6112f1d-da74-44e8-a87e-7dbf4c1daaa6.rlets.com cdn.rlets.com
3 cm.g.doubleclick.net 3 redirects
3 www.google.com www.googletagmanager.com
2 www.facebook.com
2 us-u.openx.net 1 redirects
2 ib.adnxs.com 1 redirects
2 px.ads.linkedin.com 1 redirects
2 idsync.rlcdn.com 2 redirects
2 ce.lijit.com 1 redirects
2 bcp.crwdcntrl.net 1 redirects
2 ups.analytics.yahoo.com 1 redirects
2 loadm.exelator.com 1 redirects
2 sync.smartadserver.com 1 redirects
2 fei.pro-market.net 2 redirects
2 sync.intentiq.com 1 redirects
2 pixel.tapad.com 1 redirects
2 eb2.3lift.com 1 redirects
2 googleads.g.doubleclick.net 1 redirects www.googletagmanager.com
2 www.googletagmanager.com cdn.rlets.com
www.googletagmanager.com
2 connect.facebook.net cdn.rlets.com
connect.facebook.net
2 capture-api.reachlocalservices.com cdn.rlets.com
2 cdn.rlets.com www.tpbluemind.com
cdn.rlets.com
1 pixel.rubiconproject.com
1 www.googleadservices.com 1 redirects
1 pippio.com 1 redirects
1 stags.bluekai.com
1 sync.bfmio.com
1 ads.stickyadstv.com
1 image2.pubmatic.com
1 d.agkn.com 1 redirects
1 aa.agkn.com 1 redirects
1 simplifi.partners.tremorhub.com
1 sync.1rx.io
1 td.doubleclick.net www.googletagmanager.com
1 i.simpli.fi tag.simpli.fi
1 tag.simpli.fi cdn.rlets.com
1 fault.rlets.com
1 cdnjs.cloudflare.com www.tpbluemind.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com www.tpbluemind.com
1 tpknowledge.com 1 redirects
0 cs.lkqd.net Failed
83 44
Subject Issuer Validity Valid
tpbluemind.com
WE1
2024-11-04 -
2025-02-02
3 months crt.sh
*.rlets.com
Amazon RSA 2048 M02
2024-09-29 -
2025-10-27
a year crt.sh
upload.video.google.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
*.gstatic.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
captureapi.localiq.com
R10
2024-10-12 -
2025-01-10
3 months crt.sh
cdnjs.cloudflare.com
WE1
2024-09-28 -
2024-12-27
3 months crt.sh
*.reachlocalservices.com
Amazon RSA 2048 M02
2024-10-03 -
2025-11-01
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-08-30 -
2024-11-28
3 months crt.sh
*.google-analytics.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
*.simpli.fi
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-11-13 -
2025-12-14
a year crt.sh
*.google.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
*.g.doubleclick.net
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
*.doubleclick.net
WR2
2024-10-21 -
2025-01-13
3 months crt.sh

This page contains 6 frames:

Primary Page: https://www.tpbluemind.com/
Frame ID: C060D36DE8709117AD14178E7528E01D
Requests: 76 HTTP requests in this frame

Frame: https://d6112f1d-da74-44e8-a87e-7dbf4c1daaa6.rlets.com/static/storage.html
Frame ID: 18D0DEF7DD5EDC31A2EE29EB239F8CF8
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/770374930?random=1732202154327&cv=11&fst=1732202154327&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4bk0za200&gcd=13t3t3t3t5l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.tpbluemind.com%2F&hn=www.googleadservices.com&frm=0&tiba=BlueMind%20%E2%80%93%20Conhecimento%2C%20Previsibilidade%2C%20Menos%20complexidade%2C%20Tecnologia%2C%20Seguran%C3%A7a.&npa=0&pscdl=noapi&auid=1136892894.1732202154&fledge=1&data=event%3Dgtag.config
Frame ID: FC2B05747C43666B100392BDBC8617AA
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4bj0/sw_iframe.html?origin=https%3A%2F%2Fwww.tpbluemind.com
Frame ID: F45E59B76D206F6AF92A136887EB5EA2
Requests: 1 HTTP requests in this frame

Frame: https://cdn.rlets.com/capture_static/mms/capture.js
Frame ID: 1BB4C65095DAB1641924424AEC84FD50
Requests: 1 HTTP requests in this frame

Frame: https://d6112f1d-da74-44e8-a87e-7dbf4c1daaa6.rlets.com/static/storage.html
Frame ID: 44D398519C586E258B97C93234A2EAE5
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

BlueMind – Conhecimento, Previsibilidade, Menos complexidade, Tecnologia, Segurança.

Page URL History Show full URLs

  1. https://tpknowledge.com/ HTTP 301
    https://www.tpbluemind.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
  • wp-embed\.min\.js\?ver=([\d.]+)

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js


Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • select2(?:\.min|\.full)?\.js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

83
Requests

73 %
HTTPS

44 %
IPv6

37
Domains

44
Subdomains

34
IPs

1
Countries

2205 kB
Transfer

3351 kB
Size

69
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://tpknowledge.com/ HTTP 301
    https://www.tpbluemind.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 54
  • https://um.simpli.fi/smaato HTTP 302
  • https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=4D7658AC6A494BA6A0CCC56301AD71F4 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=109&partnerUserId=cef53a93c7&gdpr=0&gdpr_consent=
Request Chain 55
  • https://um.simpli.fi/nexxen HTTP 302
  • https://sync.1rx.io/usersync/simplifi/4D7658AC6A494BA6A0CCC56301AD71F4
Request Chain 56
  • https://um.simpli.fi/triplelift HTTP 302
  • https://eb2.3lift.com/xuid?mid=7969&xuid=4D7658AC6A494BA6A0CCC56301AD71F4&dongle=yf3 HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=7969&xuid=4D7658AC6A494BA6A0CCC56301AD71F4&dongle=yf3&gdpr=0&cmp_cs=&us_privacy=
Request Chain 57
  • https://um.simpli.fi/telaria_p HTTP 302
  • https://simplifi.partners.tremorhub.com/sync?UISF=4D7658AC6A494BA6A0CCC56301AD71F4
Request Chain 58
  • https://um.simpli.fi/tapad HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=4D7658AC6A494BA6A0CCC56301AD71F4 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=4D7658AC6A494BA6A0CCC56301AD71F4
Request Chain 59
  • https://um.simpli.fi/ad_advisor HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=4D7658AC6A494BA6A0CCC56301AD71F4 HTTP 302
  • https://d.agkn.com/pixel/10751/?che=1732202154631&ip=5.181.234.134&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D214480605073015454441 HTTP 302
  • https://um.simpli.fi/aa_px?sk=214480605073015454441 HTTP 302
  • https://um.simpli.fi/empty.gif
Request Chain 60
  • https://um.simpli.fi/intentiq HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=4D7658AC6A494BA6A0CCC56301AD71F4 HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=4D7658AC6A494BA6A0CCC56301AD71F4&ckls=true&ci=l4AnTh40hY&nc=false&trid=-800679473
Request Chain 61
  • https://um.simpli.fi/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:4D7658AC6A494BA6A0CCC56301AD71F4
Request Chain 62
  • https://um.simpli.fi/freewheel HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=753&userId=4D7658AC6A494BA6A0CCC56301AD71F4
Request Chain 63
  • https://um.simpli.fi/dtnx HTTP 302
  • https://fei.pro-market.net/engine?du=24;csync=4D7658AC6A494BA6A0CCC56301AD71F4;mimetype=img; HTTP 302
  • https://fei.pro-market.net/engine?du=24;csync=4D7658AC6A494BA6A0CCC56301AD71F4;mimetype=img;sr HTTP 302
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Ffei.pro-market.net%2Fengine%3Fsite%3D161185%26size%3D1x1%26du%3D36%26csync%3D[sas_uid] HTTP 302
  • https://sync.smartadserver.com/getuid?url=https://fei.pro-market.net/engine?site=161185&size=1x1&du=36&csync=[sas_uid]&cklb=1
Request Chain 64
  • https://um.simpli.fi/exelatem HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=4D7658AC6A494BA6A0CCC56301AD71F4&j=0 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=4D7658AC6A494BA6A0CCC56301AD71F4&j=0&xl8blockcheck=1
Request Chain 65
  • https://um.simpli.fi/yahoo HTTP 302
  • https://ups.analytics.yahoo.com/ups/55964/sync?uid=4D7658AC6A494BA6A0CCC56301AD71F4 HTTP 302
  • https://ups.analytics.yahoo.com/ups/55964/sync?uid=4D7658AC6A494BA6A0CCC56301AD71F4&verify=true
Request Chain 66
  • https://um.simpli.fi/beachfront HTTP 302
  • https://sync.bfmio.com/sync?pid=141&uid=4D7658AC6A494BA6A0CCC56301AD71F4
Request Chain 67
  • https://um.simpli.fi/bluekai HTTP 302
  • https://stags.bluekai.com/site/29931?id=4D7658AC6A494BA6A0CCC56301AD71F4
Request Chain 68
  • https://um.simpli.fi/crwdcntrl HTTP 302
  • https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=4D7658AC6A494BA6A0CCC56301AD71F4 HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=4D7658AC6A494BA6A0CCC56301AD71F4
Request Chain 69
  • https://um.simpli.fi/lj_match HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=4D7658AC6A494BA6A0CCC56301AD71F4 HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=4D7658AC6A494BA6A0CCC56301AD71F4&dnr=1
Request Chain 70
  • https://um.simpli.fi/liveramp_match HTTP 302
  • https://idsync.rlcdn.com/419566.gif?partner_uid=4D7658AC6A494BA6A0CCC56301AD71F4 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CO7NGRIrCicIARDuJBogNEQ3NjU4QUM2QTQ5NEJBNkEwQ0NDNTYzMDFBRDcxRjQQABoNCKqd_bkGEgUI6AcQAEIASgA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=a6707f35ec546fb9a708192c87012b48d5018d6b08baccbb2a1f608e831f82f1791426b5417dce21&_=2 HTTP 307
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=a6707f35ec546fb9a708192c87012b48d5018d6b08baccbb2a1f608e831f82f1791426b5417dce21&rand=05813841 HTTP 302
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=a6707f35ec546fb9a708192c87012b48d5018d6b08baccbb2a1f608e831f82f1791426b5417dce21&rand=05813841&expected_cookie=bfa0fd81-5fbd-4918-9262-ba04a83f787a
Request Chain 71
  • https://www.googleadservices.com/pagead/conversion/1026675585/?random=1732202154357&cv=7&fst=1732202154357&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1386515520&cv=7&fst=1732202154357&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCOvGsQII08WxAgilxrEC&pscrd=IhMIn9Ph8NvtiQMVeCuICR1vmSEkMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhtodHRwczovL3d3dy50cGJsdWVtaW5kLmNvbS8 HTTP 302
  • https://www.google.com/pagead/1p-conversion/1026675585/?random=1386515520&cv=7&fst=1732202154357&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCOvGsQII08WxAgilxrEC&pscrd=IhMIn9Ph8NvtiQMVeCuICR1vmSEkMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhtodHRwczovL3d3dy50cGJsdWVtaW5kLmNvbS8&is_vtc=1&cid=CAQSKQCa7L7dJOZFXzSu7b4OFavAwv4BjjjU4snLuFj2YdIRG09AqhjSFuzo&random=1106708642
Request Chain 73
  • https://um.simpli.fi/an HTTP 302
  • https://ib.adnxs.com/setuid?entity=66&code=4D7658AC6A494BA6A0CCC56301AD71F4 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D4D7658AC6A494BA6A0CCC56301AD71F4
Request Chain 74
  • https://um.simpli.fi/rb_match HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=4D7658AC6A494BA6A0CCC56301AD71F4&expires=365
Request Chain 75
  • https://um.simpli.fi/ox_match HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=4D7658AC6A494BA6A0CCC56301AD71F4 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=4D7658AC6A494BA6A0CCC56301AD71F4
Request Chain 76
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm=&google_sc=&google_tc= HTTP 302
  • https://um.simpli.fi/g_match?id=&google_gid=CAESEPE0whGu_s_CHMROQhZ_uHE&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=4D7658AC6A494BA6A0CCC56301AD71F4 HTTP 302
  • https://um.simpli.fi/g_match?id=

83 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.tpbluemind.com/
Redirect Chain
  • https://tpknowledge.com/
  • https://www.tpbluemind.com/
167 KB
32 KB
Document
General
Full URL
https://www.tpbluemind.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:3860 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.33
Resource Hash
d83d819e1715a36eb8a0ec8a855fab950790c0ee7d948efa7b47dad02df378fb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8e61a33e18c4c46d-EWR
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Thu, 21 Nov 2024 15:15:53 GMT
link
<https://www.tpbluemind.com/wp-json/>; rel="https://api.w.org/", <https://www.tpbluemind.com/wp-json/wp/v2/pages/2>; rel="alternate"; type="application/json", <https://www.tpbluemind.com/>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HxN5EIZca5podo8TuPeT3yoKE7gQl%2Fq37KQUiCjgQ6xHTZo2nSxXW7ePSh1kvsw5nf5ptBLH5tG%2FgEiKGN3gnjQdAdNYl0VpbsMH6Ndr6Qe1EQ62279dU6CgUIDujNLJD%2FinrrFrrRv1g2eVplgcYuM%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=8410&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4159&recv_bytes=4428&delivery_rate=830&cwnd=12000&unsent_bytes=0&cid=15f28aed7196af2f&ts=527&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding
x-pingback
https://www.tpbluemind.com/xmlrpc.php
x-powered-by
PHP/7.3.33

Redirect headers

cache-control
max-age=3600
cf-ray
8e61a33d0a4cc3fd-EWR
content-length
167
content-type
text/html
date
Thu, 21 Nov 2024 15:15:52 GMT
expires
Thu, 21 Nov 2024 16:15:52 GMT
location
https://www.tpbluemind.com/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=09quziNYGLlg1tLaULQ6gWubr8C51f6twoW%2FC%2BvHORxFsWHGaWtpPJ0dq0nTBmAGY7CocY3GrDZqTsUKeQETWQe%2BG%2Fa995hueldMAMSF8aMt2U5XSI2%2FlxUz6bT6Cm2oFc9MelpgoTTEnfx98AY%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
style.min.css
www.tpbluemind.com/wp-includes/css/dist/block-library/
57 KB
9 KB
Stylesheet
General
Full URL
https://www.tpbluemind.com/wp-includes/css/dist/block-library/style.min.css?ver=5.7.12
Requested by
Host: www.tpbluemind.com
URL: https://www.tpbluemind.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:3860 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpbluemind.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"33011b3-e33b-5bf567a917900-gzip"
age
1115
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8dVnYhTnWn1IKC4nqtgK3LUVl16U5G9mKWH2QSqkF3jPrGea57jMqkcLgq%2BDO09HtcIWcpiZzfukfhBrwQetf8wr5ru%2Bp78EIRMQ2h1tXN7AMuj85ZFcDEe0j2CDjPgWJN3L81UpPoYnn7O2K6TtGko%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=22052&sent=41&recv=29&lost=0&retrans=0&sent_bytes=37149&recv_bytes=6771&delivery_rate=777704&cwnd=24000&unsent_bytes=0&cid=15f28aed7196af2f&ts=605&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 21 Nov 2024 15:15:53 GMT
content-type
text/css
last-modified
Tue, 06 Apr 2021 23:50:28 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e61a3419f12c46d-EWR
accept-ranges
bytes
content-length
8685
server
cloudflare
style.min.css
www.tpbluemind.com/wp-content/themes/bluemind/
50 KB
9 KB
Stylesheet
General
Full URL
https://www.tpbluemind.com/wp-content/themes/bluemind/style.min.css
Requested by
Host: www.tpbluemind.com
URL: https://www.tpbluemind.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:3860 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8bdf7157c5ba065ba025584d62653d1fecf6a9515b5dae2596e75d2dad60dbc4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpbluemind.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"37a22f3-c6a5-5c3cd136aae87-gzip"
age
1115
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GupUnUeDATkv1fZsPdeEZogAcDC54WSuHJEsj6BSDe5Xe6aznbHooh9NITASA9xrh0gbuaLoSHhAfLN6uNlZAkq%2B3%2BN853WjeR%2BtTGWul0r4g5UX56i70awYUnDVvh%2FPoL4mlhBqO%2F8gzeSKiQrFRLY%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=13994&sent=58&recv=37&lost=0&retrans=0&sent_bytes=56019&recv_bytes=7115&delivery_rate=594095&cwnd=24000&unsent_bytes=0&cid=15f28aed7196af2f&ts=620&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 21 Nov 2024 15:15:53 GMT
content-type
text/css
last-modified
Wed, 02 Jun 2021 19:00:45 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e61a3419f13c46d-EWR
accept-ranges
bytes
content-length
8275
server
cloudflare
style.css
www.tpbluemind.com/wp-content/themes/bluemind/
107 B
798 B
Stylesheet
General
Full URL
https://www.tpbluemind.com/wp-content/themes/bluemind/style.css
Requested by
Host: www.tpbluemind.com
URL: https://www.tpbluemind.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:3860 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
910fcf27e9b4abdc98a579827553e1f2a11fabcf41c769eac543192eff699999

