blip.fm Open in urlscan Pro
54.163.233.121 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://blip.fm/agendatop21
Submission: On August 13 via manual (August 13th 2021, 11:32:19 pm UTC) from US

Summary HTTP 173 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 49 IPs in 6 countries across 41 domains to perform 173 HTTP transactions. The main IP is 54.163.233.121, located in United States and belongs to AMAZON-AES, US. The main domain is blip.fm.
TLS certificate: Issued by R3 on August 1st 2021. Valid for: 3 months.

This is the only time blip.fm was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
19	54.163.233.121 54.163.233.121	14618 (AMAZON-AES) (AMAZON-AES)
7	143.204.101.50 143.204.101.50	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
3	2a04:4e42:62:... 2a04:4e42:62::760	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	52.219.102.146 52.219.102.146	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
4	52.84.44.170 52.84.44.170	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:7::... 2606:4700:7::a29f:9804	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	91.228.74.133 91.228.74.133	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c04::9d	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
2	2600:9000:210... 2600:9000:2104:ba00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42:3::485 2a04:4e42:3::485	54113 (FASTLY) (FASTLY)
2	104.75.88.126 104.75.88.126	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
3	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1	2600:1901:0:5... 2600:1901:0:524d::	15169 (GOOGLE) (GOOGLE)
18	2600:1901:1:c... 2600:1901:1:c36::	15169 (GOOGLE) (GOOGLE)
1	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
5	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2004	15169 (GOOGLE) (GOOGLE)
5 16	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
3 5	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	185.33.221.52 185.33.221.52	29990 (ASN-APPNEX) (ASN-APPNEX)
2 3	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2	104.111.242.245 104.111.242.245	16625 (AKAMAI-AS) (AKAMAI-AS)
2	138.201.63.164 138.201.63.164	24940 (HETZNER-AS) (HETZNER-AS)
1	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
1 5	138.201.135.164 138.201.135.164	24940 (HETZNER-AS) (HETZNER-AS)
1 5	138.201.63.157 138.201.63.157	24940 (HETZNER-AS) (HETZNER-AS)
2 4	142.250.185.230 142.250.185.230	15169 (GOOGLE) (GOOGLE)
2	88.99.69.161 88.99.69.161	24940 (HETZNER-AS) (HETZNER-AS)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1	3.230.12.180 3.230.12.180	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
3	2a00:1450:400... 2a00:1450:4001:830::2006	15169 (GOOGLE) (GOOGLE)
2 2	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
1	2a02:fa8:8806... 2a02:fa8:8806:12::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2 2	3.124.143.99 3.124.143.99	16509 (AMAZON-02) (AMAZON-02)
1 1	185.29.135.190 185.29.135.190	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1	34.96.105.8 34.96.105.8	15169 (GOOGLE) (GOOGLE)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
2 2	213.19.147.44 213.19.147.44	3356 (LEVEL3) (LEVEL3)
173	49

19 54.163.233.121 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-163-233-121.compute-1.amazonaws.com

blip.fm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 143.204.101.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-50.fra50.r.cloudfront.net

d1uswytv6491xe.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42:62::760 (United States)

ASN54113 (FASTLY, US)

sdk.scdn.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.219.102.146 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.us-east-2.amazonaws.com

empowerlocal-plugin-js.s3.us-east-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.84.44.170 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-44-170.mrs52.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:7::a29f:9804 (United States)

ASN13335 (CLOUDFLARENET, US)

miro.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 91.228.74.133 (United Kingdom)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2104:ba00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:3::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.75.88.126 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-126.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:524d:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

apresolve.spotify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2600:1901:1:c36:: (United States)

ASN15169 (GOOGLE, US)

api.spotify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 142.250.186.162 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.18.234.21 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.221.52 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.159.8 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 138.201.63.164 (Lingenfeld, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.164.63.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 138.201.135.164 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.164.135.201.138.clients.your-server.de

hal900015.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 138.201.63.157 (Lingenfeld, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.157.63.201.138.clients.your-server.de

hal90007.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.230 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f6.1e100.net

5994599.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.99.69.161 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.161.69.99.88.clients.your-server.de

cdn.contentspread.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.230.12.180 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-230-12-180.compute-1.amazonaws.com

sync.adaptv.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:110:c305::8000 (Dublin, Ireland) 1 redirects

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.253.211 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:12::1400 (United States)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.124.143.99 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-143-99.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.135.190 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.19.147.44 (United Kingdom) 2 redirects

ASN3356 (LEVEL3, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	doubleclick.net 8 redirects stats.g.doubleclick.net googleads.g.doubleclick.net static.doubleclick.net securepubads.g.doubleclick.net cm.g.doubleclick.net 5994599.fls.doubleclick.net	237 KB
28	googlesyndication.com 36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	151 KB
19	spotify.com apresolve.spotify.com api.spotify.com	2 KB
19	blip.fm blip.fm	709 KB
12	redintelligence.net 2 redirects hal9000.redintelligence.net hal900015.redintelligence.net hal90007.redintelligence.net	21 KB
10	youtube.com www.youtube.com	695 KB
7	cloudfront.net d1uswytv6491xe.cloudfront.net	18 KB
6	google.com adservice.google.com www.google.com	2 KB
5	openx.net 4 redirects us-u.openx.net rtb.openx.net	2 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com	4 KB
4	googletagservices.com www.googletagservices.com	127 KB
4	amazon-adsystem.com c.amazon-adsystem.com	36 KB
3	2mdn.net s0.2mdn.net	611 B
3	adnxs.com 2 redirects ib.adnxs.com	3 KB
3	quantserve.com secure.quantserve.com pixel.quantserve.com	10 KB
3	gstatic.com fonts.gstatic.com www.gstatic.com	37 KB
3	google-analytics.com 1 redirects ssl.google-analytics.com www.google-analytics.com	36 KB
3	scdn.co sdk.scdn.co	164 KB
3	googleapis.com ajax.googleapis.com fonts.googleapis.com	63 KB
2	w55c.net 2 redirects pm.w55c.net	2 KB
2	contentspread.net cdn.contentspread.net	89 KB
2	teads.tv sync.teads.tv	344 B
2	google.de adservice.google.de	1 KB
2	jsdelivr.net cdn.jsdelivr.net	345 KB
2	quantcount.com rules.quantcount.com	874 B
2	amazonaws.com empowerlocal-plugin-js.s3.us-east-2.amazonaws.com	13 KB
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com	582 B
1	1rx.io 1 redirects sync.1rx.io	697 B
1	travelaudience.com 1 redirects ads.travelaudience.com	610 B
1	blismedia.com tr.blismedia.com	135 B
1	mathtag.com 1 redirects sync.mathtag.com	816 B
1	dotomi.com dclk-match.dotomi.com	104 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com	934 B
1	advertising.com sync.adaptv.advertising.com	14 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com	480 B
1	addthisedge.com v1.addthisedge.com	325 B
1	moatads.com z.moatads.com	1 KB
1	addthis.com s7.addthis.com	114 KB
1	ampproject.org cdn.ampproject.org	21 KB
1	medium.com miro.medium.com	36 KB
1	cloudflare.com cdnjs.cloudflare.com	13 KB
173	41