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpbluemind.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"37a22f2-6b-5c2c902846780-gzip"
age
1115
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IfD%2BxC6Wa0%2BbeOwR8U%2BaAkk99h3J14JiUGszkb4%2BupsZjAKpxcd9yuhIArAV5J1EmnShCew7vEeTKksAbQG0iBtwuVABw3aqYW2dYkFfg1bLlWl6jyD3Mnd%2BtMvb0loMYmpbFF20rNex622KmtOsIBw%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=13994&sent=66&recv=37&lost=0&retrans=0&sent_bytes=65174&recv_bytes=7115&delivery_rate=594095&cwnd=24000&unsent_bytes=0&cid=15f28aed7196af2f&ts=623&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 21 Nov 2024 15:15:53 GMT
content-type
text/css
last-modified
Thu, 20 May 2021 20:44:30 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e61a3419f14c46d-EWR
accept-ranges
bytes
content-length
113
server
cloudflare
logo-topo.png
www.tpbluemind.com/wp-content/uploads/2018/12/
4 KB
4 KB
Image
General
Full URL
https://www.tpbluemind.com/wp-content/uploads/2018/12/logo-topo.png
Requested by
Host: www.tpbluemind.com
URL: https://www.tpbluemind.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:3860 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cdbebbb9785b7b16ec1bab91c846613f4c9481b740ad3d092dbd441d92637f92

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpbluemind.com/

Response headers

cf-cache-status
HIT
etag
"3a82413-e62-5c29aa1271b00"
age
1115
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lK1TVEkAOPioGvcfHL6%2BuE3Nl8V5k2T6EcsjLJcCKBwnX9NT4EbxR2mZWK5NirTBbte6avpJXq%2Bhn2JiJfW2COe6NnPx6nEHbht7DsxK6rR9PzqYtsV8Q3Gi2PqqYh4PdapThE5JZP4sVeNLP34%2Fc18%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=22052&sent=49&recv=29&lost=0&retrans=0&sent_bytes=46709&recv_bytes=6771&delivery_rate=777704&cwnd=24000&unsent_bytes=0&cid=15f28aed7196af2f&ts=605&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 21 Nov 2024 15:15:53 GMT
content-type
image/png
last-modified
Tue, 18 May 2021 13:24:28 GMT
vary
Accept-Encoding
priority
u=2,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e61a3419f16c46d-EWR
accept-ranges
bytes
content-length
3682
server
cloudflare
logo-dev.png
www.tpbluemind.com/wp-content/uploads/2018/12/
4 KB
5 KB
Image
General
Full URL
https://www.tpbluemind.com/wp-content/uploads/2018/12/logo-dev.png
Requested by
Host: www.tpbluemind.com
URL: https://www.tpbluemind.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:3860 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3752e3b9db347fa1f95dd5592bafd528bef6fe505d160680b368106c136f843

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpbluemind.com/

Response headers

cf-cache-status
HIT
etag
"3a8240f-fdc-5c29aa117d8c0"
age
1115
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Sf73eB8PE5MBXBLA0tIhPLFgkfozEoENPZIKmLr3JJkZRsugxKGaK0nUI0IrV393OrLMVy0GrMppRNV5GTGoFsCnHpz2dFQvLdqfVQRYQ%2B3%2BeI6IXr5tt1teI7qEgMxqHq6Qilp2UP8MRXUbOHevsN8%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=22052&sent=53&recv=29&lost=0&retrans=0&sent_bytes=51163&recv_bytes=6771&delivery_rate=777704&cwnd=24000&unsent_bytes=0&cid=15f28aed7196af2f&ts=608&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 21 Nov 2024 15:15:53 GMT
content-type
image/png
last-modified
Tue, 18 May 2021 13:24:27 GMT
vary
Accept-Encoding
priority
u=2,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e61a3419f18c46d-EWR
accept-ranges
bytes
content-length
4060
server
cloudflare
email-decode.min.js
www.tpbluemind.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/
1 KB
1 KB
Script
General
Full URL
https://www.tpbluemind.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: www.tpbluemind.com
URL: https://www.tpbluemind.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:3860 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpbluemind.com/

Response headers

x-frame-options
DENY
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=172800, public
content-encoding
gzip
etag
W/"67379eb7-4d7"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GmWujUq7qNw4LSFdp2FFzatjNuMyQDBAdnjNKCUnchM6oiuqoyu%2Bq0mg9cNA1fL4FY5dxb%2FHdONA3e6G6EjYty6Texg73h3%2Fb7oVzDFipgTbSAIB3QZ8eebH%2BqyD5Evk1ExGADLflBJFAxq8Wle4bi4%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8e61a341ef91c46d-EWR
expires
Sat, 23 Nov 2024 15:15:53 GMT
date
Thu, 21 Nov 2024 15:15:53 GMT
content-type
application/javascript
last-modified
Fri, 15 Nov 2024 19:19:19 GMT
server
cloudflare
vary
Accept-Encoding
wp-embed.min.js
www.tpbluemind.com/wp-includes/js/
1 KB
1 KB
Script
General
Full URL
https://www.tpbluemind.com/wp-includes/js/wp-embed.min.js?ver=5.7.12
Requested by
Host: www.tpbluemind.com
URL: https://www.tpbluemind.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:3860 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a482d2d94c0d1bc6937a1759389d01b475e6b28a0d9b5d7eaa3f9cc8f59f3cd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpbluemind.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"3301c17-5c6-5fbd158329580-gzip"
age
1115
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lzT544zJuzWGk%2BbX%2FdotDjsnhw1oM68BkxIbvIDWI%2BjSrgejERi3TPv4uVeka5CIJVSrhdGBu5jKZ5HiypvhE3C9XNQksYChptmIovWmotf%2BucVa%2FoyxJcB6%2BMomZG8xf9fWDO3wlhk0ZZFy68N9S%2BY%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=11165&sent=74&recv=47&lost=0&retrans=0&sent_bytes=72648&recv_bytes=8367&delivery_rate=497129&cwnd=24000&unsent_bytes=0&cid=15f28aed7196af2f&ts=673&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 21 Nov 2024 15:15:53 GMT
content-type
text/javascript
last-modified
Tue, 16 May 2023 15:37:10 GMT
vary
Accept-Encoding
priority
u=2,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e61a341ef93c46d-EWR
accept-ranges
bytes
content-length
804
server
cloudflare
a7444e8a87e7dbf4c1daaa6.js
cdn.rlets.com/capture_configs/d61/12f/1dd/
181 KB
43 KB
Script
General
Full URL
https://cdn.rlets.com/capture_configs/d61/12f/1dd/a7444e8a87e7dbf4c1daaa6.js?ver=5.7.12
Requested by
Host: www.tpbluemind.com
URL: https://www.tpbluemind.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2141:5c00:6:9a19:88c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
409875ce10d87c3166980db4836c22c09d2a98c8a9e3187860eb8405db4a0207
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpbluemind.com/

Response headers

x-request-id
f52d4ab050180550934d023fb6615c2c
content-encoding
br
etag
W/"409875ce10d87c3166980db4836c22c0"
age
3282
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
LtCbiaY8HGDDcRwguGxRSfxhRkSrmswICFNU-cXM3tyrIzXzvecZeg==
date
Thu, 21 Nov 2024 14:21:11 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
x-runtime
0.112999
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
via
1.1 37c23a320daf1957772cba43d1a5bde0.cloudfront.net (CloudFront)
x-xss-protection
1; mode=block
x-amz-cf-pop
JFK50-P10
wp-emoji-release.min.js
www.tpbluemind.com/wp-includes/js/
14 KB
5 KB
Script
General
Full URL
https://www.tpbluemind.com/wp-includes/js/wp-emoji-release.min.js?ver=5.7.12
Requested by
Host: www.tpbluemind.com
URL: https://www.tpbluemind.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:3860 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpbluemind.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"3301ef4-3795-5b83cfce57d00-gzip"
age
1115
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zahsAz%2Fbc6DBIQoUutwYxYLNsBK%2FsDMxgEQw5QffZsm4XDlbjSLHWaAEXCCO3sW6ClKoQfKlllRq3BVzZYQYXgwc3wI%2FViZWpjAeGejsALJ3V4oCD6meXtay66BEQCnCvPrKZtGdZLeapHcN7PDrokw%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=11622&sent=69&recv=45&lost=0&retrans=0&sent_bytes=67165&recv_bytes=8279&delivery_rate=186808&cwnd=24000&unsent_bytes=0&cid=15f28aed7196af2f&ts=662&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 21 Nov 2024 15:15:53 GMT
content-type
text/javascript
last-modified
Wed, 06 Jan 2021 15:29:24 GMT
vary
Accept-Encoding
priority
u=3,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e61a341ef96c46d-EWR
accept-ranges
bytes
content-length
4662
server
cloudflare
css
fonts.googleapis.com/
18 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato:300,400,400i,700,700i,900,900i|Montserrat:300,400,400i,500,700,800,900
Requested by
Host: www.tpbluemind.com
URL: https://www.tpbluemind.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
cdb5ec55cbddef95e6166a9eccfbd35aa3bfbb2debc9c421a99d03b4eac44b0f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpbluemind.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Thu, 21 Nov 2024 15:15:53 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 21 Nov 2024 15:15:53 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Thu, 21 Nov 2024 15:15:53 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
jquery-3.3.1.min.js
www.tpbluemind.com/wp-content/themes/bluemind/js/
85 KB
30 KB
Script
General
Full URL
https://www.tpbluemind.com/wp-content/themes/bluemind/js/jquery-3.3.1.min.js
Requested by
Host: www.tpbluemind.com
URL: https://www.tpbluemind.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:3860 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d30b6114fb9496ae46b2a8cdf59379c8ffdb957534bd1dd73e626c7c61c7e67d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpbluemind.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"39c277f-1538f-5c29a8396bf00-gzip"
age
1115
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Pf9aAstU7Sie4TQ4DaiKFMG694SvFl0dbAxyZbgb5cP4yx2wOzrLFctIYYdo9g5w4%2FbXI%2B%2B1jF5YOuSLqqh9wVh8ZxCmvyfEuaq6S05wkyMgiPXl1mgWG%2FNQD0LpJ2mNwZS9s1KDPy1e9w8KdJtGj3I%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=10468&sent=78&recv=67&lost=0&retrans=0&sent_bytes=74254&recv_bytes=15569&delivery_rate=199815&cwnd=24000&unsent_bytes=0&cid=15f28aed7196af2f&ts=721&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 21 Nov 2024 15:15:53 GMT
content-type
text/javascript
last-modified
Tue, 18 May 2021 13:16:12 GMT
vary
Accept-Encoding
priority
u=3,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e61a3424847c46d-EWR
accept-ranges
bytes
content-length
30309
server
cloudflare
arrow-down-menu.png
www.tpbluemind.com/wp-content/themes/bluemind/images/layout/
397 B
1 KB
Image
General
Full URL
https://www.tpbluemind.com/wp-content/themes/bluemind/images/layout/arrow-down-menu.png
Requested by
Host: www.tpbluemind.com
URL: https://www.tpbluemind.com/wp-content/themes/bluemind/style.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:3860 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d37ca84e1a849bdcb0eec991611938a1d9817965ea3580c64eca00c03c67361

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpbluemind.com/wp-content/themes/bluemind/style.min.css

Response headers

cf-cache-status
HIT
etag
"3882416-18d-5c29a894f9700"
age
1101
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wWUd%2B1x3EUxeqnxMeTduIwc3dOXbWnNvhTWCVxDrPHl6qK7QoDjzLJE3a8kbZzhV07eGmAnsq%2BgxoLW2n5T3%2B6aoQFJO3cH%2FbmSb8zFtVcapk6jlhgQtUKUkyhndSSqywvJWLlclABuHX9T0%2FJYP5Tc%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=8930&sent=257&recv=88&lost=0&retrans=0&sent_bytes=281131&recv_bytes=16504&delivery_rate=4010203&cwnd=110400&unsent_bytes=0&cid=15f28aed7196af2f&ts=760&x=1", cfExtPri, cfHdrFlush;dur=1
date
Thu, 21 Nov 2024 15:15:53 GMT
content-type
image/png
last-modified
Tue, 18 May 2021 13:17:48 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e61a342585fc46d-EWR
accept-ranges
bytes
content-length
397
server
cloudflare
menu-arrow-downl-lang.png
www.tpbluemind.com/wp-content/themes/bluemind/images/layout/
354 B
1 KB
Image
General
Full URL
https://www.tpbluemind.com/wp-content/themes/bluemind/images/layout/menu-arrow-downl-lang.png
Requested by
Host: www.tpbluemind.com
URL: https://www.tpbluemind.com/wp-content/themes/bluemind/style.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:3860 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f04ad1f2466d59f7376b68ce897024d97cfef316b4a53111146c2f447a63059

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpbluemind.com/wp-content/themes/bluemind/style.min.css

Response headers

cf-cache-status
HIT
etag
"388242b-162-5c29a897d5dc0"
age
1101
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OKEs%2BN9XCfNqC3cPGeGvSmoOfp5HW8EvpqlTxKbMYfQd%2BVFPgrVWhkEnJOxITo5u0VH%2BQQcVpoPlwfNa0YoP%2FSGCXyyAsCYQO5Q4%2BFOwEQ3O4UhwYpdg8YZqXs8MzoFq00iIOELsA9zZXrC06obNvmE%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=8905&sent=148&recv=81&lost=0&retrans=0&sent_bytes=155147&recv_bytes=16185&delivery_rate=1069679&cwnd=48000&unsent_bytes=0&cid=15f28aed7196af2f&ts=743&x=1", cfExtPri, cfHdrFlush;dur=1
date
Thu, 21 Nov 2024 15:15:53 GMT
content-type
image/png
last-modified
Tue, 18 May 2021 13:17:51 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e61a3425866c46d-EWR
accept-ranges
bytes
content-length
354
server
cloudflare
BLUE001-site-banners-26.png
www.tpbluemind.com/wp-content/uploads/2018/12/
1 KB
2 KB
Image
General
Full URL
https://www.tpbluemind.com/wp-content/uploads/2018/12/BLUE001-site-banners-26.png
Requested by
Host: www.tpbluemind.com
URL: https://www.tpbluemind.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:3860 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8c6127c316b7143d2d76303081a9b66c8257202b0b62059c6ba88894ddd86f3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpbluemind.com/