	Domain	Requested by
19	blip.fm	blip.fm
18	api.spotify.com	sdk.scdn.co
16	cm.g.doubleclick.net	5 redirects googleads.g.doubleclick.net 36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com
15	pagead2.googlesyndication.com	securepubads.g.doubleclick.net 36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
10	tpc.googlesyndication.com	36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com securepubads.g.doubleclick.net googleads.g.doubleclick.net tpc.googlesyndication.com
10	www.youtube.com	blip.fm www.youtube.com
7	d1uswytv6491xe.cloudfront.net	blip.fm
6	googleads.g.doubleclick.net	1 redirects www.youtube.com 36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com blip.fm
5	hal90007.redintelligence.net	1 redirects 36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com hal90007.redintelligence.net
5	hal900015.redintelligence.net	1 redirects 36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com hal900015.redintelligence.net
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
4	5994599.fls.doubleclick.net	2 redirects blip.fm
4	www.googletagservices.com	empowerlocal-plugin-js.s3.us-east-2.amazonaws.com securepubads.g.doubleclick.net 36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com
4	c.amazon-adsystem.com	empowerlocal-plugin-js.s3.us-east-2.amazonaws.com c.amazon-adsystem.com
3	s0.2mdn.net	36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com
3	us-u.openx.net	2 redirects googleads.g.doubleclick.net
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	www.google.com	36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com tpc.googlesyndication.com
3	36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	adservice.google.com	securepubads.g.doubleclick.net 5994599.fls.doubleclick.net
3	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net
3	sdk.scdn.co	blip.fm sdk.scdn.co
2	pm.w55c.net	2 redirects
2	rtb.openx.net	2 redirects
2	cdn.contentspread.net	hal900015.redintelligence.net hal90007.redintelligence.net
2	hal9000.redintelligence.net	36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com
2	sync.teads.tv	googleads.g.doubleclick.net
2	adservice.google.de	securepubads.g.doubleclick.net adservice.google.com
2	cdn.jsdelivr.net	empowerlocal-plugin-js.s3.us-east-2.amazonaws.com
2	pixel.quantserve.com	blip.fm
2	rules.quantcount.com	secure.quantserve.com
2	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
2	ssl.google-analytics.com	1 redirects blip.fm
2	empowerlocal-plugin-js.s3.us-east-2.amazonaws.com	blip.fm
2	ajax.googleapis.com	blip.fm hal900015.redintelligence.net
1	sync.targeting.unrulymedia.com	1 redirects
1	sync.1rx.io	1 redirects
1	ads.travelaudience.com	1 redirects
1	tr.blismedia.com	36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com
1	sync.mathtag.com	1 redirects
1	dclk-match.dotomi.com	36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com
1	pr-bh.ybp.yahoo.com	1 redirects
1	sync.adaptv.advertising.com	36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com
1	gcm.ctnsnet.com	1 redirects
1	v1.addthisedge.com	s7.addthis.com
1	z.moatads.com	s7.addthis.com
1	apresolve.spotify.com	sdk.scdn.co
1	www.google-analytics.com	sdk.scdn.co
1	s7.addthis.com	blip.fm
1	cdn.ampproject.org	empowerlocal-plugin-js.s3.us-east-2.amazonaws.com
1	www.gstatic.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	stats.g.doubleclick.net	blip.fm
1	secure.quantserve.com	blip.fm
1	miro.medium.com	blip.fm
1	fonts.googleapis.com	blip.fm
1	cdnjs.cloudflare.com	blip.fm
173	57

This site contains links to these domains. Also see Links.

Domain
zenwriting.net
blog.blip.fm

Subject Issuer	Validity	Valid
blip.fm R3	`2021-08-01` - `2021-10-30`	3 months	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.scdn.co DigiCert TLS RSA SHA256 2020 CA1	`2021-08-06` - `2022-09-02`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh
*.s3.us-east-2.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-01-14` - `2022-01-18`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
medium.com Cloudflare Inc ECC CA-3	`2021-07-04` - `2021-10-01`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-30` - `2022-06-01`	a year	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-27`	a year	crt.sh
*.spotify.com DigiCert TLS RSA SHA256 2020 CA1	`2021-05-03` - `2022-05-03`	a year	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
teads.tv R3	`2021-06-14` - `2021-09-12`	3 months	crt.sh
redintelligence.net R3	`2021-06-21` - `2021-09-19`	3 months	crt.sh
contentspread.net R3	`2021-08-03` - `2021-11-01`	3 months	crt.sh
*.v.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-05-24` - `2021-11-17`	6 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2019-06-19` - `2021-08-31`	2 years	crt.sh
tr.blismedia.com GTS CA 1D4	`2021-06-29` - `2021-09-27`	3 months	crt.sh

This page contains 20 frames:

Primary Page: https://blip.fm/agendatop21
Frame ID: B1F3D1A8B4DC84C0985727DD4CAAC2A2
Requests: 63 HTTP requests in this frame

Frame: https://www.youtube.com/embed/?enablejsapi=1&origin=https%3A%2F%2Fblip.fm&widgetid=1
Frame ID: 316686C9FF40E9CDA6BFCA97BFE34E9D
Requests: 12 HTTP requests in this frame

Frame: https://sdk.scdn.co/embedded/index.html
Frame ID: 82CD83371F233A0072CC85A55DC60D3E
Requests: 13 HTTP requests in this frame

Frame: https://36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 598820977D88A185F7951535B82AED06
Requests: 1 HTTP requests in this frame

Frame: https://36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B69F72B49F01DEF532E5830C653B8BBC
Requests: 13 HTTP requests in this frame

Frame: https://36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 77E7946A3F00B94FE1E364D0C0278CD8
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNXU-7NDbHcsCE0jqAqVbr9uekGgVFdGHUk2UhWDCIvuAB_siwhP9-rGEAVPgl1aPD5Q-bTvkzY5YLPFrvgRnoQSOnE05-tXJpiNaklDp0bc8zJYScFao4AsJ7gpNQGwP1LV_GfFcOr9JVy3144S1wSbp7pMxRIBDcS793q3ffSIilrWTjg
Frame ID: 1B2A97683BC96497FC7783AF86BDB0E9
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYncXFlQEwAQ&v=APEucNU8QDgYmD4768n08v2IXBdHfgzY-F8XRbFPD-yRBTdqPvZGz64OCRw_gA_KUVHc14B8ILQ2EBXRFV_Cn2LTUjlXVNEnGGlbroWMCRg3rTu0MyW-waAMEGM-2BfqHRJlF0yETqMjeulICy-9sGHUKN3wG5bTz8y0iup5IV6DeWKSJymcj1M
Frame ID: 423C31BEC7DF40FFBB530A3EB309D7DB
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 218DB73B10A8AC9BEED5666567B88BC5
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: F4031C3C62405E92DDBFEFC9361DE5A5
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: B4304C0CE0C32BFDC15DAA1F480192BF
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3113CC6508B32F8A2D31E17E3F6369BB
Requests: 1 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CLjWwZKUr_ICFfvTEQgdmC8GzQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3267547880835.5884
Frame ID: 55EDA3D15AF291A93C6285D9DE2A0F4F
Requests: 1 HTTP requests in this frame

Frame: https://hal900015.redintelligence.net/request_content.php?s=32599900006067400710632011686015&a=a62e7e71
Frame ID: 2AC94CC9897CB5EA68D262E2BB563EDF
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2FD7F3E302A36558A0A87F149EA63057
Requests: 9 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CPHnw5KUr_ICFZzhEQgdZzAP4Q;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5977367589269.185
Frame ID: 33BB978863FA1E66063D609B4D57975F
Requests: 2 HTTP requests in this frame

Frame: https://hal90007.redintelligence.net/request_content.php?s=94200600005983400710612011686007&a=24f3af48
Frame ID: 2236DB3A677D012DDDCCCC99E8904FE8
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F13FB42BED103BD4D2EB932DE60CC790
Requests: 9 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CLjWwZKUr_ICFfvTEQgdmC8GzQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3267547880835.5884;~oref=https://36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com/
Frame ID: B8E91864B436E03E65249C552C24867E
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CLjWwZKUr_ICFfvTEQgdmC8GzQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3267547880835.5884;~oref=https://36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com/
Frame ID: 4090391A12F4C447F93662C95EFD3204
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /php\/?([\d.]+)?/i

Red Hat (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Red Hat/i

OpenSSL (Web Server Extensions) Expand

Overall confidence: 100%
Detected patterns

headers server /OpenSSL(?:\/([\d.]+[a-z]?))?/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Handlebars (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

script /handlebars(?:\.runtime)?(?:-v([\d.]+?))?(?:\.min)?\.js/i

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

script /(?:\/([\d.]+))?\/vue(?:\.min)?\.js/i

AddThis (Widgets) Expand

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

173
Requests

99 %
HTTPS

54 %
IPv6

41
Domains

57
Subdomains

49
IPs

6
Countries

2938 kB
Transfer

8498 kB
Size

9
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://zenwriting.net/headsearch9/darmowe-pozycjonowanie-stron-internetowych
Title: https://zenwriting.…stron-internetowych

Search URL Search Domain Scan URL

URL: http://blog.blip.fm/faq
Title: FAQ

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1610890511&utmhn=blip.fm&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Free%20Music%20%7C%20Listen%20to%20Music%20Online%20%7C%20agendatop21%20-%20Blip.fm&utmhid=477222114&utmr=-&utmp=%2Fagendatop21&utmht=1628897522244&utmac=UA-1449388-5&utmcc=__utma%3D171230451.520580097.1628897522.1628897522.1628897522.1%3B%2B__utmz%3D171230451.1628897522.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=2075262196&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-1449388-5&cid=520580097.1628897522&jid=2075262196&_v=5.7.2&z=1610890511

Request Chain 49

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 99

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM_Yzq8_NDscMBeVBTRW_lc&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM_Yzq8_NDscMBeVBTRW_lc&google_cver=1&C=1

Request Chain 100

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YRcA9Jrg9A3sk3-Rh0Fm4gAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM_Yzq8_NDscMBeVBTRW_lc&google_cver=1

Request Chain 101

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESECM_ezFuODUjoBLX7miKbmk&google_cver=1

Request Chain 102

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTkyOTkyNjA1MTQwODA2NDA5Mg%3D%3D

Request Chain 103

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOmIOPf1TIydFZ0T1UEca6g&google_cver=1

Request Chain 104

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZmJkZjJhYTgtNmI4MS0yNWYwLWNhYzUtMzQ4MTZiMjBlOGI3

Request Chain 105

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESENbsch5YlK8y7DdxRTu_4Ss&google_cver=1

Request Chain 118

https://hal900015.redintelligence.net/request.php?zone=zy291edt4ui9&nw=20&renderingType=javascript&namespace=b4b808dac5&subid=&uid=82eb8c498987d8f0&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbajZ8wAXYaGFHdb63gPbuLngBLXN-YNXnNC5q-UM8C4QASC1y4pGYJX68IGMB8gBCakC0UZT2s7Lsz6oAwGqBLgBT9A3QXtQLKUzzYM2S6ikZghjykldOl7DTflKjWB6raQWBBmcFjCNrH7PGrSHeJk4h8p0NIMRV801zsmh2bGu2s2DbK_nGFItDyQbXsMi5XyDFEMbM6VnTFGiVvvj3-GNiglhFexlLR89jWh9TY6rMmUvDYitwBDgaO1GdEwsuPsCw_tzHnU1q5totlYBXj91ZN6ORAFJddRiVKVCYIRqsMzbLNWiFJktuLUJWnKhEIDL2NKJzFubjMAEqp38vs8B4AQDkAYBoAZNgAfr5-heqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgbqAeqm7EC2AcA0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi04MTA1MTk1ODAzOTE0MDY5gAoDmAsByAsBgAwBsBPCmtoK0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoP9pGYbOTJutkiQ9GcKaHSw%26sig%3DAOD64_2G9BtVDZQg2WBo1ZpwOX_qiivGMw%26client%3Dca-pub-6949480713202456%26dbm_c%3DAKAmf-D_kWD2Bmljktrw3YDHx69L4lcTXGAkt_PnOxOQe9UF1Y20R4WtTWBP3_Q1xBUFIJQUaDOPwkXrvVuLVB9dWVIVWCcYfSfqZruK1x6O4L3yzRCa6DPX_x8nXVikbbxqKwWksZU4KFNb89bSMxQotX0fTvZsrA%26cry%3D1%26dbm_d%3DAKAmf-BlYljNFmnP5tVRtmdTIfHhFIQDZ_WafUsVkqywGK29XZKxRRYtdwpYVfwN9XM1KvBW2JKVu68NrybRuC0wWkeXo-_jBCliD8GZMe8JoHg5OIqGhB2gnQ3tQTOvMRikm_IKZfHhiTT50ZLTCyQ_8nEcKU5LJmJrb--3nr1JeM9KuXtU2w0ZXcVpQip7v5hXL7MNRlO4wBql4RBJfgLyh6a9pmLN7RazMUlyFulEmoQPWLgXw7mVTOXe-6Cw4b-PFJExoEO7_rPkqfRtbPG6oggCxMzfO8mh09G5uZSs5RB7kHZDhOroF7iwl03_RvAW1M4MpPBQBVkMI6t5ClQWjagsb_GuBHFunUaBuNVwrjMrRb044T8ugRO8nJAWbtq6jnuLVRC_bQqx8QWikkFdzvkWhmoajdzwuyIpHW8oQgeGZcm3_jW-7zRx8pHULXibWcxp1_i0%26adurl%3D&documentReferer=https%3A%2F%2Fblip.fm%2F&ancestorOrigins=https%3A%2F%2Fblip.fm&random=9274376717977&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900015.redintelligence.net/request.php?zone=zy291edt4ui9&nw=20&renderingType=javascript&namespace=b4b808dac5&subid=&uid=82eb8c498987d8f0&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbajZ8wAXYaGFHdb63gPbuLngBLXN-YNXnNC5q-UM8C4QASC1y4pGYJX68IGMB8gBCakC0UZT2s7Lsz6oAwGqBLgBT9A3QXtQLKUzzYM2S6ikZghjykldOl7DTflKjWB6raQWBBmcFjCNrH7PGrSHeJk4h8p0NIMRV801zsmh2bGu2s2DbK_nGFItDyQbXsMi5XyDFEMbM6VnTFGiVvvj3-GNiglhFexlLR89jWh9TY6rMmUvDYitwBDgaO1GdEwsuPsCw_tzHnU1q5totlYBXj91ZN6ORAFJddRiVKVCYIRqsMzbLNWiFJktuLUJWnKhEIDL2NKJzFubjMAEqp38vs8B4AQDkAYBoAZNgAfr5-heqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgbqAeqm7EC2AcA0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi04MTA1MTk1ODAzOTE0MDY5gAoDmAsByAsBgAwBsBPCmtoK0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoP9pGYbOTJutkiQ9GcKaHSw%26sig%3DAOD64_2G9BtVDZQg2WBo1ZpwOX_qiivGMw%26client%3Dca-pub-6949480713202456%26dbm_c%3DAKAmf-D_kWD2Bmljktrw3YDHx69L4lcTXGAkt_PnOxOQe9UF1Y20R4WtTWBP3_Q1xBUFIJQUaDOPwkXrvVuLVB9dWVIVWCcYfSfqZruK1x6O4L3yzRCa6DPX_x8nXVikbbxqKwWksZU4KFNb89bSMxQotX0fTvZsrA%26cry%3D1%26dbm_d%3DAKAmf-BlYljNFmnP5tVRtmdTIfHhFIQDZ_WafUsVkqywGK29XZKxRRYtdwpYVfwN9XM1KvBW2JKVu68NrybRuC0wWkeXo-_jBCliD8GZMe8JoHg5OIqGhB2gnQ3tQTOvMRikm_IKZfHhiTT50ZLTCyQ_8nEcKU5LJmJrb--3nr1JeM9KuXtU2w0ZXcVpQip7v5hXL7MNRlO4wBql4RBJfgLyh6a9pmLN7RazMUlyFulEmoQPWLgXw7mVTOXe-6Cw4b-PFJExoEO7_rPkqfRtbPG6oggCxMzfO8mh09G5uZSs5RB7kHZDhOroF7iwl03_RvAW1M4MpPBQBVkMI6t5ClQWjagsb_GuBHFunUaBuNVwrjMrRb044T8ugRO8nJAWbtq6jnuLVRC_bQqx8QWikkFdzvkWhmoajdzwuyIpHW8oQgeGZcm3_jW-7zRx8pHULXibWcxp1_i0%26adurl%3D&documentReferer=https%3A%2F%2Fblip.fm%2F&ancestorOrigins=https%3A%2F%2Fblip.fm&random=9274376717977&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 119