Response headers

cf-cache-status
HIT
etag
"3a823f5-5ab-5c29aa21b3f00"
age
1115
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9OmMR0Yp2HXXcaq%2FaGi6Q4iD1%2F2iMRZOF7%2FtOgpoP8qFrg50c3pe7NRNiYdbPDKzYab3%2By6Q8xwJrVJpu5SHfcYJqtSadIENYjTc2JRGdOE4e5Y1VqpK%2B2BAKvTKIcQrnCMj81TouiLjNJ3s10LpUzU%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=9331&sent=105&recv=77&lost=0&retrans=0&sent_bytes=105947&recv_bytes=16009&delivery_rate=596793&cwnd=48000&unsent_bytes=0&cid=15f28aed7196af2f&ts=732&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 21 Nov 2024 15:15:53 GMT
content-type
image/png
last-modified
Tue, 18 May 2021 13:24:44 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e61a342586ec46d-EWR
accept-ranges
bytes
content-length
1451
server
cloudflare
BLUE001-site-banners-01.jpg
www.tpbluemind.com/wp-content/uploads/2018/12/
520 KB
521 KB
Image
General
Full URL
https://www.tpbluemind.com/wp-content/uploads/2018/12/BLUE001-site-banners-01.jpg
Requested by
Host: www.tpbluemind.com
URL: https://www.tpbluemind.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:3860 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34b9c88657013ec37382ac9afc82284694737ced783adc18315f29a38cd60a5a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpbluemind.com/

Response headers

cf-cache-status
HIT
etag
"3a823c6-81eef-5c29aa1cef3c0"
age
1115
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AccGuP0sDXn%2Bascg3CfTBWv81Sq8IQgiOaBt9eiimpcaIVr78nMXNLrTGAXXl%2F6Q9FHxhRtG%2FtWqetQi3eJnIbckNVRcPKjhrRZDWUIcztdnHAow17Waw5PvoCWc%2Fqvyay3vkjgT05fuPdFoIk3rJAk%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=8930&sent=257&recv=88&lost=0&retrans=0&sent_bytes=281131&recv_bytes=16504&delivery_rate=4010203&cwnd=110400&unsent_bytes=0&cid=15f28aed7196af2f&ts=756&x=1", cfExtPri, cfHdrFlush;dur=5
date
Thu, 21 Nov 2024 15:15:53 GMT
content-type
image/jpeg
last-modified
Tue, 18 May 2021 13:24:39 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e61a3425876c46d-EWR
accept-ranges
bytes
content-length
532207
server
cloudflare
img-bloco1-1.png
www.tpbluemind.com/wp-content/themes/bluemind/images/layout/
54 KB
54 KB
Image
General
Full URL
https://www.tpbluemind.com/wp-content/themes/bluemind/images/layout/img-bloco1-1.png
Requested by
Host: www.tpbluemind.com
URL: https://www.tpbluemind.com/wp-content/themes/bluemind/style.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:3860 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f250001b4975e8e02394440d20f0861e04fc11418ae6da4385c0c6852a5165b3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpbluemind.com/wp-content/themes/bluemind/style.min.css

Response headers

cf-cache-status
HIT
etag
"3882421-d610-5c29a896e1b80"
age
1115
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=usc%2Fs0kjIPRr2sQYsxoyLDfRGb5qKQ3Gesiqn9B3PLRDiorOR8epNeP21nbbG1mn9T5DFrQYFXzDgbMWq5lLDmTqC0sFTkhuoL3HFb6dVC4xTFa%2FPZ7pbjj%2FcCSAUcvrx5wfYdrQawQWNgeTekJfaY8%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=9016&sent=114&recv=80&lost=0&retrans=0&sent_bytes=115531&recv_bytes=16141&delivery_rate=866040&cwnd=48000&unsent_bytes=0&cid=15f28aed7196af2f&ts=740&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 21 Nov 2024 15:15:53 GMT
content-type
image/png
last-modified
Tue, 18 May 2021 13:17:50 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e61a342587dc46d-EWR
accept-ranges
bytes
content-length
54800
server
cloudflare
img-bloco1-2.png
www.tpbluemind.com/wp-content/themes/bluemind/images/layout/
4 KB
4 KB
Image
General
Full URL
https://www.tpbluemind.com/wp-content/themes/bluemind/images/layout/img-bloco1-2.png
Requested by
Host: www.tpbluemind.com
URL: https://www.tpbluemind.com/wp-content/themes/bluemind/style.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:3860 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4560ee01a642e6f139fc344b7853faa63c38ba01c55a54384b6eaf78f9800101

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpbluemind.com/wp-content/themes/bluemind/style.min.css

Response headers

cf-cache-status
MISS
etag
"3882422-ea2-5c29a8921d040"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VLL5bRxe9rLtiicUg08tAcfFn9C28Uh9rCLTuYElCIdqbs%2B3Nq%2F0xMCG%2BySYJPln%2BrSbcJ77C6CAiuvN%2BBATYPGpdu0LHlAR37gZEbigggU46VrlWR23EtrYEumwWN%2B6R%2Bwkj4GJ4IutF%2FNkKeswGyo%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=12637&sent=1885&recv=241&lost=269&retrans=269&sent_bytes=2213621&recv_bytes=24879&delivery_rate=96699&cwnd=482999&unsent_bytes=0&cid=15f28aed7196af2f&ts=1019&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 21 Nov 2024 15:15:53 GMT
content-type
image/png
last-modified
Tue, 18 May 2021 13:17:45 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e61a3425883c46d-EWR
accept-ranges
bytes
content-length
3746
server
cloudflare
img-bloco2.jpg
www.tpbluemind.com/wp-content/uploads/2018/12/
457 KB
457 KB
Image
General
Full URL
https://www.tpbluemind.com/wp-content/uploads/2018/12/img-bloco2.jpg
Requested by
Host: www.tpbluemind.com
URL: https://www.tpbluemind.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:3860 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4e45068dd4f8d338e11f06545166436329782bd337c1cdd347a26256480a78f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpbluemind.com/

Response headers

cf-cache-status
HIT
etag
"3a82400-72243-5c29aa07f4240"
age
1115
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OxrxWpJufKSE1ky6XrbFm3HekZhaGB3v%2B5tjZs06n%2F9%2FoPTvetCSBr1Tk5eduhENjaVWwmpoa6Pdn9F6xu6GLRdsOpyAMoWOciIMTRLeLn%2F6pWn2aiYlXbLdkMwI5c4TZaBlCqnPh15WTypODsA7dew%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=9733&sent=426&recv=97&lost=0&retrans=0&sent_bytes=481410&recv_bytes=16909&delivery_rate=11841589&cwnd=205200&unsent_bytes=0&cid=15f28aed7196af2f&ts=766&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 21 Nov 2024 15:15:53 GMT
content-type
image/jpeg
last-modified
Tue, 18 May 2021 13:24:17 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e61a342588cc46d-EWR
accept-ranges
bytes
content-length
467523
server
cloudflare
img-bloco3-1.png
www.tpbluemind.com/wp-content/themes/bluemind/images/layout/
22 KB
22 KB
Image
General
Full URL
https://www.tpbluemind.com/wp-content/themes/bluemind/images/layout/img-bloco3-1.png
Requested by
Host: www.tpbluemind.com
URL: https://www.tpbluemind.com/wp-content/themes/bluemind/style.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:3860 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f6ab6ec88ae3d1887bc4232aadad0d549dde1008736b0586f8841579f5b66e4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpbluemind.com/wp-content/themes/bluemind/style.min.css

Response headers

cf-cache-status
HIT
etag
"3882424-5692-5c29a89ab2480"
age
1115
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PUdG0PMPhuu5MBpyYubB0psEwZdtMMTTODAdi0PnVX6fDvgYvuw9%2BEvohquKUvp5GbxpFZCQJVxCANfeiIFPmQNhrr4lnb5zJGT3Y%2FIXT4FfpvHvjhdcoLes3NoeaIqVq7H06XbZIditlpbGyoV5nHU%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=8930&sent=257&recv=88&lost=0&retrans=0&sent_bytes=281131&recv_bytes=16504&delivery_rate=4010203&cwnd=110400&unsent_bytes=0&cid=15f28aed7196af2f&ts=757&x=1", cfExtPri, cfHdrFlush;dur=4
date
Thu, 21 Nov 2024 15:15:53 GMT
content-type
image/png
last-modified
Tue, 18 May 2021 13:17:54 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e61a3425890c46d-EWR
accept-ranges
bytes
content-length
22162
server
cloudflare
img-bloco3-2.png
www.tpbluemind.com/wp-content/themes/bluemind/images/layout/
13 KB
14 KB
Image
General
Full URL
https://www.tpbluemind.com/wp-content/themes/bluemind/images/layout/img-bloco3-2.png
Requested by
Host: www.tpbluemind.com
URL: https://www.tpbluemind.com/wp-content/themes/bluemind/style.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:3860 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
104114a1e0627902752996e93273f579300551acbf06b78c153d11af9976d239

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpbluemind.com/wp-content/themes/bluemind/style.min.css

Response headers

cf-cache-status
MISS
etag
"3882425-3354-5c29a898ca000"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8KXB5j0zTOBSPgy6WegsUU%2F22x%2Be79zouk6qRQDieLcG3XMEfHdNlp3FQKFzN8U84GDBy2Yn9fVXwllBkhzaoTHOX%2Fv%2B3%2BWTXkJ4EJsNKJG%2BKXn2YDUunvUKdWeyy%2FCy1bKm7npO4h8Jl9v4q0V0UR8%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=12637&sent=1873&recv=241&lost=269&retrans=269&sent_bytes=2199490&recv_bytes=24879&delivery_rate=96699&cwnd=482999&unsent_bytes=0&cid=15f28aed7196af2f&ts=1015&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 21 Nov 2024 15:15:53 GMT
content-type
image/png
last-modified
Tue, 18 May 2021 13:17:52 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e61a3425896c46d-EWR
accept-ranges
bytes
content-length
13140
server
cloudflare
img-bloco4.png
www.tpbluemind.com/wp-content/uploads/2018/12/
360 KB
361 KB
Image
General
Full URL
https://www.tpbluemind.com/wp-content/uploads/2018/12/img-bloco4.png
Requested by
Host: www.tpbluemind.com
URL: https://www.tpbluemind.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:3860 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2a2a0dbe1448acfa3815c14e9c04c63115e5b2bc5ed5e433d16a91955c092e9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpbluemind.com/

Response headers

cf-cache-status
HIT
etag
"3a82404-5a166-5c29aa0cb8d80"
age
1115
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t2Bc3htyLZ630ppQMjtU%2BcYJP2F%2FU59i%2Bl22MkSV%2BxHObu8o84hBLpEzysO9297Hl08Xd28zkhzfINzFFJ1SyabodHmJ2d17vj6TmTMZnHg37z5bgotwb9UIn7%2BkstUWYQth25Jra6ryB6KHyyWMqDQ%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=9061&sent=168&recv=85&lost=0&retrans=0&sent_bytes=177680&recv_bytes=16363&delivery_rate=4247500&cwnd=91200&unsent_bytes=0&cid=15f28aed7196af2f&ts=751&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 21 Nov 2024 15:15:53 GMT
content-type
image/png
last-modified
Tue, 18 May 2021 13:24:22 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e61a3425899c46d-EWR
accept-ranges
bytes
content-length
368998
server
cloudflare
BLUE001-site-banners-13.png
www.tpbluemind.com/wp-content/uploads/2018/12/
6 KB
7 KB
Image
General
Full URL
https://www.tpbluemind.com/wp-content/uploads/2018/12/BLUE001-site-banners-13.png
Requested by
Host: www.tpbluemind.com
URL: https://www.tpbluemind.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:3860 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
307bfe93ae3b33019e77daafae4e486a249c454d273d99f960a8e04d8a570c63

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpbluemind.com/

Response headers

cf-cache-status
HIT
etag
"3a823e2-1998-5c29aa2c317c0"
age
1115
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EP8c3IWzQowm%2F7emNYjmBN0W2uHqCVk4h8LMxdn505WVV14iyQRtsSOUZzyBGAj5mojHgiIVYRFblQx5WubTrz54vOvTyb8mUgoP6NTXYxlcV81c%2FZzDwuayB%2F4uc1KbtncBe1cd3IzFekATAmQo2t4%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=9331&sent=107&recv=77&lost=0&retrans=0&sent_bytes=108126&recv_bytes=16009&delivery_rate=596793&cwnd=48000&unsent_bytes=0&cid=15f28aed7196af2f&ts=733&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 21 Nov 2024 15:15:53 GMT
content-type
image/png
last-modified
Tue, 18 May 2021 13:24:55 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e61a34258a0c46d-EWR
accept-ranges
bytes
content-length
6552
server
cloudflare
pic-bloco-4-1.png
www.tpbluemind.com/wp-content/uploads/2018/12/
2 KB
3 KB
Image
General
Full URL
https://www.tpbluemind.com/wp-content/uploads/2018/12/pic-bloco-4-1.png
Requested by
Host: www.tpbluemind.com
URL: https://www.tpbluemind.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:3860 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9aeb052e450d117745f421bf981e3a8265c901cceecf5a6674f24e8a4dd10e14

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpbluemind.com/

Response headers

cf-cache-status
HIT
etag
"3a82414-9d7-5c29aa31ea540"
age
1115
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=inaOWdgfb5Ij8i6M9S982enYqZmocTnOwkVLISdSRoQHFTBJ1rikD3bmAUOv0OxWc%2B0JCT3TexoK9qvuLay4BWnsCKFB%2Bh0iT16KyqkWyKINWLpdsuscPfCMaBmK7c9ND41UcfKSGwRw4PV8Jf6BKPk%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=9016&sent=124&recv=80&lost=0&retrans=0&sent_bytes=127531&recv_bytes=16141&delivery_rate=866040&cwnd=48000&unsent_bytes=0&cid=15f28aed7196af2f&ts=741&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 21 Nov 2024 15:15:53 GMT
content-type
image/png
last-modified
Tue, 18 May 2021 13:25:01 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e61a34258a4c46d-EWR
accept-ranges
bytes
content-length
2519
server
cloudflare
pic-bloco-4-2.png
www.tpbluemind.com/wp-content/uploads/2018/12/
1 KB
2 KB
Image
General
Full URL
https://www.tpbluemind.com/wp-content/uploads/2018/12/pic-bloco-4-2.png
Requested by
Host: www.tpbluemind.com
URL: https://www.tpbluemind.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:3860 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abb4a09cae105a39509acabb97bd6d21faff48bb0b6d490e6d6597068010ebc1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpbluemind.com/