https://hal90007.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=fb15f6f1d1&subid=&uid=5721e45b80def6ff&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCNweP8wAXYaKFHdb63gPbuLngBLXN-YNX_Ni5q-UM8C4QASC1y4pGYJX68IGMB8gBCakC0UZT2s7Lsz6oAwGqBLgBT9BW7_YbFnCKa3-oJKFGtuiS_zRrh06wTqzfl6gBEBEqF7QAKE4QAxcrJDP-f_Kc2jOEvls6tojC_4_xv7NH64hPFmrHD8bOnZxjLjI-i3tArBCmd8PehZMmgy0IlaLjtx0DVWv6ji-zHMNrkdCF84D7XVlO1BEcrjVen8DRp94G69-tiM0Ote1O2Ry0alahVjvMeS-zqpkNL-OrBoU3kT_e2AfaA2sFKpJjU6RGd5-QHeQNMregIcAEqp38vs8B4AQDkAYBoAZNgAfr5-heqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgbqAeqm7EC2AcA0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi04MTA1MTk1ODAzOTE0MDY5gAoDmAsByAsBgAwBsBPCmtoK0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRo6u1-qPkHeAfLvG6KE8cUIA%26sig%3DAOD64_0QXMIt8dhPb1Y1l15t9kYyyqNDnw%26client%3Dca-pub-6949480713202456%26dbm_c%3DAKAmf-DBhByZTPEnLQNci2TTOLDzZqVCpsPF_5YenNk3jrLVzotwc_69-9zsIq2kSZck2StqGF7ih-y9c0Ugg9qldCRQLLbzkdT-va4wdKKn66i-dIiK9Lyb5DYR7lhW1UHXtM8nt26php5wzYa4NH2NniHM0G9Q4Q%26cry%3D1%26dbm_d%3DAKAmf-AZinrW4OoQ3H0RCNx-IpazOzGp5wg03mKL8emn_n58l4mXbkxf4Ip_bYALKUpgASphGcIdGkkT3UDayU3xXRlVpyRX1zj_t1H2z_RWVCABxjxwhefgvC0xTEHaDk4ZPHUD-FARfzOluvIGNDOefe7JKv_zhnRn3f0eXyv4CYCQuFdvBejWdJgfDlQDv1dAk1_N4IwqfpEH1CMjYgVAp2v-yfv9IRjOH8-5qsVUiV73KTFl8xjdSX5GXXm-G7YXaCRmfsCtlkBCBT7EAQLREoh3erhygKvj4NTfWY8HIBWOnL_ChDtkOBfl5n20KigBzXTDWQFvncy7RQ_pG2LZ12dTOR0kyomnXZ2TPV-KlkNArrSapbDn7tQ0-l849t6ghUjRhOrNLl7lGua9Tt9irEo8VGne99QoUqgAcZ-GNt6ZIkBcYqk1CX2fFcphuiVjlnOW1kDR%26adurl%3D&documentReferer=https%3A%2F%2Fblip.fm%2F&ancestorOrigins=https%3A%2F%2Fblip.fm&random=2034427194471&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal90007.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=fb15f6f1d1&subid=&uid=5721e45b80def6ff&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCNweP8wAXYaKFHdb63gPbuLngBLXN-YNX_Ni5q-UM8C4QASC1y4pGYJX68IGMB8gBCakC0UZT2s7Lsz6oAwGqBLgBT9BW7_YbFnCKa3-oJKFGtuiS_zRrh06wTqzfl6gBEBEqF7QAKE4QAxcrJDP-f_Kc2jOEvls6tojC_4_xv7NH64hPFmrHD8bOnZxjLjI-i3tArBCmd8PehZMmgy0IlaLjtx0DVWv6ji-zHMNrkdCF84D7XVlO1BEcrjVen8DRp94G69-tiM0Ote1O2Ry0alahVjvMeS-zqpkNL-OrBoU3kT_e2AfaA2sFKpJjU6RGd5-QHeQNMregIcAEqp38vs8B4AQDkAYBoAZNgAfr5-heqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgbqAeqm7EC2AcA0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi04MTA1MTk1ODAzOTE0MDY5gAoDmAsByAsBgAwBsBPCmtoK0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRo6u1-qPkHeAfLvG6KE8cUIA%26sig%3DAOD64_0QXMIt8dhPb1Y1l15t9kYyyqNDnw%26client%3Dca-pub-6949480713202456%26dbm_c%3DAKAmf-DBhByZTPEnLQNci2TTOLDzZqVCpsPF_5YenNk3jrLVzotwc_69-9zsIq2kSZck2StqGF7ih-y9c0Ugg9qldCRQLLbzkdT-va4wdKKn66i-dIiK9Lyb5DYR7lhW1UHXtM8nt26php5wzYa4NH2NniHM0G9Q4Q%26cry%3D1%26dbm_d%3DAKAmf-AZinrW4OoQ3H0RCNx-IpazOzGp5wg03mKL8emn_n58l4mXbkxf4Ip_bYALKUpgASphGcIdGkkT3UDayU3xXRlVpyRX1zj_t1H2z_RWVCABxjxwhefgvC0xTEHaDk4ZPHUD-FARfzOluvIGNDOefe7JKv_zhnRn3f0eXyv4CYCQuFdvBejWdJgfDlQDv1dAk1_N4IwqfpEH1CMjYgVAp2v-yfv9IRjOH8-5qsVUiV73KTFl8xjdSX5GXXm-G7YXaCRmfsCtlkBCBT7EAQLREoh3erhygKvj4NTfWY8HIBWOnL_ChDtkOBfl5n20KigBzXTDWQFvncy7RQ_pG2LZ12dTOR0kyomnXZ2TPV-KlkNArrSapbDn7tQ0-l849t6ghUjRhOrNLl7lGua9Tt9irEo8VGne99QoUqgAcZ-GNt6ZIkBcYqk1CX2fFcphuiVjlnOW1kDR%26adurl%3D&documentReferer=https%3A%2F%2Fblip.fm%2F&ancestorOrigins=https%3A%2F%2Fblip.fm&random=2034427194471&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 122

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3267547880835.5884 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CLjWwZKUr_ICFfvTEQgdmC8GzQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3267547880835.5884