Response headers

cf-cache-status
HIT
etag
"3a82415-58e-5c29aa1459f80"
age
1115
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UhK2X6yMW7crE9D48ogMAynt1HmewRsbQaPmeiBWcX2skGO1gFVu0rbrJGfeZR%2FroUrlMrVr9DjXAdxcxM8%2FdKdHTzMKSo1zAicAewbYK3gRRGQqYBjhsIuv5BcKN%2Bt02zyXRBOIYA2p8Ru3PqALP7E%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=9061&sent=162&recv=85&lost=0&retrans=0&sent_bytes=170731&recv_bytes=16363&delivery_rate=4247500&cwnd=91200&unsent_bytes=0&cid=15f28aed7196af2f&ts=750&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 21 Nov 2024 15:15:53 GMT
content-type
image/png
last-modified
Tue, 18 May 2021 13:24:30 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e61a34258a6c46d-EWR
accept-ranges
bytes
content-length
1422
server
cloudflare
BLUE001-site-banners-14.png
www.tpbluemind.com/wp-content/uploads/2018/12/
8 KB
9 KB
Image
General
Full URL
https://www.tpbluemind.com/wp-content/uploads/2018/12/BLUE001-site-banners-14.png
Requested by
Host: www.tpbluemind.com
URL: https://www.tpbluemind.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:3860 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21015a24b2fde5fa5d321d9cd6671e0b6ac097df8b73b6513db06be0c8ab31d6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpbluemind.com/

Response headers

cf-cache-status
HIT
etag
"3a823e5-20c6-5c29aa0517b80"
age
1115
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vSx%2F2OkkvRSYHQ7KYN1fU8Pp4svjj6Tl2unH%2FfJ4J23pCAwZyQwM8Q8EJMs8NZNwfz%2FUC0sdElIVkSNRNOIOnEVhga8SwhEpEcy%2B7zRWXksFkBY2rzLIvL7y2vSbpstnkBvUsqxDWQTGo3FWmJ5V5BE%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=9675&sent=260&recv=96&lost=0&retrans=0&sent_bytes=284636&recv_bytes=16864&delivery_rate=10568070&cwnd=205200&unsent_bytes=0&cid=15f28aed7196af2f&ts=762&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 21 Nov 2024 15:15:53 GMT
content-type
image/png
last-modified
Tue, 18 May 2021 13:24:14 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e61a34258a8c46d-EWR
accept-ranges
bytes
content-length
8390
server
cloudflare
BLUE001-site-banners-17.png
www.tpbluemind.com/wp-content/uploads/2018/12/
5 KB
5 KB
Image
General
Full URL
https://www.tpbluemind.com/wp-content/uploads/2018/12/BLUE001-site-banners-17.png
Requested by
Host: www.tpbluemind.com
URL: https://www.tpbluemind.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:3860 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fc2e938622c7684de67e779e0793a26d6198766db5b12449a918adb51e2a4cc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpbluemind.com/

Response headers

cf-cache-status
HIT
etag
"3a823ee-124f-5c29aa2e19c40"
age
1115
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Mom6Rt0e2JvefEGm%2BHcB%2FtFFe6vYIMHDOBuld7sq8UgU7iMLEq0%2FkFs5lApUY%2BU6EuqjcyC40a%2FFCqY6hA8x%2BAKhrfoRD8VHftuf7sWLOvmZPLBIwwui550kV2QKXtYdMTu9cyD9kGvTk3aVqwMm%2FbE%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=9061&sent=214&recv=85&lost=0&retrans=0&sent_bytes=232503&recv_bytes=16363&delivery_rate=4247500&cwnd=91200&unsent_bytes=0&cid=15f28aed7196af2f&ts=752&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 21 Nov 2024 15:15:53 GMT
content-type
image/png
last-modified
Tue, 18 May 2021 13:24:57 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e61a34258abc46d-EWR
accept-ranges
bytes
content-length
4687
server
cloudflare
BLUE001-site-banners-15.png
www.tpbluemind.com/wp-content/uploads/2018/12/
3 KB
3 KB
Image
General
Full URL
https://www.tpbluemind.com/wp-content/uploads/2018/12/BLUE001-site-banners-15.png
Requested by
Host: www.tpbluemind.com
URL: https://www.tpbluemind.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:3860 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea76030fb6711913e35a6157a1fb3bb7062373a004c97df128871bf3beeb80b1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpbluemind.com/

Response headers

cf-cache-status
HIT
etag
"3a823e8-a22-5c29aa0053040"
age
1115
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vsYRltBi2Pq9KJYqNMGI2lO8e9U9qt%2BwPhhm%2F03Nb9ChSB7Fm%2BS%2F5HE9b4tzvjKswzCNeWheLR6DJE9PaeqGnVWCZF0VIMS5DViCU4dOCVI%2FX4exlxrX05twg%2BbHVsOqEjqEL8fNN2l7ncaLJW1BpYU%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=8896&sent=162&recv=82&lost=0&retrans=0&sent_bytes=170731&recv_bytes=16230&delivery_rate=2078135&cwnd=55200&unsent_bytes=0&cid=15f28aed7196af2f&ts=746&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 21 Nov 2024 15:15:53 GMT
content-type
image/png
last-modified
Tue, 18 May 2021 13:24:09 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e61a34258adc46d-EWR
accept-ranges
bytes
content-length
2594
server
cloudflare
BLUE001-site-banners-16.png
www.tpbluemind.com/wp-content/uploads/2018/12/
12 KB
13 KB
Image
General
Full URL
https://www.tpbluemind.com/wp-content/uploads/2018/12/BLUE001-site-banners-16.png
Requested by
Host: www.tpbluemind.com
URL: https://www.tpbluemind.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:3860 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3062baa878b844b05e8014525674115d069aa9b849531e0bcd646d2dba0dfed6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpbluemind.com/

Response headers

cf-cache-status
HIT
etag
"3a823eb-2ff4-5c29aa1bfb180"
age
1115
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BNP1OBT5T4UTs4%2FZQOPZC2EThXJAUpJwD7j0UbKRddbq1pBkLo5FTHMqbBrpWXJ3nb5sq7zkGfZ2pozU5MGswlgC%2FoI4Whuk7BbDskaCtqJJqIgfGxTKq8ppp5tMbN46%2BPMc3scXxg8wGkp3uRhONFM%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=9061&sent=223&recv=85&lost=0&retrans=0&sent_bytes=242402&recv_bytes=16363&delivery_rate=4247500&cwnd=91200&unsent_bytes=0&cid=15f28aed7196af2f&ts=752&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 21 Nov 2024 15:15:53 GMT
content-type
image/png
last-modified
Tue, 18 May 2021 13:24:38 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e61a34258b1c46d-EWR
accept-ranges
bytes
content-length
12276
server
cloudflare
img-post-call-3.png
www.tpbluemind.com/wp-content/uploads/2018/11/
201 KB
201 KB
Image
General
Full URL
https://www.tpbluemind.com/wp-content/uploads/2018/11/img-post-call-3.png
Requested by
Host: www.tpbluemind.com
URL: https://www.tpbluemind.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:3860 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5f5228964e1caa5d3baa7b2007a524c6390c9f953a34abda5685c01c3f5f208

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpbluemind.com/

Response headers

cf-cache-status
HIT
etag
"3a823b7-32271-5c29a9fa9a2c0"
age
1115
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BVRTUJT%2Bbp6te1wod5EZHNHp0s%2FMjKRWI3eA4sEuY7qLrB0LJujHSG%2FA6imt6UzgYyjrZedGf7fkW%2BM6tLzR8qJsXknH1fjjntwQzC0ZjhmU%2FHXz2q4lVjtAKzdMvlffAF%2BBfGm60%2BIo5buUTebcfC8%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=8930&sent=257&recv=88&lost=0&retrans=0&sent_bytes=281131&recv_bytes=16504&delivery_rate=4010203&cwnd=110400&unsent_bytes=0&cid=15f28aed7196af2f&ts=757&x=1", cfExtPri, cfHdrFlush;dur=4
date
Thu, 21 Nov 2024 15:15:53 GMT
content-type
image/png
last-modified
Tue, 18 May 2021 13:24:03 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e61a34258b5c46d-EWR
accept-ranges
bytes
content-length
205425
server
cloudflare
fontawesome-all.min.css
www.tpbluemind.com/wp-content/themes/bluemind/css/font-awesome/css/
40 KB
9 KB
Stylesheet
General
Full URL
https://www.tpbluemind.com/wp-content/themes/bluemind/css/font-awesome/css/fontawesome-all.min.css
Requested by
Host: www.tpbluemind.com
URL: https://www.tpbluemind.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:3860 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43730866612149a27f49159d7c4f19185c8694bb91bf41abc884a6fe1346e96e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpbluemind.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"37a22c4-a069-5c29a88c642c0-gzip"
age
1115
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dbVTbpOzB7xLj3%2BAESLdua6cbEjGLw1PB%2Bs%2FtY7J84FBJzHvEEB88cYfABrWVivGj61%2BM4HLyBnKExdrvKO4M34fsZDpwaYsGB%2B3RSZbFvzXZ5WXjnqNmFk8E%2BooqakCBBu3QAiMiqcm4Dh4HBpold0%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=17596&sent=1575&recv=204&lost=0&retrans=0&sent_bytes=1848724&recv_bytes=22322&delivery_rate=28912254&cwnd=690000&unsent_bytes=0&cid=15f28aed7196af2f&ts=816&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 21 Nov 2024 15:15:53 GMT
content-type
text/css
last-modified
Tue, 18 May 2021 13:17:39 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e61a342d986c46d-EWR
accept-ranges
bytes
content-length
9000
server
cloudflare
bootstrap.min.js
www.tpbluemind.com/wp-content/themes/bluemind/js/
36 KB
10 KB
Script
General
Full URL
https://www.tpbluemind.com/wp-content/themes/bluemind/js/bootstrap.min.js
Requested by
Host: www.tpbluemind.com
URL: https://www.tpbluemind.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:3860 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpbluemind.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"39c277b-90b5-5c29a83b54380-gzip"
age
1114
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LzHM4eg1c0xO9aOaqJijCV3e4OK9Mh7zQu1Oq2TONAzAlRJOtzjUb24zyTLkO2BgNGb1Ub80xVhx%2BDUZeBwH1uEuufyoqcv3eOBwfZV90FcNOb4iIfm3tkutazsEnK2XAldXCNr3cJa1kjQ87EYzzc8%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=12693&sent=1852&recv=220&lost=269&retrans=269&sent_bytes=2179222&recv_bytes=23088&delivery_rate=13640250&cwnd=482999&unsent_bytes=0&cid=15f28aed7196af2f&ts=830&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 21 Nov 2024 15:15:53 GMT
content-type
text/javascript
last-modified
Tue, 18 May 2021 13:16:14 GMT
vary
Accept-Encoding
priority
u=3,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e61a342e99ec46d-EWR
accept-ranges
bytes
content-length
9833
server
cloudflare
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v29/
37 KB
37 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v29/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,400i,700,700i,900,900i|Montserrat:300,400,400i,500,700,800,900
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fdc9964050bfa24c27a3c76c6791b3674292a5f352cbc83d7a4dc49595bc3fb1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.tpbluemind.com
Referer
https://fonts.googleapis.com/

Response headers

age
510236
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 15 Nov 2025 17:31:57 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 15 Nov 2024 17:31:57 GMT
last-modified
Wed, 06 Nov 2024 17:30:37 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
37828
x-xss-protection
0
server
sffe
owl.carousel.min.css
www.tpbluemind.com/wp-content/themes/bluemind/css/
61 KB
6 KB
Stylesheet
General
Full URL
https://www.tpbluemind.com/wp-content/themes/bluemind/css/owl.carousel.min.css
Requested by
Host: www.tpbluemind.com
URL: https://www.tpbluemind.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:3860 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
152544e1121437d0e10644797d0a407cafe97675f0ba7aaa4831a05535b4be28

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpbluemind.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"37a22e9-f33c-5c29a86ceb880-gzip"
age
1114
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qHxb99RlTcnD214L6WdZ9LCTEhl4VEwBnCHNf4LiJ5teHV50InuXWIPLwIgboLFUXXDBL59JFG0fU2YWmibOMe8qZB4YvXlGUluJBQzCIbSi%2FT9c%2FtfUauXWDAgxiT3D37pqHd7l%2B8qITmGh3UQOIN8%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=13977&sent=1862&recv=237&lost=269&retrans=269&sent_bytes=2190015&recv_bytes=24195&delivery_rate=12978355&cwnd=482999&unsent_bytes=0&cid=15f28aed7196af2f&ts=876&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 21 Nov 2024 15:15:53 GMT
content-type
text/css
last-modified
Tue, 18 May 2021 13:17:06 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e61a3433a42c46d-EWR
accept-ranges
bytes
content-length
5244
server
cloudflare
storage.html
d6112f1d-da74-44e8-a87e-7dbf4c1daaa6.rlets.com/static/ Frame 18D0
0
0
Document
General
Full URL
https://d6112f1d-da74-44e8-a87e-7dbf4c1daaa6.rlets.com/static/storage.html
Requested by
Host: cdn.rlets.com
URL: https://cdn.rlets.com/capture_configs/d61/12f/1dd/a7444e8a87e7dbf4c1daaa6.js?ver=5.7.12
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.168.224.78 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
78.224.168.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.tpbluemind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

content-length
2056
content-type
text/html
date
Thu, 21 Nov 2024 15:15:53 GMT
last-modified
Thu, 17 Oct 2024 15:04:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains
jquery.touchSwipe.min.js
cdnjs.cloudflare.com/ajax/libs/jquery.touchswipe/1.6.4/
10 KB
4 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery.touchswipe/1.6.4/jquery.touchSwipe.min.js
Requested by
Host: www.tpbluemind.com
URL: https://www.tpbluemind.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f1fd15468d0c38328697d2c9972b88377ba881d458e32bb58d71b5f8a9ea183
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpbluemind.com/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"5eb03ec4-2985"
age
78471
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=neCDMiQ%2Bdw5i%2Bc9xMfxoGZPVbiQqCbtBwNhKo2W52%2BVhjSPO%2FslZupdcphpY%2F9kVE7Qzkr0tKe0S%2Fadjvm0TLpkRIwtVeyxU1c6YQxRW3EVBa5cWSBAOAR0eIv7tfqsXFl0J3PegdiVS1J3yK9I7GNMi"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Tue, 11 Nov 2025 15:15:53 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 21 Nov 2024 15:15:53 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 04 May 2020 16:11:48 GMT
vary
Accept-Encoding
priority
u=3,i=?0
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8e61a343ca2c7ce4-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
3187
server
cloudflare
jquery.mask.min.js
www.tpbluemind.com/wp-content/themes/bluemind/js/
6 KB
3 KB
Script
General
Full URL
https://www.tpbluemind.com/wp-content/themes/bluemind/js/jquery.mask.min.js
Requested by
Host: www.tpbluemind.com
URL: https://www.tpbluemind.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:3860 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0b459b097599b025f9bb24f96f40fe5a12d591d47cf0de82564920240099fcc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpbluemind.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"39c2780-1737-5c29a83b54380-gzip"
age
1113
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s3Ik1IWJGZEcH%2BUfOrheUAxPrPx2%2BzQFJnxY6%2F6OXFH48K1aA4VoBRN9Jj9FepN%2BubPK6fb9%2BlB4hmeIaORV12O1nrhpPRaPSdY47aJEfC4h22av2wa3%2FbvDxkuHq1%2BVxK83Iv3gyZI1uG0bR%2FNPLKw%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=13259&sent=1869&recv=239&lost=269&retrans=269&sent_bytes=2196131&recv_bytes=24537&delivery_rate=585094&cwnd=482999&unsent_bytes=0&cid=15f28aed7196af2f&ts=978&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 21 Nov 2024 15:15:53 GMT
content-type
text/javascript
last-modified
Tue, 18 May 2021 13:16:14 GMT
vary
Accept-Encoding
priority
u=3,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e61a343fb66c46d-EWR
accept-ranges
bytes
content-length
2545
server
cloudflare
owl.carousel.min.js
www.tpbluemind.com/wp-content/themes/bluemind/js/
43 KB
12 KB
Script
General
Full URL
https://www.tpbluemind.com/wp-content/themes/bluemind/js/owl.carousel.min.js
Requested by
Host: www.tpbluemind.com
URL: https://www.tpbluemind.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:3860 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpbluemind.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"39c2782-ad36-5c29a8396bf00-gzip"
age
1113
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QXq8WJnh4B0h0Y8OGK07CVVDZ6eBcvimdBvRLL%2FUyDMbwh%2Bz81nR4gZpzucuoJWYzx0CVGQBARQeB9A1c4n9NO8vSWQuAjrDicLLhmfN52TC%2B0B44kKptCBvkekkGBnlDF36xyl%2FhLmWtJ2LMaQhm10%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=11539&sent=1889&recv=244&lost=269&retrans=269&sent_bytes=2218151&recv_bytes=25013&delivery_rate=645661&cwnd=482999&unsent_bytes=0&cid=15f28aed7196af2f&ts=1045&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 21 Nov 2024 15:15:53 GMT
content-type
text/javascript
last-modified
Tue, 18 May 2021 13:16:12 GMT
vary
Accept-Encoding
priority
u=3,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e61a3443bcac46d-EWR
accept-ranges
bytes
content-length
11412
server
cloudflare
custom.min.js
www.tpbluemind.com/wp-content/themes/bluemind/js/
11 KB
4 KB
Script
General
Full URL
https://www.tpbluemind.com/wp-content/themes/bluemind/js/custom.min.js?t=4
Requested by
Host: www.tpbluemind.com
URL: https://www.tpbluemind.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:3860 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98d337ae593eec2d62863521fd2e4270693a283fe076b5cfaadc26ea27dd0f07