Request Chain 126

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5977367589269.185 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CPHnw5KUr_ICFZzhEQgdZzAP4Q;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5977367589269.185

Request Chain 133

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESENOWnmoaQlLHKBgMQVpSHx8&google_cver=1&google_push=AYg5qPLp5uEp20w5gbYkbSKq90rAUVu4Wj9mG3KBUvZ7c9NChGoriG1MxghFbPzxWWBGbXHvzsHh4NpE8s2tUmN5ORFJ3W0O6OPS HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPLp5uEp20w5gbYkbSKq90rAUVu4Wj9mG3KBUvZ7c9NChGoriG1MxghFbPzxWWBGbXHvzsHh4NpE8s2tUmN5ORFJ3W0O6OPS&google_hm=WDQsMe4jQkirSw6G53xr59M

Request Chain 135

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEL_Bzqz-6MN9l-YH9wxsP4k&google_cver=1&google_push=AYg5qPJPuQYDyHGsOxEgndFcwFR2Zt5dbks13hr_IVgH21dMWdc-Ezlt9y8Jv-oCl1WqezeCoN5Ifv77j7PrvdPLIWCzgA0m2lBY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJPuQYDyHGsOxEgndFcwFR2Zt5dbks13hr_IVgH21dMWdc-Ezlt9y8Jv-oCl1WqezeCoN5Ifv77j7PrvdPLIWCzgA0m2lBY&google_hm=NDU5MDkxNTQ0NDk3MzE1MjU4NA%3D%3D

Request Chain 137

https://rtb.openx.net/sync/dds?google_gid=CAESEKqEO3aSkd5ffkdQo64OVHY&google_cver=1&google_push=AYg5qPK0B5O_ViQyO6Q5-4GqZgQWSSsk8NQZKxYUk9iEHSCuD2ZhwnbQxEvTfGQzAtv_LUc19qj-Gofg2O6_xCUmypOQpQ537C8z HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEKqEO3aSkd5ffkdQo64OVHY&google_cver=1&google_push=AYg5qPK0B5O_ViQyO6Q5-4GqZgQWSSsk8NQZKxYUk9iEHSCuD2ZhwnbQxEvTfGQzAtv_LUc19qj-Gofg2O6_xCUmypOQpQ537C8z&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPK0B5O_ViQyO6Q5-4GqZgQWSSsk8NQZKxYUk9iEHSCuD2ZhwnbQxEvTfGQzAtv_LUc19qj-Gofg2O6_xCUmypOQpQ537C8z&google_hm=nDz2_5jkwIkLvkCXiYqTMQ==

Request Chain 138

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEEtDoo59NKo6ZVM5_jtTvTc&google_cver=1&google_push=AYg5qPJlevANhZYxLS-SGretWnyW_g5XhiEmYdcwu2TEOMwUiQgKu1POoS3iuSUjfK2IeepTv-RjW7aILwwwjwYv2ZRmXSW4iBt9 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEEtDoo59NKo6ZVM5_jtTvTc&google_push=AYg5qPJlevANhZYxLS-SGretWnyW_g5XhiEmYdcwu2TEOMwUiQgKu1POoS3iuSUjfK2IeepTv-RjW7aILwwwjwYv2ZRmXSW4iBt9&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRcA9On40a7pQCSSnGgsjwAABG8AAAIB&google_push=AYg5qPJlevANhZYxLS-SGretWnyW_g5XhiEmYdcwu2TEOMwUiQgKu1POoS3iuSUjfK2IeepTv-RjW7aILwwwjwYv2ZRmXSW4iBt9&google_gid=CAESEEtDoo59NKo6ZVM5_jtTvTc&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRcA9On40a7pQCSSnGgsjwAABG8AAAIB&google_push=AYg5qPJlevANhZYxLS-SGretWnyW_g5XhiEmYdcwu2TEOMwUiQgKu1POoS3iuSUjfK2IeepTv-RjW7aILwwwjwYv2ZRmXSW4iBt9&google_gid=CAESEEtDoo59NKo6ZVM5_jtTvTc&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRcA9On40a7pQCSSnGgsjwAABG8AAAIB&google_push=AYg5qPJlevANhZYxLS-SGretWnyW_g5XhiEmYdcwu2TEOMwUiQgKu1POoS3iuSUjfK2IeepTv-RjW7aILwwwjwYv2ZRmXSW4iBt9&google_gid=CAESEEtDoo59NKo6ZVM5_jtTvTc&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRcA9On40a7pQCSSnGgsjwAABG8AAAIB&google_push=AYg5qPJlevANhZYxLS-SGretWnyW_g5XhiEmYdcwu2TEOMwUiQgKu1POoS3iuSUjfK2IeepTv-RjW7aILwwwjwYv2ZRmXSW4iBt9&google_gid=CAESEEtDoo59NKo6ZVM5_jtTvTc&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRcA9On40a7pQCSSnGgsjwAABG8AAAIB&google_push=AYg5qPJlevANhZYxLS-SGretWnyW_g5XhiEmYdcwu2TEOMwUiQgKu1POoS3iuSUjfK2IeepTv-RjW7aILwwwjwYv2ZRmXSW4iBt9&google_gid=CAESEEtDoo59NKo6ZVM5_jtTvTc&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRcA9On40a7pQCSSnGgsjwAABG8AAAIB&google_push=AYg5qPJlevANhZYxLS-SGretWnyW_g5XhiEmYdcwu2TEOMwUiQgKu1POoS3iuSUjfK2IeepTv-RjW7aILwwwjwYv2ZRmXSW4iBt9&google_gid=CAESEEtDoo59NKo6ZVM5_jtTvTc&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRcA9On40a7pQCSSnGgsjwAABG8AAAIB&google_push=AYg5qPJlevANhZYxLS-SGretWnyW_g5XhiEmYdcwu2TEOMwUiQgKu1POoS3iuSUjfK2IeepTv-RjW7aILwwwjwYv2ZRmXSW4iBt9&google_gid=CAESEEtDoo59NKo6ZVM5_jtTvTc&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRcA9On40a7pQCSSnGgsjwAABG8AAAIB&google_push=AYg5qPJlevANhZYxLS-SGretWnyW_g5XhiEmYdcwu2TEOMwUiQgKu1POoS3iuSUjfK2IeepTv-RjW7aILwwwjwYv2ZRmXSW4iBt9&google_gid=CAESEEtDoo59NKo6ZVM5_jtTvTc&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRcA9On40a7pQCSSnGgsjwAABG8AAAIB&google_push=AYg5qPJlevANhZYxLS-SGretWnyW_g5XhiEmYdcwu2TEOMwUiQgKu1POoS3iuSUjfK2IeepTv-RjW7aILwwwjwYv2ZRmXSW4iBt9&google_gid=CAESEEtDoo59NKo6ZVM5_jtTvTc&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRcA9On40a7pQCSSnGgsjwAABG8AAAIB&google_push=AYg5qPJlevANhZYxLS-SGretWnyW_g5XhiEmYdcwu2TEOMwUiQgKu1POoS3iuSUjfK2IeepTv-RjW7aILwwwjwYv2ZRmXSW4iBt9&google_gid=CAESEEtDoo59NKo6ZVM5_jtTvTc&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRcA9On40a7pQCSSnGgsjwAABG8AAAIB&google_push=AYg5qPJlevANhZYxLS-SGretWnyW_g5XhiEmYdcwu2TEOMwUiQgKu1POoS3iuSUjfK2IeepTv-RjW7aILwwwjwYv2ZRmXSW4iBt9&google_gid=CAESEEtDoo59NKo6ZVM5_jtTvTc&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRcA9On40a7pQCSSnGgsjwAABG8AAAIB&google_push=AYg5qPJlevANhZYxLS-SGretWnyW_g5XhiEmYdcwu2TEOMwUiQgKu1POoS3iuSUjfK2IeepTv-RjW7aILwwwjwYv2ZRmXSW4iBt9&google_gid=CAESEEtDoo59NKo6ZVM5_jtTvTc&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRcA9On40a7pQCSSnGgsjwAABG8AAAIB&google_push=AYg5qPJlevANhZYxLS-SGretWnyW_g5XhiEmYdcwu2TEOMwUiQgKu1POoS3iuSUjfK2IeepTv-RjW7aILwwwjwYv2ZRmXSW4iBt9&google_gid=CAESEEtDoo59NKo6ZVM5_jtTvTc&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRcA9On40a7pQCSSnGgsjwAABG8AAAIB&google_push=AYg5qPJlevANhZYxLS-SGretWnyW_g5XhiEmYdcwu2TEOMwUiQgKu1POoS3iuSUjfK2IeepTv-RjW7aILwwwjwYv2ZRmXSW4iBt9&google_gid=CAESEEtDoo59NKo6ZVM5_jtTvTc&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRcA9On40a7pQCSSnGgsjwAABG8AAAIB&google_push=AYg5qPJlevANhZYxLS-SGretWnyW_g5XhiEmYdcwu2TEOMwUiQgKu1POoS3iuSUjfK2IeepTv-RjW7aILwwwjwYv2ZRmXSW4iBt9&google_gid=CAESEEtDoo59NKo6ZVM5_jtTvTc&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRcA9On40a7pQCSSnGgsjwAABG8AAAIB&google_push=AYg5qPJlevANhZYxLS-SGretWnyW_g5XhiEmYdcwu2TEOMwUiQgKu1POoS3iuSUjfK2IeepTv-RjW7aILwwwjwYv2ZRmXSW4iBt9&google_gid=CAESEEtDoo59NKo6ZVM5_jtTvTc&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRcA9On40a7pQCSSnGgsjwAABG8AAAIB&google_push=AYg5qPJlevANhZYxLS-SGretWnyW_g5XhiEmYdcwu2TEOMwUiQgKu1POoS3iuSUjfK2IeepTv-RjW7aILwwwjwYv2ZRmXSW4iBt9&google_gid=CAESEEtDoo59NKo6ZVM5_jtTvTc&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRcA9On40a7pQCSSnGgsjwAABG8AAAIB&google_push=AYg5qPJlevANhZYxLS-SGretWnyW_g5XhiEmYdcwu2TEOMwUiQgKu1POoS3iuSUjfK2IeepTv-RjW7aILwwwjwYv2ZRmXSW4iBt9&google_gid=CAESEEtDoo59NKo6ZVM5_jtTvTc&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRcA9On40a7pQCSSnGgsjwAABG8AAAIB&google_push=AYg5qPJlevANhZYxLS-SGretWnyW_g5XhiEmYdcwu2TEOMwUiQgKu1POoS3iuSUjfK2IeepTv-RjW7aILwwwjwYv2ZRmXSW4iBt9&google_gid=CAESEEtDoo59NKo6ZVM5_jtTvTc&google_cver=1