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpbluemind.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"39c277e-2d47-5c2b4a4108080-gzip"
age
1112
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Xhui9IIqNwPi2pAQVsxA4i8291bB%2BJeCPVTMxFcMGAMrw6Rjm8TeYkEgqVaEGAY49CLUzUrYV4RpSKNcgpaDo%2BHbgGy2ApJwTieLQ24AbPuinAynEqOzHXeTxKBDorPHKipV13iC3YSYg8nZgCwZIqg%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=10809&sent=1901&recv=247&lost=269&retrans=269&sent_bytes=2230573&recv_bytes=25398&delivery_rate=1483295&cwnd=482999&unsent_bytes=0&cid=15f28aed7196af2f&ts=1092&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 21 Nov 2024 15:15:53 GMT
content-type
text/javascript
last-modified
Wed, 19 May 2021 20:26:26 GMT
vary
Accept-Encoding
priority
u=3,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e61a3449c88c46d-EWR
accept-ranges
bytes
content-length
3177
server
cloudflare
select2.min.js
www.tpbluemind.com/wp-content/themes/bluemind/js/select2/4.0.6/dist/js/
66 KB
20 KB
Script
General
Full URL
https://www.tpbluemind.com/wp-content/themes/bluemind/js/select2/4.0.6/dist/js/select2.min.js
Requested by
Host: www.tpbluemind.com
URL: https://www.tpbluemind.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:3860 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7dd05bfc68901dbb2c883a7bd65698c29b3917d61f0e12d1966dca14d5056c0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpbluemind.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"39e1dac-10964-5c29a83c485c0-gzip"
age
1112
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=al9Hsy3yvf6prSVbzFvzEA4GAxvyRaZ8cMxPJWUEkiDHv2294bTOIROb88UTp0f3WKYKmi1d9ArPD9%2B9IuldYTgc%2B3pqvGe4tcI4WYaDQ3z7fM6S%2FGWRs0rjOriokGFUFGUG0wAqATgx9X1jk%2F9%2FIYY%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=10502&sent=1907&recv=250&lost=269&retrans=269&sent_bytes=2234604&recv_bytes=25796&delivery_rate=2069&cwnd=482999&unsent_bytes=0&cid=15f28aed7196af2f&ts=1154&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 21 Nov 2024 15:15:53 GMT
content-type
text/javascript
last-modified
Tue, 18 May 2021 13:16:15 GMT
vary
Accept-Encoding
priority
u=3,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e61a344ed03c46d-EWR
accept-ranges
bytes
content-length
19405
server
cloudflare
originCountry
capture-api.reachlocalservices.com/
36 B
589 B
XHR
General
Full URL
https://capture-api.reachlocalservices.com/originCountry
Requested by
Host: cdn.rlets.com
URL: https://cdn.rlets.com/capture_configs/d61/12f/1dd/a7444e8a87e7dbf4c1daaa6.js?ver=5.7.12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.49.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-49-101.jfk52.r.cloudfront.net
Software
/
Resource Hash
9f4598a86a420a96418a5ab9e10a368fa49c379c2459637a219641b01536daf3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type
application/json
Referer
https://www.tpbluemind.com/

Response headers

x-amz-apigw-id
Bmk6pFJNPHcEmHg=
x-amzn-trace-id
Root=1-673f4eaa-67653b273f7dcd8f5b84e925;Parent=0b5806f251a5e801;Sampled=0;Lineage=1:a245b58f:0
access-control-allow-credentials
true
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
x-amzn-requestid
386c5d32-149f-4b02-9d4d-75d84dbf943b
via
1.1 83f903d51f378add519d351aa3b07052.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
36
x-amz-cf-id
t95W8_Liloz1aRi636Sk5kwxiRpU4W76rB69tXG90LGd35-Km6ombQ==
date
Thu, 21 Nov 2024 15:15:54 GMT
content-type
application/json
x-amz-cf-pop
JFK52-P3
access-control-allow-headers
Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With
originCountry
capture-api.reachlocalservices.com/ Frame
0
0
Preflight
General
Full URL
https://capture-api.reachlocalservices.com/originCountry
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.49.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-49-101.jfk52.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.tpbluemind.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
GET,OPTIONS
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Thu, 21 Nov 2024 15:15:53 GMT
via
1.1 83f903d51f378add519d351aa3b07052.cloudfront.net (CloudFront)
x-amz-apigw-id
Bmk6nFSLPHcEtQQ=
x-amz-cf-id
VfbwRnDLywQDopoz6SU3P5MAF_4YzLyupv4bjq5TCC7WczkT9wKB-Q==
x-amz-cf-pop
JFK52-P3
x-amzn-requestid
b358de1c-0d9d-4c8c-bfb4-bb4da43d042c
x-cache
Miss from cloudfront
favicon.png
www.tpbluemind.com/wp-content/themes/bluemind/images/layout/
52 KB
53 KB
Other
General
Full URL
https://www.tpbluemind.com/wp-content/themes/bluemind/images/layout/favicon.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:3860 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b347e444c2b8cc57577c50462dd74cbe6c27fae2b8568d1a1a8aa2e3f277737e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpbluemind.com/

Response headers

cf-cache-status
HIT
etag
"388241b-d09c-5c29a89128e00"
age
1111
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1wEX8Gf4vvE0e7L711%2BLWElvTpqGDdW4LD33FFmyBIWHsOR58vLFgfvECwrqvvy%2Fjp4nntNIFKEAGoyzBJFq8Zj6TWUwUnsGxDAR99y9Oox2XC3mQ9cDFXn1AsVVz0GlgwxQFVN9zIAzQAPlIhiOWIo%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=9974&sent=1926&recv=253&lost=269&retrans=269&sent_bytes=2255204&recv_bytes=26266&delivery_rate=2505837&cwnd=482999&unsent_bytes=0&cid=15f28aed7196af2f&ts=1221&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 21 Nov 2024 15:15:53 GMT
content-type
image/png
last-modified
Tue, 18 May 2021 13:17:44 GMT
vary
Accept-Encoding
priority
u=1,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e61a3456dddc46d-EWR
accept-ranges
bytes
content-length
53404
server
cloudflare
_.gif
fault.rlets.com/static/
43 B
440 B
Image
General
Full URL
https://fault.rlets.com/static/_.gif?s=d6112f1d-da74-44e8-a87e-7dbf4c1daaa6&m=Unknown%20OS%20or%20OS%20Version&f=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F130.0.0.0%20Safari%2F537.36
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.168.224.78 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
78.224.168.34.bc.googleusercontent.com
Software
/
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options ALLOWALL

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpbluemind.com/

Response headers

x-frame-options
ALLOWALL
strict-transport-security
max-age=31536000; includeSubDomains
x-request-id
a830f60d188519d69df1db633d160614
cache-control
max-age=0, private, must-revalidate
etag
W/"42b976597a2d977d0e300f6d06bc903d"
content-transfer-encoding
binary
access-control-allow-methods
GET, POST, PUT, OPTIONS
access-control-allow-origin
*
date
Thu, 21 Nov 2024 15:15:54 GMT
content-type
image/gif
content-disposition
inline
x-runtime
0.001976
access-control-allow-headers
Content-Type
fbevents.js
connect.facebook.net/en_US/
239 KB
61 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: cdn.rlets.com
URL: https://cdn.rlets.com/capture_configs/d61/12f/1dd/a7444e8a87e7dbf4c1daaa6.js?ver=5.7.12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-moC6BehS' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpbluemind.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 21 Nov 2024 15:15:54 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-moC6BehS' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=14, rtx=0, c=23, mss=1232, tbw=4458, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
M3d6DxmmWSa2NGWk+3NxUAvSZy5r8h8KzFrQqbYOmEutPm/BcJVbOwVCtHVbR7RpbF2T9Sd/hO45Ks18FgyIrw==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62107
x-xss-protection
0
origin-agent-cluster
?1
js
www.googletagmanager.com/gtag/
248 KB
89 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-770374930
Requested by
Host: cdn.rlets.com
URL: https://cdn.rlets.com/capture_configs/d61/12f/1dd/a7444e8a87e7dbf4c1daaa6.js?ver=5.7.12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
58b5914d49e5f952260c2b7d641867bedb9e7f4797e884904c430715b02f5317
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpbluemind.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Thu, 21 Nov 2024 15:15:54 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 21 Nov 2024 15:15:54 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Thu, 21 Nov 2024 15:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
90846
x-xss-protection
0
server
Google Tag Manager
d9a5dd70-50f0-0134-a365-0cc47abc2b4e
tag.simpli.fi/sifitag/
3 KB
2 KB
Script
General
Full URL
https://tag.simpli.fi/sifitag/d9a5dd70-50f0-0134-a365-0cc47abc2b4e
Requested by
Host: cdn.rlets.com
URL: https://cdn.rlets.com/capture_configs/d61/12f/1dd/a7444e8a87e7dbf4c1daaa6.js?ver=5.7.12
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.86.110.8 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.110.86.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
60f1b526f73cadfcecf31331815e8a748dac5fbf2d78fc9040404f38f374e6bf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpbluemind.com/

Response headers

x-request-id
GAoEroVMKpVKtQq0ZE7G
cache-control
max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-encoding
gzip
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
date
Thu, 21 Nov 2024 15:15:54 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
server
openresty
visits
d6112f1d-da74-44e8-a87e-7dbf4c1daaa6.rlets.com/api/v1/ Frame
0
0
Preflight
General
Full URL
https://d6112f1d-da74-44e8-a87e-7dbf4c1daaa6.rlets.com/api/v1/visits
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.168.224.78 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
78.224.168.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options ALLOWALL

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.tpbluemind.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-type
text/html
date
Thu, 21 Nov 2024 15:15:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-frame-options
ALLOWALL
x-request-id
1e002e285681a61c93d19d8ac8be0e19
x-runtime
0.001841
visits
d6112f1d-da74-44e8-a87e-7dbf4c1daaa6.rlets.com/api/v1/
0
383 B
XHR
General
Full URL
https://d6112f1d-da74-44e8-a87e-7dbf4c1daaa6.rlets.com/api/v1/visits
Requested by
Host: cdn.rlets.com
URL: https://cdn.rlets.com/capture_configs/d61/12f/1dd/a7444e8a87e7dbf4c1daaa6.js?ver=5.7.12
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.168.224.78 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
78.224.168.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options ALLOWALL

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type
application/json
Referer
https://www.tpbluemind.com/

Response headers

x-frame-options
ALLOWALL
strict-transport-security
max-age=31536000; includeSubDomains
x-request-id
2393b5349117b829e4d504059dea7cb5
cache-control
no-cache
access-control-allow-methods
GET, POST, PUT, OPTIONS
access-control-allow-origin
*
date
Thu, 21 Nov 2024 15:15:54 GMT
content-type
text/html
x-runtime
0.007183
access-control-allow-headers
Content-Type
2061814887442201
connect.facebook.net/signals/config/
67 KB
13 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/2061814887442201?v=2.9.176&r=stable&domain=www.tpbluemind.com&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d30fb4f6757c9337269d016c0ae09f6656dedc97315f70bce51794ad6d266eca
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-pIy6fSnl' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpbluemind.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 21 Nov 2024 15:15:54 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-pIy6fSnl' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=14, rtx=0, c=75, mss=1232, tbw=70878, tp=67, tpl=0, uplat=129, ullat=0
pragma
public
x-fb-debug
066exrL3sjHD+VL9qmO7J+StXKcdtUDh24MFvi1UqC5FneSN+ekP6mTCZ445G9T3TLz3Zm0VDQQVpgKd1YMhTw==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
p
i.simpli.fi/
798 B
761 B
Script
General
Full URL
https://i.simpli.fi/p?cid=22180&cb=sifi_att_42656._hp
Requested by
Host: tag.simpli.fi
URL: https://tag.simpli.fi/sifitag/d9a5dd70-50f0-0134-a365-0cc47abc2b4e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.86.110.8 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.110.86.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
d768ebdc3026df1b070a4919740db2e525fc8a5bde2c3d841cc138ccda9d4fba

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpbluemind.com/

Response headers

cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-encoding
gzip
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
date
Thu, 21 Nov 2024 15:15:54 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
openresty
collect
www.google.com/ccm/
0
0
Ping
General
Full URL
https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fwww.tpbluemind.com%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=1656790901.1732202154&auid=1136892894.1732202154&npa=0&gtm=45be4bk0za200&gcs=G111&gcd=13t3t3t3t5l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&tft=1732202154334&tfd=1975&apve=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-770374930
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::69 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpbluemind.com/

Response headers

/
googleads.g.doubleclick.net/pagead/viewthroughconversion/770374930/
5 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/770374930/?random=1732202154327&cv=11&fst=1732202154327&bg=ffffff&guid=ON&async=1&gtm=45be4bk0za200&gcd=13t3t3t3t5l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.tpbluemind.com%2F&hn=www.googleadservices.com&frm=0&tiba=BlueMind%20%E2%80%93%20Conhecimento%2C%20Previsibilidade%2C%20Menos%20complexidade%2C%20Tecnologia%2C%20Seguran%C3%A7a.&npa=0&pscdl=noapi&auid=1136892894.1732202154&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-770374930
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
606c1e9e5575691cca8209d13ab929c29d0ea193ed4d88f63cfdfef6aaec8652
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpbluemind.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
2338
date
Thu, 21 Nov 2024 15:15:54 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
770374930
td.doubleclick.net/td/rul/ Frame FC2B
0
0
Document
General
Full URL
https://td.doubleclick.net/td/rul/770374930?random=1732202154327&cv=11&fst=1732202154327&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4bk0za200&gcd=13t3t3t3t5l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.tpbluemind.com%2F&hn=www.googleadservices.com&frm=0&tiba=BlueMind%20%E2%80%93%20Conhecimento%2C%20Previsibilidade%2C%20Menos%20complexidade%2C%20Tecnologia%2C%20Seguran%C3%A7a.&npa=0&pscdl=noapi&auid=1136892894.1732202154&fledge=1&data=event%3Dgtag.config
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-770374930
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c21::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.tpbluemind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 21 Nov 2024 15:15:54 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sw_iframe.html
www.googletagmanager.com/static/service_worker/4bj0/ Frame F45E
0
0
Document
General
Full URL
https://www.googletagmanager.com/static/service_worker/4bj0/sw_iframe.html?origin=https%3A%2F%2Fwww.tpbluemind.com
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-770374930
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1476
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Thu, 21 Nov 2024 15:15:54 GMT
expires
Fri, 21 Nov 2025 15:15:54 GMT
last-modified
Tue, 19 Nov 2024 10:38:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cs
cs.lkqd.net/
Redirect Chain
  • https://um.simpli.fi/smaato
  • https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=4D7658AC6A494BA6A0CCC56301AD71F4
  • https://cs.lkqd.net/cs?partnerId=109&partnerUserId=cef53a93c7&gdpr=0&gdpr_consent=
0
0