Request Chain 142

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHy3Ps12Dt5QnXnGilUZWqM&google_cver=1&google_push=AYg5qPJIxW53lyM9qISPILwrmyvUBB8_J3hJuBn5lU2HqWNgCAY31wX5lfSY2WgXOzB_1ilnVgwn63BswKX7tybYjvpHESSSTbuF HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHy3Ps12Dt5QnXnGilUZWqM&google_cver=1&google_push=AYg5qPJIxW53lyM9qISPILwrmyvUBB8_J3hJuBn5lU2HqWNgCAY31wX5lfSY2WgXOzB_1ilnVgwn63BswKX7tybYjvpHESSSTbuF HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=N1RKZEE0SjIxTWVHRUk1&google_gid=CAESEHy3Ps12Dt5QnXnGilUZWqM&google_cver=1&google_push=AYg5qPJIxW53lyM9qISPILwrmyvUBB8_J3hJuBn5lU2HqWNgCAY31wX5lfSY2WgXOzB_1ilnVgwn63BswKX7tybYjvpHESSSTbuF

Request Chain 143

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEAzSYjWyb3mfIrxTU80w4ac&google_cver=1&google_push=AYg5qPIS-nBU4x4BR1zYJy1L1UxVx2YHZ5j1XmEFlN8G3S5hMGeDT2VzhR22V5_4Rqm0MQmmQOh36P1HqTFy_WCDlNvZ90s0KVE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPIS-nBU4x4BR1zYJy1L1UxVx2YHZ5j1XmEFlN8G3S5hMGeDT2VzhR22V5_4Rqm0MQmmQOh36P1HqTFy_WCDlNvZ90s0KVE

Request Chain 145

https://ads.travelaudience.com/google_pixel?google_gid=CAESEAvLobvoofhDIBRFt39VEsA&google_cver=1&google_push=AYg5qPKpHX7v8tux4ObO3v0MjUhicAUdhpu7uaJTZIAeMmFWhnM1UTTW0JPgrUjxs3GUuXv7Hd6TlhVZfNb2jxNlyF0E-maFLog HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=_p65fvKUT_eFc7k6wTekIQ2&google_push=AYg5qPKpHX7v8tux4ObO3v0MjUhicAUdhpu7uaJTZIAeMmFWhnM1UTTW0JPgrUjxs3GUuXv7Hd6TlhVZfNb2jxNlyF0E-maFLog

Request Chain 146

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEDqO5pIhXErCDwFSChfk_c4&google_cver=1&google_push=AYg5qPJUErRV5fv_D3S0HjpCHsJptDMcEXop-XRe0XUUEhTTUlMHJZte4KBGI4WCA8jhNlvk2nw4mNA3DtYOyPxlJYodwcBCYiad HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-3db87d10-dffd-4405-bea9-2631ced3a891-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPJUErRV5fv_D3S0HjpCHsJptDMcEXop-XRe0XUUEhTTUlMHJZte4KBGI4WCA8jhNlvk2nw4mNA3DtYOyPxlJYodwcBCYiad%26google_hm%3DAz24fRDf_UQFvqkmMc7TqJE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPJUErRV5fv_D3S0HjpCHsJptDMcEXop-XRe0XUUEhTTUlMHJZte4KBGI4WCA8jhNlvk2nw4mNA3DtYOyPxlJYodwcBCYiad&google_hm=Az24fRDf_UQFvqkmMc7TqJE

173 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request agendatop21 Show response
blip.fm/ 25 KB
7 KB 11018ms
5741ms Document
text/html 54.163.233.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://blip.fm/agendatop21
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.163.233.121 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-163-233-121.compute-1.amazonaws.com
Software: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/7.0.19 / PHP/7.0.19
Resource Hash: a23389e429dd06fef35779a55445e4a89dca384b6805d2b26fb2e50c1228f4a9

Request headers

Host: blip.fm
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 23:30:49 GMT
Server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/7.0.19
X-Powered-By: PHP/7.0.19
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK base.css
blip.fm/_/css/ 79 KB
17 KB 6272ms
1466ms Stylesheet
text/css 54.163.233.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://blip.fm/_/css/base.css
Requested by: Host: blip.fm
URL: https://blip.fm/agendatop21
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.163.233.121 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-163-233-121.compute-1.amazonaws.com
Software: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/7.0.19 /
Resource Hash: a74acb7a696191bfe5e2819a4bac32c071a0302e63413044e4f6b4e396d5e6d5

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: blip.fm
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://blip.fm/agendatop21
Connection: keep-alive
Referer: https://blip.fm/agendatop21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 23:31:00 GMT
Content-Encoding: gzip
Last-Modified: Sun, 27 Jun 2021 15:31:03 GMT
Server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/7.0.19
ETag: "13d7f-5c5c10f809bc0-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 17047

GET
H/1.1 200
OK newdesign.css
blip.fm/_/css/ 25 KB
5 KB 5023ms
105ms Stylesheet
text/css 54.163.233.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://blip.fm/_/css/newdesign.css
Requested by: Host: blip.fm
URL: https://blip.fm/agendatop21
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.163.233.121 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-163-233-121.compute-1.amazonaws.com
Software: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/7.0.19 /
Resource Hash: ad6c03b014c238c864d168340a81b0249fb963c060c336b5a85868da5efd6a3f

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: blip.fm
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://blip.fm/agendatop21
Connection: keep-alive
Referer: https://blip.fm/agendatop21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 23:31:00 GMT
Content-Encoding: gzip
Last-Modified: Sun, 27 Jun 2021 15:30:13 GMT
Server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/7.0.19
ETag: "65d4-5c5c10c85ab40-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 4922

GET
H/1.1 200
OK profile.26.css.cgz
d1uswytv6491xe.cloudfront.net/css/ 3 KB
2 KB 57ms
15ms Stylesheet
text/css 143.204.101.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1uswytv6491xe.cloudfront.net/css/profile.26.css.cgz
Requested by: Host: blip.fm
URL: https://blip.fm/agendatop21
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-50.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ae6e79fcd093e4a8968d1ebc25b12f74f12503794384e0de7598761261c01f70

Request headers

Referer: https://blip.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 13 Feb 2021 02:48:49 GMT
Content-Encoding: gzip
Age: 15712987
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 974
Last-Modified: Thu, 04 Apr 2019 15:07:15 GMT
Server: AmazonS3
ETag: "cafbaa2c66e5af33d2a50ac7c913fc60"
Content-Type: text/css
Via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
Cache-Control: max-age=315360000
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
X-Amz-Cf-Id: _pRx38fohXHauatmVqJZHbI79hUDv3GLE9t8WrdJTDvoN7wAyOYh_A==
Expires: Thu, 04 Apr 2024 15:07:14 GMT

GET
H/1.1 200
OK spotify.css
blip.fm/_/css/ 2 KB
1 KB 5129ms
106ms Stylesheet
text/css 54.163.233.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://blip.fm/_/css/spotify.css
Requested by: Host: blip.fm
URL: https://blip.fm/agendatop21
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.163.233.121 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-163-233-121.compute-1.amazonaws.com
Software: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/7.0.19 /
Resource Hash: d770749019637859894001e3ce01057cc47b89c89f5afe98f1c6d0aaf9a4648d

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: blip.fm
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://blip.fm/agendatop21
Connection: keep-alive
Referer: https://blip.fm/agendatop21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 23:31:00 GMT
Content-Encoding: gzip
Last-Modified: Mon, 19 Aug 2019 17:42:43 GMT
Server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/7.0.19
ETag: "776-5907bddf8cac0-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 665

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ 86 KB
30 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js

Requested by

Host: blip.fm
URL: https://blip.fm/agendatop21

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blip.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 22:33:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3523
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30774
x-xss-protection: 0
last-modified: Mon, 13 May 2019 14:37:17 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Aug 2022 22:33:12 GMT

GET
H/1.1 200
OK spotify-player.js Show response
sdk.scdn.co/ 27 KB
8 KB 30ms
6ms Script
application/javascript 2a04:4e42:62::760
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.scdn.co/spotify-player.js
Requested by: Host: blip.fm
URL: https://blip.fm/agendatop21
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:62::760 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 506acc31c96d7717fb734d9af0d16f6bccc7f93444b6b4485a66b90ca906a80b

Request headers

Referer: https://blip.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 23:31:55 GMT
Content-Encoding: gzip
Last-Modified: Wed, 11 Aug 2021 09:11:43 GMT
Age: 224387
ETag: "97f9dd6fdff11175a4d8244f72c6fa85"
X-Served-By: cache-ord1737-ORD, cache-hhn11527-HHN
X-Cache: HIT, HIT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8045
X-Cache-Hits: 10, 514

GET
H/1.1 200
OK jquery.cookie.js Show response
blip.fm/_/js/ 3 KB
3 KB 5246ms
116ms Script
application/javascript 54.163.233.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://blip.fm/_/js/jquery.cookie.js
Requested by: Host: blip.fm
URL: https://blip.fm/agendatop21
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.163.233.121 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-163-233-121.compute-1.amazonaws.com
Software: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/7.0.19 /
Resource Hash: b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: blip.fm
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://blip.fm/agendatop21
Connection: keep-alive
Referer: https://blip.fm/agendatop21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 23:31:00 GMT
Last-Modified: Mon, 06 Jan 2020 14:00:06 GMT
Server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/7.0.19
ETag: "c31-59b79139da580"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 3121

GET
H2 200 handlebars.min.js Show response
cdnjs.cloudflare.com/ajax/libs/handlebars.js/2.0.0-alpha.1/ 47 KB
13 KB 14ms
13ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/handlebars.js/2.0.0-alpha.1/handlebars.min.js

Requested by

Host: blip.fm
URL: https://blip.fm/agendatop21

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

82e2d5fd2ae7a2dfb049133d30a1c14aa65ddacffd138a73921f2994766c3324

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://blip.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 23:31:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7955494
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 12647
cf-request-id: 0a09457abe00002c224a91b000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:26 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e72-ba0e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CmAxxA9KiydqhlbtDILQ9nABM1t5dJoN5fuT%2FBajv%2FS4k1eb7xeUoYPjDb6Hf%2FAralXiFEXaPLmKe1%2FesxDutzZvPkQwQkD5yDzNLB0scIknCTeJCBuA1xkoKdMteVk4nWA5%2F2dazJ8EVBnnfRcoMXSr"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 67e5bd61ef614dfa-FRA
expires: Wed, 03 Aug 2022 23:31:55 GMT

GET
H/1.1 200
OK napster.min.js Show response
blip.fm/_/js/ 14 KB
15 KB 5352ms
106ms Script
application/javascript 54.163.233.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://blip.fm/_/js/napster.min.js
Requested by: Host: blip.fm
URL: https://blip.fm/agendatop21
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.163.233.121 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-163-233-121.compute-1.amazonaws.com
Software: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/7.0.19 /
Resource Hash: ff7bf0e46bc638dc36c28fd98b218a1983bc2badd30cbed318de10c270f66ec1

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: blip.fm
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://blip.fm/agendatop21
Connection: keep-alive
Referer: https://blip.fm/agendatop21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 23:31:00 GMT
Last-Modified: Mon, 06 Jan 2020 14:00:07 GMT
Server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/7.0.19
ETag: "38da-59b7913ace7c0"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 14554

GET
H/1.1 200
OK spotify-api.js Show response
blip.fm/_/js/ 6 KB
6 KB 5469ms
100ms Script
application/javascript 54.163.233.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://blip.fm/_/js/spotify-api.js
Requested by: Host: blip.fm
URL: https://blip.fm/agendatop21
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.163.233.121 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-163-233-121.compute-1.amazonaws.com
Software: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/7.0.19 /
Resource Hash: 3c8e32e9a68235f5bf06d4bd78dbde6139b26e709b1393c9af93a15be38879d2