4D7658AC6A494BA6A0CCC56301AD71F4
sync.1rx.io/usersync/simplifi/
Redirect Chain
  • https://um.simpli.fi/nexxen
  • https://sync.1rx.io/usersync/simplifi/4D7658AC6A494BA6A0CCC56301AD71F4
0
99 B
Image
General
Full URL
https://sync.1rx.io/usersync/simplifi/4D7658AC6A494BA6A0CCC56301AD71F4
Protocol
H2
Server
69.194.240.13 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpbluemind.com/

Response headers

expires
0
cache-control
no-store, no-cache, must-revalidate
date
Thu, 21 Nov 2024 15:15:54 GMT
pragma
no-cache

Redirect headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
cache-control
no-cache
location
https://sync.1rx.io/usersync/simplifi/4D7658AC6A494BA6A0CCC56301AD71F4
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, OPTIONS
expires
Wed, 20 Nov 2024 15:15:54 GMT
access-control-allow-origin
*
content-length
142
date
Thu, 21 Nov 2024 15:15:54 GMT
content-type
text/html
server
openresty
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
xuid
eb2.3lift.com/
Redirect Chain
  • https://um.simpli.fi/triplelift
  • https://eb2.3lift.com/xuid?mid=7969&xuid=4D7658AC6A494BA6A0CCC56301AD71F4&dongle=yf3
  • https://eb2.3lift.com/xuid?ld=1&mid=7969&xuid=4D7658AC6A494BA6A0CCC56301AD71F4&dongle=yf3&gdpr=0&cmp_cs=&us_privacy=
37 B
474 B
Image
General
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=7969&xuid=4D7658AC6A494BA6A0CCC56301AD71F4&dongle=yf3&gdpr=0&cmp_cs=&us_privacy=
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpbluemind.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
date
Thu, 21 Nov 2024 15:15:54 GMT
content-type
image/gif

Redirect headers

cache-control
no-cache, no-store, must-revalidate
location
/xuid?ld=1&mid=7969&xuid=4D7658AC6A494BA6A0CCC56301AD71F4&dongle=yf3&gdpr=0&cmp_cs=&us_privacy=
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
date
Thu, 21 Nov 2024 15:15:54 GMT
sync
simplifi.partners.tremorhub.com/
Redirect Chain
  • https://um.simpli.fi/telaria_p
  • https://simplifi.partners.tremorhub.com/sync?UISF=4D7658AC6A494BA6A0CCC56301AD71F4
43 B
175 B
Image
General
Full URL
https://simplifi.partners.tremorhub.com/sync?UISF=4D7658AC6A494BA6A0CCC56301AD71F4
Protocol
H2
Server
2600:1f18:612b:4264:f0a:6204:b62c:3740 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpbluemind.com/

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Thu, 21 Nov 2024 15:15:54 GMT
content-type
image/gif
server
nginx

Redirect headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
cache-control
no-cache
location
https://simplifi.partners.tremorhub.com/sync?UISF=4D7658AC6A494BA6A0CCC56301AD71F4
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, OPTIONS
expires
Wed, 20 Nov 2024 15:15:54 GMT
access-control-allow-origin
*
content-length
142
date
Thu, 21 Nov 2024 15:15:54 GMT
content-type
text/html
server
openresty
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
check
pixel.tapad.com/idsync/ex/receive/
Redirect Chain
  • https://um.simpli.fi/tapad
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=4D7658AC6A494BA6A0CCC56301AD71F4
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=4D7658AC6A494BA6A0CCC56301AD71F4
95 B
427 B
Image
General
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=4D7658AC6A494BA6A0CCC56301AD71F4
Protocol
H2
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpbluemind.com/

Response headers

strict-transport-security
max-age=31536000
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length
95
date
Thu, 21 Nov 2024 15:15:54 GMT
content-type
image/png
server
Jetty(11.0.13)

Redirect headers

strict-transport-security
max-age=31536000
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=4D7658AC6A494BA6A0CCC56301AD71F4
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length
0
date
Thu, 21 Nov 2024 15:15:54 GMT
server
Jetty(11.0.13)
empty.gif
um.simpli.fi/
Redirect Chain
  • https://um.simpli.fi/ad_advisor
  • https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=4D7658AC6A494BA6A0CCC56301AD71F4
  • https://d.agkn.com/pixel/10751/?che=1732202154631&ip=5.181.234.134&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D214480605073015454441
  • https://um.simpli.fi/aa_px?sk=214480605073015454441
  • https://um.simpli.fi/empty.gif
43 B
361 B
Image
General
Full URL
https://um.simpli.fi/empty.gif
Protocol
H2
Server
34.150.170.96 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
96.170.150.34.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpbluemind.com/

Response headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
x-content-type-options
nosniff
access-control-allow-origin
*
content-length
43
date
Thu, 21 Nov 2024 15:15:54 GMT
content-type
image/gif
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

Redirect headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
location
/empty.gif
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
content-length
142
date
Thu, 21 Nov 2024 15:15:54 GMT
content-type
text/html
server
openresty
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/
Redirect Chain
  • https://um.simpli.fi/intentiq
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=4D7658AC6A494BA6A0CCC56301AD71F4
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=4D7658AC6A494BA6A0CCC56301AD71F4&ckls=true&ci=l4AnTh40hY&nc=false&trid=-800679473
43 B
1 KB
Image
General
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=4D7658AC6A494BA6A0CCC56301AD71F4&ckls=true&ci=l4AnTh40hY&nc=false&trid=-800679473
Protocol
H2
Server
2600:9000:2840:9400:1b:6b7d:2300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpbluemind.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
via
1.1 b3003c57fbd2e21494d8839411ec9fa6.cloudfront.net (CloudFront)
expires
Thu, 01 Jan 1970 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
date
Thu, 21 Nov 2024 15:15:54 GMT
content-type
image/gif
x-amz-cf-pop
JFK52-P7
x-amz-cf-id
dQx_ul3CaBpqIHr9pK5MqgBUEtBIZUz5CEybnB9pN6diHRjrrjEKtA==

Redirect headers

patent
https://www.almondnet.com/ip
cache-control
no-cache, no-store, must-revalidate
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=4D7658AC6A494BA6A0CCC56301AD71F4&ckls=true&ci=l4AnTh40hY&nc=false&trid=-800679473
pragma
no-cache
via
1.1 b3003c57fbd2e21494d8839411ec9fa6.cloudfront.net (CloudFront)
expires
Thu, 01 Jan 1970 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
date
Thu, 21 Nov 2024 15:15:54 GMT
content-type
image/gif
x-amz-cf-pop
JFK52-P7
x-amz-cf-id
WlYztYxxIQXpya6lXDwpVjtcAISckz_acighYNtPIK_LENLmc3d1ow==
Pug
image2.pubmatic.com/AdServer/
Redirect Chain
  • https://um.simpli.fi/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:4D7658AC6A494BA6A0CCC56301AD71F4
42 B
551 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:4D7658AC6A494BA6A0CCC56301AD71F4
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpbluemind.com/

Response headers

cache-control
no-store, no-cache, private
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Thu, 21 Nov 2024 15:15:54 GMT
content-type
image/gif; charset=utf-8
server
nginx

Redirect headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
cache-control
no-cache
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:4D7658AC6A494BA6A0CCC56301AD71F4
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, OPTIONS
expires
Wed, 20 Nov 2024 15:15:54 GMT
access-control-allow-origin
*
content-length
142
date
Thu, 21 Nov 2024 15:15:54 GMT
content-type
text/html
server
openresty
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
user-registering
ads.stickyadstv.com/
Redirect Chain
  • https://um.simpli.fi/freewheel
  • https://ads.stickyadstv.com/user-registering?dataProviderId=753&userId=4D7658AC6A494BA6A0CCC56301AD71F4
43 B
653 B
Image
General
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=753&userId=4D7658AC6A494BA6A0CCC56301AD71F4
Protocol
HTTP/1.1
Server
63.251.28.230 Secaucus, United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpbluemind.com/

Response headers

Transfer-Encoding
chunked
Cache-Control
no-cache
Pragma
no-cache
x-sticky-vk
1732202155065049-86
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Date
Thu, 21 Nov 2024 15:15:55 GMT
Content-Type
image/gif
Server
nginx

Redirect headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
cache-control
no-cache
location
https://ads.stickyadstv.com/user-registering?dataProviderId=753&userId=4D7658AC6A494BA6A0CCC56301AD71F4
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, OPTIONS
expires
Wed, 20 Nov 2024 15:15:54 GMT
access-control-allow-origin
*
content-length
142
date
Thu, 21 Nov 2024 15:15:54 GMT
content-type
text/html
server
openresty
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
getuid
sync.smartadserver.com/
Redirect Chain
  • https://um.simpli.fi/dtnx
  • https://fei.pro-market.net/engine?du=24;csync=4D7658AC6A494BA6A0CCC56301AD71F4;mimetype=img;
  • https://fei.pro-market.net/engine?du=24;csync=4D7658AC6A494BA6A0CCC56301AD71F4;mimetype=img;sr
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Ffei.pro-market.net%2Fengine%3Fsite%3D161185%26size%3D1x1%26du%3D36%26csync%3D[sas_uid]
  • https://sync.smartadserver.com/getuid?url=https://fei.pro-market.net/engine?site=161185&size=1x1&du=36&csync=[sas_uid]&cklb=1
0
256 B
Image
General
Full URL
https://sync.smartadserver.com/getuid?url=https://fei.pro-market.net/engine?site=161185&size=1x1&du=36&csync=[sas_uid]&cklb=1
Protocol
H2
Server
216.22.16.40 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpbluemind.com/

Response headers

cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date
Thu, 21 Nov 2024 15:15:54 GMT
pragma
no-cache

Redirect headers

cache-control
no-cache,no-store
location
https://sync.smartadserver.com:443/getuid?url=https://fei.pro-market.net/engine?site=161185&size=1x1&du=36&csync=[sas_uid]&cklb=1
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date
Thu, 21 Nov 2024 15:15:54 GMT
pragma
no-cache
/
loadm.exelator.com/load/
Redirect Chain
  • https://um.simpli.fi/exelatem
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=4D7658AC6A494BA6A0CCC56301AD71F4&j=0
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=4D7658AC6A494BA6A0CCC56301AD71F4&j=0&xl8blockcheck=1
0
767 B
Image
General
Full URL
https://loadm.exelator.com/load/?p=204&g=2191&simid=4D7658AC6A494BA6A0CCC56301AD71F4&j=0&xl8blockcheck=1
Protocol
H2
Server
34.229.3.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-229-3-43.compute-1.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpbluemind.com/

Response headers

cache-control
no-cache
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
date
Thu, 21 Nov 2024 15:15:54 GMT
x-powered-by
Undertow/1
server
nginx
access-control-allow-credentials
true

Redirect headers

cache-control
no-cache
location
https://loadm.exelator.com/load/?p=204&g=2191&simid=4D7658AC6A494BA6A0CCC56301AD71F4&j=0&xl8blockcheck=1
access-control-allow-credentials
true
content-length
0
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
date
Thu, 21 Nov 2024 15:15:54 GMT
content-type
image/gif
x-powered-by
Undertow/1
server
nginx
sync
ups.analytics.yahoo.com/ups/55964/
Redirect Chain
  • https://um.simpli.fi/yahoo
  • https://ups.analytics.yahoo.com/ups/55964/sync?uid=4D7658AC6A494BA6A0CCC56301AD71F4
  • https://ups.analytics.yahoo.com/ups/55964/sync?uid=4D7658AC6A494BA6A0CCC56301AD71F4&verify=true
0
123 B
Image
General
Full URL
https://ups.analytics.yahoo.com/ups/55964/sync?uid=4D7658AC6A494BA6A0CCC56301AD71F4&verify=true
Protocol
H2
Server
2001:4998:60:807::1 , United States, ASN14196 (YAHOO-CHA, US),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpbluemind.com/

Response headers

strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
date
Thu, 21 Nov 2024 15:15:54 GMT
age
0
content-type
text/html
server
ATS
referrer-policy
no-referrer-when-downgrade

Redirect headers

strict-transport-security
max-age=31536000
location
https://ups.analytics.yahoo.com/ups/55964/sync?uid=4D7658AC6A494BA6A0CCC56301AD71F4&verify=true
age
0
referrer-policy
no-referrer-when-downgrade
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
date
Thu, 21 Nov 2024 15:15:54 GMT
content-type
text/html
server
ATS
sync
sync.bfmio.com/
Redirect Chain
  • https://um.simpli.fi/beachfront
  • https://sync.bfmio.com/sync?pid=141&uid=4D7658AC6A494BA6A0CCC56301AD71F4
0
421 B
Image
General
Full URL
https://sync.bfmio.com/sync?pid=141&uid=4D7658AC6A494BA6A0CCC56301AD71F4
Protocol
HTTP/1.1
Server
52.4.194.40 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-194-40.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpbluemind.com/

Response headers

Date
Thu, 21 Nov 2024 15:15:53 GMT
Connection
keep-alive

Redirect headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
cache-control
no-cache
location
https://sync.bfmio.com/sync?pid=141&uid=4D7658AC6A494BA6A0CCC56301AD71F4
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, OPTIONS
expires
Wed, 20 Nov 2024 15:15:54 GMT
access-control-allow-origin
*
content-length
142
date
Thu, 21 Nov 2024 15:15:54 GMT
content-type
text/html
server
openresty
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
29931
stags.bluekai.com/site/
Redirect Chain
  • https://um.simpli.fi/bluekai
  • https://stags.bluekai.com/site/29931?id=4D7658AC6A494BA6A0CCC56301AD71F4
27 B
27 B
Image
General
Full URL
https://stags.bluekai.com/site/29931?id=4D7658AC6A494BA6A0CCC56301AD71F4
Protocol
HTTP/1.1
Server
23.220.132.230 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-132-230.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5607bc0b49036b5f13acf3f5767e0fb2fb947f5369bda253939e78e2b11f85b4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpbluemind.com/

Response headers

Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Connection
keep-alive
Expires
Thu, 21 Nov 2024 15:15:54 GMT
Content-Length
27
Date
Thu, 21 Nov 2024 15:15:54 GMT
AK-GRN
0.8968dc17.1732202154.5bb6ebac
Content-Type
text/html

Redirect headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
cache-control
no-cache
location
https://stags.bluekai.com/site/29931?id=4D7658AC6A494BA6A0CCC56301AD71F4
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, OPTIONS
expires
Wed, 20 Nov 2024 15:15:54 GMT
access-control-allow-origin
*
content-length
142
date
Thu, 21 Nov 2024 15:15:54 GMT
content-type
text/html
server
openresty
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
tpid=4D7658AC6A494BA6A0CCC56301AD71F4
bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/
Redirect Chain
  • https://um.simpli.fi/crwdcntrl
  • https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=4D7658AC6A494BA6A0CCC56301AD71F4
  • https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=4D7658AC6A494BA6A0CCC56301AD71F4
49 B
545 B
Image
General
Full URL
https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=4D7658AC6A494BA6A0CCC56301AD71F4
Protocol
H2
Server
3.222.126.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-126-253.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpbluemind.com/

Response headers

cache-control
no-cache
pragma
no-cache
expires
0
access-control-allow-origin
*
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length
49
date
Thu, 21 Nov 2024 15:15:54 GMT
content-type
image/gif
x-server
10.40.59.203
server
Jetty(9.4.38.v20210224)

Redirect headers

cache-control
no-cache
location
https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=4D7658AC6A494BA6A0CCC56301AD71F4
pragma
no-cache
expires
0
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length
0
date
Thu, 21 Nov 2024 15:15:54 GMT
x-server
10.40.0.42
server
Jetty(9.4.38.v20210224)
merge
ce.lijit.com/
Redirect Chain
  • https://um.simpli.fi/lj_match
  • https://ce.lijit.com/merge?pid=2&3pid=4D7658AC6A494BA6A0CCC56301AD71F4
  • https://ce.lijit.com/merge?pid=2&3pid=4D7658AC6A494BA6A0CCC56301AD71F4&dnr=1
43 B
511 B
Image
General
Full URL
https://ce.lijit.com/merge?pid=2&3pid=4D7658AC6A494BA6A0CCC56301AD71F4&dnr=1
Protocol
H2
Server
18.210.114.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-210-114-147.compute-1.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpbluemind.com/

Response headers

cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
pragma
no-cache
expires
Fri, 20 Mar 2009 00:00:00 GMT
content-length
43
p3p
CP="CUR ADM OUR NOR STA NID"
date
Thu, 21 Nov 2024 15:15:54 GMT
content-type
image/gif
vary
Accept-Encoding

Redirect headers

cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
location
https://ce.lijit.com/merge?pid=2&3pid=4D7658AC6A494BA6A0CCC56301AD71F4&dnr=1
pragma
no-cache
expires
Fri, 20 Mar 2009 00:00:00 GMT
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Thu, 21 Nov 2024 15:15:54 GMT
vary
Accept-Encoding
db_sync
px.ads.linkedin.com/
Redirect Chain
  • https://um.simpli.fi/liveramp_match
  • https://idsync.rlcdn.com/419566.gif?partner_uid=4D7658AC6A494BA6A0CCC56301AD71F4
  • https://idsync.rlcdn.com/1000.gif?memo=CO7NGRIrCicIARDuJBogNEQ3NjU4QUM2QTQ5NEJBNkEwQ0NDNTYzMDFBRDcxRjQQABoNCKqd_bkGEgUI6AcQAEIASgA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=a6707f35ec546fb9a708192c87012b48d5018d6b08baccbb2a1f608e831f82f1791426b5417dce21&_=2
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=a6707f35ec546fb9a708192c87012b48d5018d6b08baccbb2a1f608e831f82f1791426b5417dce21&rand=05813841
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=a6707f35ec546fb9a708192c87012b48d5018d6b08baccbb2a1f608e831f82f1791426b5417dce21&rand=05813841&expected_cookie=bfa0fd81-5fbd-4918-9262-ba04a83f787a
0
142 B
Image
General
Full URL
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=a6707f35ec546fb9a708192c87012b48d5018d6b08baccbb2a1f608e831f82f1791426b5417dce21&rand=05813841&expected_cookie=bfa0fd81-5fbd-4918-9262-ba04a83f787a
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpbluemind.com/

Response headers

linkedin-action
1
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: B1DF04F917A0468CB21885AF0B580031 Ref B: EWR30EDGE0818 Ref C: 2024-11-21T15:15:55Z
x-li-fabric
prod-ltx1
x-li-uuid
AAYnbb4kGEQgthZcqpjC5A==
x-li-proto
http/2
x-cache
CONFIG_NOCACHE
content-length
0
date
Thu, 21 Nov 2024 15:15:54 GMT

Redirect headers

linkedin-action
1
x-li-pop
afd-prod-ltx1-x
location
/db_sync?pid=10339&puuid=a6707f35ec546fb9a708192c87012b48d5018d6b08baccbb2a1f608e831f82f1791426b5417dce21&rand=05813841&expected_cookie=bfa0fd81-5fbd-4918-9262-ba04a83f787a
x-msedge-ref
Ref A: B69CEE53C9A24281BBC4CBD25521FD92 Ref B: EWR30EDGE0818 Ref C: 2024-11-21T15:15:55Z
x-li-fabric
prod-ltx1
x-li-uuid
AAYnbb4iMAMpxovW0Ebrpw==
x-li-proto
http/2
x-cache
CONFIG_NOCACHE
content-length
0
date
Thu, 21 Nov 2024 15:15:54 GMT
/
www.google.com/pagead/1p-conversion/1026675585/
Redirect Chain
  • https://www.googleadservices.com/pagead/conversion/1026675585/?random=1732202154357&cv=7&fst=1732202154357&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1386515520&cv=7&fst=1732202154357&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLH...
  • https://www.google.com/pagead/1p-conversion/1026675585/?random=1386515520&cv=7&fst=1732202154357&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHD...
42 B
64 B
Image
General
Full URL
https://www.google.com/pagead/1p-conversion/1026675585/?random=1386515520&cv=7&fst=1732202154357&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCOvGsQII08WxAgilxrEC&pscrd=IhMIn9Ph8NvtiQMVeCuICR1vmSEkMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhtodHRwczovL3d3dy50cGJsdWVtaW5kLmNvbS8&is_vtc=1&cid=CAQSKQCa7L7dJOZFXzSu7b4OFavAwv4BjjjU4snLuFj2YdIRG09AqhjSFuzo&random=1106708642
Protocol
H3
Server
2607:f8b0:4004:c1d::69 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpbluemind.com/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Thu, 21 Nov 2024 15:15:54 GMT
x-xss-protection
0
content-type
image/gif
server
cafe

Redirect headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
location
https://www.google.com/pagead/1p-conversion/1026675585/?random=1386515520&cv=7&fst=1732202154357&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCOvGsQII08WxAgilxrEC&pscrd=IhMIn9Ph8NvtiQMVeCuICR1vmSEkMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhtodHRwczovL3d3dy50cGJsdWVtaW5kLmNvbS8&is_vtc=1&cid=CAQSKQCa7L7dJOZFXzSu7b4OFavAwv4BjjjU4snLuFj2YdIRG09AqhjSFuzo&random=1106708642
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
42
date
Thu, 21 Nov 2024 15:15:54 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
spotx_match
um.simpli.fi/
0
272 B
Image
General
Full URL
https://um.simpli.fi/spotx_match
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.150.170.96 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
96.170.150.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpbluemind.com/

Response headers

access-control-allow-methods
GET, POST, OPTIONS
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-origin
*
date
Thu, 21 Nov 2024 15:15:54 GMT
x-content-type-options
nosniff
bounce
ib.adnxs.com/
Redirect Chain
  • https://um.simpli.fi/an
  • https://ib.adnxs.com/setuid?entity=66&code=4D7658AC6A494BA6A0CCC56301AD71F4
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D4D7658AC6A494BA6A0CCC56301AD71F4
43 B
1 KB
Image
General
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D4D7658AC6A494BA6A0CCC56301AD71F4
Protocol
H2
Server
68.67.179.153 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpbluemind.com/

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
5.181.234.134; 5.181.234.134; 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
*
an-x-request-uuid
a2ebf031-2c3d-4d78-9f50-5c7581ed5318
content-length
43
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Thu, 21 Nov 2024 15:15:54 GMT
x-xss-protection
0
content-type
image/gif
server
nginx/1.23.4

Redirect headers

cache-control
no-store, no-cache, private
location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D4D7658AC6A494BA6A0CCC56301AD71F4
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
x-proxy-origin
5.181.234.134; 5.181.234.134; 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
an-x-request-uuid
b734f618-fe9b-4b9a-8c05-dc05cd58a260
content-length
0
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Thu, 21 Nov 2024 15:15:54 GMT
x-xss-protection
0
content-type
text/html; charset=utf-8
server
nginx/1.23.4
tap.php
pixel.rubiconproject.com/
Redirect Chain
  • https://um.simpli.fi/rb_match
  • https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=4D7658AC6A494BA6A0CCC56301AD71F4&expires=365
42 B
1 KB
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=4D7658AC6A494BA6A0CCC56301AD71F4&expires=365
Protocol
HTTP/1.1
Server
69.173.146.5 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpbluemind.com/

Response headers

Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
9fc574f0bbe10c047804144feedb9430
Pragma
no-cache
content-length
42
Content-Type
image/gif

Redirect headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
cache-control
no-cache
location
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=4D7658AC6A494BA6A0CCC56301AD71F4&expires=365
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, OPTIONS
expires
Wed, 20 Nov 2024 15:15:54 GMT
access-control-allow-origin
*
content-length
142
date
Thu, 21 Nov 2024 15:15:54 GMT
content-type
text/html
server
openresty
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
sd
us-u.openx.net/w/1.0/
Redirect Chain
  • https://um.simpli.fi/ox_match
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=4D7658AC6A494BA6A0CCC56301AD71F4
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=4D7658AC6A494BA6A0CCC56301AD71F4
43 B
171 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=4D7658AC6A494BA6A0CCC56301AD71F4
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpbluemind.com/

Response headers

cache-control
private, max-age=0, no-cache
pragma
no-cache
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
p3p
CP="CUR ADM OUR NOR STA NID"
date
Thu, 21 Nov 2024 15:15:53 GMT
content-type
image/gif
vary
Accept
server
OXGW/0.0.0

Redirect headers

via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
location
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=4D7658AC6A494BA6A0CCC56301AD71F4
p3p
CP="CUR ADM OUR NOR STA NID"
content-length
0
date
Thu, 21 Nov 2024 15:15:54 GMT
server
OXGW/0.0.0
g_match
um.simpli.fi/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm=&google_sc=&google_tc=
  • https://um.simpli.fi/g_match?id=&google_gid=CAESEPE0whGu_s_CHMROQhZ_uHE&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=4D7658AC6A494BA6A0CCC56301AD71F4
  • https://um.simpli.fi/g_match?id=
0
320 B
Image
General
Full URL
https://um.simpli.fi/g_match?id=
Protocol
H2
Server
34.150.170.96 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
96.170.150.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpbluemind.com/

Response headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
cache-control
no-cache
access-control-allow-methods
GET, POST, OPTIONS
x-content-type-options
nosniff
expires
Wed, 20 Nov 2024 15:15:54 GMT
access-control-allow-origin
*
date
Thu, 21 Nov 2024 15:15:54 GMT
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

Redirect headers

cache-control
no-cache, must-revalidate
location
https://um.simpli.fi/g_match?id=
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
229
date
Thu, 21 Nov 2024 15:15:54 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
/
www.google.com/pagead/1p-user-list/770374930/
42 B
64 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/770374930/?random=1732202154327&cv=11&fst=1732201200000&bg=ffffff&guid=ON&async=1&gtm=45be4bk0za200&gcd=13t3t3t3t5l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.tpbluemind.com%2F&hn=www.googleadservices.com&frm=0&tiba=BlueMind%20%E2%80%93%20Conhecimento%2C%20Previsibilidade%2C%20Menos%20complexidade%2C%20Tecnologia%2C%20Seguran%C3%A7a.&npa=0&pscdl=noapi&auid=1136892894.1732202154&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7dHc004udKBvYM9ssim94Kgshu9JWgug&random=2905831670&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::69 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpbluemind.com/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Thu, 21 Nov 2024 15:15:54 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
www.facebook.com/tr/
0
19 B
Image
General
Full URL
https://www.facebook.com/tr/?id=2061814887442201&ev=PageView&dl=https%3A%2F%2Fwww.tpbluemind.com%2F&rl=&if=false&ts=1732202154443&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4126&fbp=fb.1.1732202154441.756103520915970131&ler=empty&cdl=API_unavailable&it=1732202154276&coo=false&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpbluemind.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=13, rtx=0, c=23, mss=1232, tbw=4459, tp=9, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Thu, 21 Nov 2024 15:15:54 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
195 B
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=2061814887442201&ev=PageView&dl=https%3A%2F%2Fwww.tpbluemind.com%2F&rl=&if=false&ts=1732202154443&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4126&fbp=fb.1.1732202154441.756103520915970131&ler=empty&cdl=API_unavailable&it=1732202154276&coo=false&rqm=FGET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.tpbluemind.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7439751602669546009"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 21 Nov 2024 15:15:54 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
EKbdKt3MIIkb6PND6WnA+fRpR/5AH1j9kSU6oGVyx9yZPGXrynvIhXoaBtW/w6l3J3+F0vdVveuDO87mVFL4gw==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7439751602669546009", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=13, rtx=0, c=23, mss=1232, tbw=4857, tp=13, tpl=0, uplat=180, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
capture.js
cdn.rlets.com/capture_static/mms/ Frame 1BB4
175 KB
45 KB
Script
General
Full URL
https://cdn.rlets.com/capture_static/mms/capture.js
Requested by
Host: cdn.rlets.com
URL: https://cdn.rlets.com/capture_configs/d61/12f/1dd/a7444e8a87e7dbf4c1daaa6.js?ver=5.7.12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2141:5c00:6:9a19:88c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
29966ce69e5cc846ac2cdce0a30e5d7797bb8334c9fe729534a205e25db16120

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

x-amz-cf-pop
JFK50-P10
content-encoding
gzip
etag
W/"a2e2dbde8a8c2c25cddaa1adf5a68764"
age
76058
via
1.1 37c23a320daf1957772cba43d1a5bde0.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
7b-TdgoDiObyeOsttULSC8nTemwKpeaYKlcjYhM9BwYIYpzhIXgDcw==
date
Wed, 20 Nov 2024 18:08:17 GMT
content-type
application/javascript
vary
accept-encoding
server
AmazonS3
last-modified
Thu, 07 Nov 2024 17:47:21 GMT
x-amz-server-side-encryption
AES256
storage.html
d6112f1d-da74-44e8-a87e-7dbf4c1daaa6.rlets.com/static/ Frame 44D3
0
0
Document
General
Full URL
https://d6112f1d-da74-44e8-a87e-7dbf4c1daaa6.rlets.com/static/storage.html
Requested by
Host: cdn.rlets.com
URL: https://cdn.rlets.com/capture_static/mms/capture.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.168.224.78 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
78.224.168.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

content-length
2056
content-type
text/html
date
Thu, 21 Nov 2024 15:15:53 GMT
last-modified
Thu, 17 Oct 2024 15:04:05 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cs.lkqd.net
URL
https://cs.lkqd.net/cs?partnerId=109&partnerUserId=cef53a93c7&gdpr=0&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| _wpemojiSettings object| twemoji object| wp function| loadStyle function| loadScript string| BASE_URL function| loadSelect2 function| $ function| jQuery object| rl_widget_cfg object| RLCAP object| captureStatus object| dataLayer function| adjusts_guides function| load_fn_scroll function| validF function| fbq function| _fbq object| RL object| sifi_att_42656 object| google_tag_manager object| google_tag_data object| GooglebQhCsO

69 Cookies

Domain/Path Name / Value
d6112f1d-da74-44e8-a87e-7dbf4c1daaa6.rlets.com/ Name: test
Value: test
www.tpbluemind.com/ Name: rl_visitor_history
Value: 7d9e31e9-c889-4790-bb56-cdc3bad91ed8
www.tpbluemind.com/ Name: sifi_user_id
Value: undefined
d6112f1d-da74-44e8-a87e-7dbf4c1daaa6.rlets.com/ Name: bot_type
Value:
d6112f1d-da74-44e8-a87e-7dbf4c1daaa6.rlets.com/ Name: history_campaign
Value:
d6112f1d-da74-44e8-a87e-7dbf4c1daaa6.rlets.com/ Name: history_referrer_type
Value: DIRECT
d6112f1d-da74-44e8-a87e-7dbf4c1daaa6.rlets.com/ Name: last_activity_at
Value: 1732202154201
d6112f1d-da74-44e8-a87e-7dbf4c1daaa6.rlets.com/ Name: visitor_id
Value: 7d9e31e9-c889-4790-bb56-cdc3bad91ed8
d6112f1d-da74-44e8-a87e-7dbf4c1daaa6.rlets.com/ Name: sifi_user_id
Value:
d6112f1d-da74-44e8-a87e-7dbf4c1daaa6.rlets.com/ Name: visit_id
Value: 2de70091-606e-49eb-af10-5249f2148ae3
.simpli.fi/ Name: suid
Value: 4D7658AC6A494BA6A0CCC56301AD71F4
.tpbluemind.com/ Name: _gcl_au
Value: 1.1.1136892894.1732202154
.simpli.fi/ Name: uid_syncd_secure
Value: true
.tpbluemind.com/ Name: _fbp
Value: fb.1.1732202154441.756103520915970131
.doubleclick.net/ Name: IDE
Value: AHWqTUk5iHQvyGRjSxkB_ujKmgRVrQRIYdgArfrcWHiZj6PczU7YN9KSim7Ppoist_I
.3lift.com/ Name: tluidp
Value: 3790740349179299268299
.3lift.com/ Name: tluid
Value: 3790740349179299268299
.adnxs.com/ Name: XANDR_PANID
Value: CYgt1dWQt3gzJZoxhpkWTJ_2l-wKkB9k1lKPiBTvUboROpaF-tyzXUU5pwmmQe7dvqyfMoeku52QsbrcOBlWw9IlRfptYaD5wc2-ITgRMF4.
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.adnxs.com/ Name: uuid2
Value: 6359253138867394809
.lijit.com/ Name: ljt_reader
Value: JtFTAQZHHj0rBmsDQAqOECy3
.adnxs.com/ Name: anj
Value: dTM7k!M4.FE:2jUF']wIg2E>5k@@Pd!]tbPl1N!7On*M$=BWUhlx#=giJqfpe9zXKiIP#Vl#K)1gm3d]iHfskgx^xnlvTw*/X%W#.wL4W1Qw2NTsm:@
.openx.net/ Name: i
Value: 49050a19-dcd8-4c27-952e-3c4b0564b3cc|1732202154
.smaato.net/ Name: SCM
Value: cef53a93c7
.smaato.net/ Name: SCMv
Value: cef53a93c7
.smaato.net/ Name: SCM1001136
Value: cef53a93c7
.lijit.com/ Name: _ljtrtb_2
Value: 4D7658AC6A494BA6A0CCC56301AD71F4
.intentiq.com/ Name: IQver
Value: 1.9
.intentiq.com/ Name: intentIQ
Value: l4AnTh40hY
.bfmio.com/ Name: __141_cid
Value: 4D7658AC6A494BA6A0CCC56301AD71F4
.bfmio.com/ Name: __io_cid
Value: 9d10adaf22801f83ec47520c6be8259d4acbfb0a
.pro-market.net/ Name: anProfile
Value: "1pbj436ln0c3c+1+1f=1+1g=1+1j=57:1+rs=s+rt=2A0D5600002415001012B39CCD766E47+s2=(snb3qi)+vm=24-4D7658AC6A494BA6A0CCC56301AD71F4"
.pro-market.net/ Name: anHistory
Value: "1pbj436ln0c3c+2+!#6wM%_#`FV"
.tapad.com/ Name: TapAd_TS
Value: 1732202154614
.tapad.com/ Name: TapAd_DID
Value: 04bb6c19-a636-4d99-a502-f2b4c04ef052
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:4D7658AC6A494BA6A0CCC56301AD71F4&KRTB&23486-uid:4D7658AC6A494BA6A0CCC56301AD71F4&KRTB&23489-uid:4D7658AC6A494BA6A0CCC56301AD71F4&KRTB&23539-uid:4D7658AC6A494BA6A0CCC56301AD71F4
.pubmatic.com/ Name: PugT
Value: 1732202154
.intentiq.com/ Name: IQPData
Value: 95808134#1732202154642#0#1732202154642
.intentiq.com/ Name: ASDT
Value: 0
.intentiq.com/ Name: CSDT
Value: UEQ6MTAwNDNfMCZVVW03aTlw
.intentiq.com/ Name: intentIQCDate
Value: 1732202154643
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: d568b1ddab76023b0fd5021b80d1b51a
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.agkn.com/ Name: ab
Value: 0001%3AEA3vxCeASb9%2BuU3G%2BSmmapStCSOc7w8J
.rlcdn.com/ Name: rlas3
Value: OkGYQbunnyxNkJzvLf1gHkwV9hxfcR2ttjPgWE1uUkA=
.exelator.com/ Name: EE
Value: "6621136854151fc625d42eacdf6c91e3"
.yahoo.com/ Name: A3
Value: d=AQABBKpOP2cCEMiTx_iFBI4GXal1VyYzNEEFEgEBAQGgQGdJZ9xH0iMA_eMAAA&S=AQAAAgWaWAVFJUlrDF7vllIGhU8
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQcHMzMjQ0NjMwtTE0NQwLdnMyDTFxCg1MTklzSzZ0jDVeHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDYYEl%252BUWb6otDgxUUpaQyLSopPBZ9cvgwAdvAqZQ%253D%253D"
.rlcdn.com/ Name: pxrc
Value: CKqd/bkGEgUI6AcQABIFCOhHEAA=
.analytics.yahoo.com/ Name: IDSYNC
Value: 176k~2lyf
.agkn.com/ Name: u
Value: C|0AAAAAAAALtILKgAAAAAA
.pippio.com/ Name: did
Value: oZotfZhYW7r-36wB
.pippio.com/ Name: didts
Value: 1732202154
.pippio.com/ Name: nnls
Value:
.pippio.com/ Name: pxrc
Value: CKqd/bkGEgYIgr0rEAA=
.rubiconproject.com/ Name: audit_p
Value: 1|iU3KqtgwDgp0t8IZYKyvn4B2v+cd+1iJwpE18wx6Q4SMaGpsUGBQ3qZ5Q/pQBjZxeWlrhgNwokuM1KxoLazIt04KBbjzRD/Y5dDZuxGLGk9DNeGtGXqenaD03O18H9EQn0fAYYyytSnOa+BStGs9whw+zI0SoNIVSpxNqhhzGypRm99a3bMoP35/bkYCLFZe
.rubiconproject.com/ Name: khaos
Value: M3RGFSTW-22-4MA
.rubiconproject.com/ Name: khaos_p
Value: M3RGFSTW-22-4MA
.rubiconproject.com/ Name: audit
Value: 1|iU3KqtgwDgp0t8IZYKyvn4B2v+cd+1iJwpE18wx6Q4SMaGpsUGBQ3qZ5Q/pQBjZxeWlrhgNwokuM1KxoLazIt04KBbjzRD/Y5dDZuxGLGk9DNeGtGXqenaD03O18H9EQn0fAYYyytSnOa+BStGs9whw+zI0SoNIVSpxNqhhzGypRm99a3bMoP35/bkYCLFZe
.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: pbw
Value: %24b%3d16999%3b%24o%3d99999
.smartadserver.com/ Name: pid
Value: 4319633457048310583
.ads.stickyadstv.com/ Name: UID
Value: d5df7a8a611a41e6f5c41ad930b5745
.ads.stickyadstv.com/ Name: uid-bp-26865
Value: 4D7658AC6A494BA6A0CCC56301AD71F4
.linkedin.com/ Name: li_sugr
Value: bfa0fd81-5fbd-4918-9262-ba04a83f787a
.linkedin.com/ Name: bcookie
Value: "v=2&6b95e5be-064a-4760-8dc7-b1a315da245a"
.linkedin.com/ Name: lidc
Value: "b=TGST06:s=T:r=T:a=T:p=T:g=3043:u=1:x=1:i=1732202155:t=1732288555:v=2:sig=AQGJ2RfLilZPDdxnk-10c9KpusB1g2DT"

2 Console Messages

Source Level URL
Text
network error URL: https://cs.lkqd.net/cs?partnerId=109&partnerUserId=cef53a93c7&gdpr=0&gdpr_consent=
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://stags.bluekai.com/site/29931?id=4D7658AC6A494BA6A0CCC56301AD71F4
Message:
Failed to load resource: the server responded with a status of 500 (Internal Server Error)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa.agkn.com
ads.stickyadstv.com
bcp.crwdcntrl.net
capture-api.reachlocalservices.com
cdn.rlets.com
cdnjs.cloudflare.com
ce.lijit.com
cm.g.doubleclick.net
connect.facebook.net
cs.lkqd.net
d.agkn.com
d6112f1d-da74-44e8-a87e-7dbf4c1daaa6.rlets.com
eb2.3lift.com
fault.rlets.com
fei.pro-market.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.simpli.fi
ib.adnxs.com
idsync.rlcdn.com
image2.pubmatic.com
loadm.exelator.com
pippio.com
pixel.rubiconproject.com
pixel.tapad.com
px.ads.linkedin.com
simplifi.partners.tremorhub.com
stags.bluekai.com
sync.1rx.io
sync.bfmio.com
sync.intentiq.com
sync.smartadserver.com
tag.simpli.fi
td.doubleclick.net
tpknowledge.com
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
www.facebook.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.tpbluemind.com
cs.lkqd.net
107.178.254.65
13.225.63.83
142.250.31.156
172.253.122.156
18.210.114.147
18.238.49.101
2001:4998:60:807::1
216.22.16.40
23.220.132.230
2600:1901:0:8eee::
2600:1f18:612b:4264:f0a:6204:b62c:3740
2600:9000:2141:5c00:6:9a19:88c0:93a1
2600:9000:21da:5800:19:fc2c:a140:93a1
2600:9000:2840:9400:1b:6b7d:2300:93a1
2606:4700:3032::6815:3860
2606:4700:3033::ac43:9c66
2606:4700::6811:180e
2607:f8b0:4004:c06::5f
2607:f8b0:4004:c08::9b
2607:f8b0:4004:c17::61
2607:f8b0:4004:c1d::5e
2607:f8b0:4004:c1d::69
2607:f8b0:4004:c21::9c
2620:1ec:21::14
2a03:2880:f003:100:face:b00c:0:3
2a03:2880:f103:181:face:b00c:0:25de
3.222.126.253
34.111.113.62
34.150.170.96
34.168.224.78
34.229.3.43
34.86.110.8
35.244.154.8
35.244.159.8
35.71.139.29
52.4.194.40
63.251.28.230
68.67.179.153
69.173.146.5
69.194.240.13
8.28.7.83
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0d37ca84e1a849bdcb0eec991611938a1d9817965ea3580c64eca00c03c67361
104114a1e0627902752996e93273f579300551acbf06b78c153d11af9976d239
152544e1121437d0e10644797d0a407cafe97675f0ba7aaa4831a05535b4be28
21015a24b2fde5fa5d321d9cd6671e0b6ac097df8b73b6513db06be0c8ab31d6
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
29966ce69e5cc846ac2cdce0a30e5d7797bb8334c9fe729534a205e25db16120
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f6ab6ec88ae3d1887bc4232aadad0d549dde1008736b0586f8841579f5b66e4
3062baa878b844b05e8014525674115d069aa9b849531e0bcd646d2dba0dfed6
307bfe93ae3b33019e77daafae4e486a249c454d273d99f960a8e04d8a570c63
34b9c88657013ec37382ac9afc82284694737ced783adc18315f29a38cd60a5a
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f1fd15468d0c38328697d2c9972b88377ba881d458e32bb58d71b5f8a9ea183
409875ce10d87c3166980db4836c22c09d2a98c8a9e3187860eb8405db4a0207
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
43730866612149a27f49159d7c4f19185c8694bb91bf41abc884a6fe1346e96e
4560ee01a642e6f139fc344b7853faa63c38ba01c55a54384b6eaf78f9800101
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
5607bc0b49036b5f13acf3f5767e0fb2fb947f5369bda253939e78e2b11f85b4
58b5914d49e5f952260c2b7d641867bedb9e7f4797e884904c430715b02f5317
606c1e9e5575691cca8209d13ab929c29d0ea193ed4d88f63cfdfef6aaec8652
60f1b526f73cadfcecf31331815e8a748dac5fbf2d78fc9040404f38f374e6bf
6a482d2d94c0d1bc6937a1759389d01b475e6b28a0d9b5d7eaa3f9cc8f59f3cd
6f04ad1f2466d59f7376b68ce897024d97cfef316b4a53111146c2f447a63059
8bdf7157c5ba065ba025584d62653d1fecf6a9515b5dae2596e75d2dad60dbc4
8fc2e938622c7684de67e779e0793a26d6198766db5b12449a918adb51e2a4cc
910fcf27e9b4abdc98a579827553e1f2a11fabcf41c769eac543192eff699999
98d337ae593eec2d62863521fd2e4270693a283fe076b5cfaadc26ea27dd0f07
9aeb052e450d117745f421bf981e3a8265c901cceecf5a6674f24e8a4dd10e14
9f4598a86a420a96418a5ab9e10a368fa49c379c2459637a219641b01536daf3
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a4e45068dd4f8d338e11f06545166436329782bd337c1cdd347a26256480a78f
a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
abb4a09cae105a39509acabb97bd6d21faff48bb0b6d490e6d6597068010ebc1
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2a2a0dbe1448acfa3815c14e9c04c63115e5b2bc5ed5e433d16a91955c092e9
b347e444c2b8cc57577c50462dd74cbe6c27fae2b8568d1a1a8aa2e3f277737e
b5f5228964e1caa5d3baa7b2007a524c6390c9f953a34abda5685c01c3f5f208
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c3752e3b9db347fa1f95dd5592bafd528bef6fe505d160680b368106c136f843
c8c6127c316b7143d2d76303081a9b66c8257202b0b62059c6ba88894ddd86f3
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cdb5ec55cbddef95e6166a9eccfbd35aa3bfbb2debc9c421a99d03b4eac44b0f
cdbebbb9785b7b16ec1bab91c846613f4c9481b740ad3d092dbd441d92637f92
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0b459b097599b025f9bb24f96f40fe5a12d591d47cf0de82564920240099fcc
d30b6114fb9496ae46b2a8cdf59379c8ffdb957534bd1dd73e626c7c61c7e67d
d30fb4f6757c9337269d016c0ae09f6656dedc97315f70bce51794ad6d266eca
d768ebdc3026df1b070a4919740db2e525fc8a5bde2c3d841cc138ccda9d4fba
d7dd05bfc68901dbb2c883a7bd65698c29b3917d61f0e12d1966dca14d5056c0
d83d819e1715a36eb8a0ec8a855fab950790c0ee7d948efa7b47dad02df378fb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea76030fb6711913e35a6157a1fb3bb7062373a004c97df128871bf3beeb80b1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f250001b4975e8e02394440d20f0861e04fc11418ae6da4385c0c6852a5165b3
fdc9964050bfa24c27a3c76c6791b3674292a5f352cbc83d7a4dc49595bc3fb1