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: blip.fm
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://blip.fm/agendatop21
Connection: keep-alive
Referer: https://blip.fm/agendatop21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 23:31:01 GMT
Last-Modified: Tue, 13 Jul 2021 12:07:32 GMT
Server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/7.0.19
ETag: "186b-5c70015218900"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 6251

GET
H/1.1 200
OK napster-api.js Show response
blip.fm/_/js/ 3 KB
3 KB 5564ms
112ms Script
application/javascript 54.163.233.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://blip.fm/_/js/napster-api.js
Requested by: Host: blip.fm
URL: https://blip.fm/agendatop21
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.163.233.121 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-163-233-121.compute-1.amazonaws.com
Software: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/7.0.19 /
Resource Hash: 5345a3bf0a85143d337b572e4cea04e8705eb606e47611d54a7c1e1f6242308a

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: blip.fm
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://blip.fm/agendatop21
Connection: keep-alive
Referer: https://blip.fm/agendatop21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 23:31:01 GMT
Last-Modified: Thu, 09 Jan 2020 09:23:24 GMT
Server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/7.0.19
ETag: "c8f-59bb18f955b00"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 3215

GET
H/1.1 200
OK header.js Show response
empowerlocal-plugin-js.s3.us-east-2.amazonaws.com/ 8 KB
9 KB 463ms
129ms Script
application/javascript 52.219.102.146
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://empowerlocal-plugin-js.s3.us-east-2.amazonaws.com/header.js
Requested by: Host: blip.fm
URL: https://blip.fm/agendatop21
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.102.146 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.us-east-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: e4a54349dc54879fad8d1567c0dbaad10d67553f8d1c190f3939e46b434c6e9a

Request headers

Referer: https://blip.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 23:31:57 GMT
Last-Modified: Wed, 10 Mar 2021 19:39:58 GMT
Server: AmazonS3
x-amz-request-id: CZF4MV8S966G7YBH
ETag: "808b8d2713ae2c3bc82ca1d76dccbc08"
Content-Type: application/javascript
x-amz-version-id: F4VRdt3dlpkr8Avwt6TpU_eFaQI6ua_s
Accept-Ranges: bytes
Content-Length: 8674
x-amz-id-2: cy+lujXTWHirMi8n1baBgw/ywY58iCzox6ZSTi+iR9w4h/3DI7tRG5o7NBSXBzANqg8bVsQY3jc=

GET
H/1.1 200
OK logo.png
blip.fm/images/ 9 KB
9 KB 103ms
103ms Image
image/png 54.163.233.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blip.fm/images/logo.png
Requested by: Host: blip.fm
URL: https://blip.fm/agendatop21
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.163.233.121 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-163-233-121.compute-1.amazonaws.com
Software: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/7.0.19 /
Resource Hash: 1feda3dc45dfdcb46ec8f8abdafc23f06d4e2d954a864ec9e9e61b857dc8d1e8

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: blip.fm
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://blip.fm/agendatop21
Connection: keep-alive
Referer: https://blip.fm/agendatop21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 23:31:01 GMT
Last-Modified: Wed, 01 Jul 2020 13:08:01 GMT
Server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/7.0.19
ETag: "22a3-5a960fb434e40"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 8867

GET
H/1.1 200
OK spinner.gif
d1uswytv6491xe.cloudfront.net/images/blip/ 847 B
1 KB 15ms
15ms Image
image/gif 143.204.101.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1uswytv6491xe.cloudfront.net/images/blip/spinner.gif
Requested by: Host: blip.fm
URL: https://blip.fm/agendatop21
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-50.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 88c003ca3b8264aa64112d6c7ebe5a82011b6041c24460dbea7a31d3bfafee34

Request headers

Referer: https://blip.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 14:52:20 GMT
Via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Thu, 04 Apr 2019 15:03:35 GMT
Server: AmazonS3
Age: 5474382
ETag: "4b2f4d6259e452b9a0d2efbe25065b58"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Cache-Control: max-age=315360000
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Content-Length: 847
X-Amz-Cf-Id: u0AiuCaFewDq-cRRix_ELaMEGopSIrG5iadyvahksll2JzMmt5LL5A==
Expires: Thu, 04 Apr 2024 15:03:33 GMT

GET
H2 200 css2
fonts.googleapis.com/ 8 KB
789 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;500;600;700&display=swap

Requested by

Host: blip.fm
URL: https://blip.fm/_/css/newdesign.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cac4360b64e45cb4dec85db122e8565e26842137d54cbd7cdb9211c041c47e2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://blip.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 13 Aug 2021 22:35:14 GMT
server: ESF
date: Fri, 13 Aug 2021 23:32:00 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 13 Aug 2021 23:32:00 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: blip.fm
URL: https://blip.fm/agendatop21

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blip.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Jul 2021 18:24:06 GMT
server: Golfe2
age: 3007
date: Fri, 13 Aug 2021 22:41:55 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Sat, 14 Aug 2021 00:41:55 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 123 KB
33 KB 79ms
27ms Script
application/javascript 52.84.44.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: empowerlocal-plugin-js.s3.us-east-2.amazonaws.com
URL: https://empowerlocal-plugin-js.s3.us-east-2.amazonaws.com/header.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.44.170 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-44-170.mrs52.r.cloudfront.net
Software: Server /
Resource Hash: e7a1375f883984026b922acfbe7cbc0bd02effdbfbfdde9354922a6055502624

Request headers

Referer: https://blip.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 23:26:50 GMT
content-encoding: gzip
server: Server
age: 312
etag: f8520ea4ebd91256d6b4f461d472242a
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 e5c15247ec560744bc8eee50e069c231.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: MRS52-P1
accept-ranges: bytes
timing-allow-origin: *
x-amz-version-id: cdBhoWYDE8U.miXtMaq72_QdUztpgDZw
x-amz-cf-id: 7mjPHTKme0PErWxzLD3K3qGobzPRW64j6JhUVjxkQ6AQNGGOiTQ4fQ==

GET
H2 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ 20 KB
20 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://blip.fm
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 00:31:26 GMT
x-content-type-options: nosniff
age: 342036
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20040
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:20:44 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Aug 2022 00:31:26 GMT

GET
H/1.1 200
OK juicy-signup-small.png
d1uswytv6491xe.cloudfront.net/images/buttons/ 4 KB
4 KB 16ms
14ms Image
image/png 143.204.101.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1uswytv6491xe.cloudfront.net/images/buttons/juicy-signup-small.png
Requested by: Host: blip.fm
URL: https://blip.fm/agendatop21
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-50.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 17c3bd5b578cb7f4fccd1ad422794185e0c96b0c68a60756f4b1a72b674972c8

Request headers

Referer: https://blip.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 13 Feb 2021 02:48:50 GMT
Via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Thu, 04 Apr 2019 15:05:23 GMT
Server: AmazonS3
Age: 15712993
ETag: "a7a5b0521447b176ca08db741abbb305"
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: max-age=315360000
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Content-Length: 3659
X-Amz-Cf-Id: M9RYYtmSy7wqG0rbu3PuUPDdqNSFEGgOhLpcj6HpJMdd6jDp8MexfQ==
Expires: Thu, 04 Apr 2024 15:05:21 GMT

GET
H/1.1 200
OK nousericon-l.gif
d1uswytv6491xe.cloudfront.net/images/ 6 KB
7 KB 33ms
16ms Image
image/gif 143.204.101.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1uswytv6491xe.cloudfront.net/images/nousericon-l.gif
Requested by: Host: blip.fm
URL: https://blip.fm/agendatop21
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-50.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 35e9144015046c3d25f20ddbd1f3036306891c441a18343c1d1e2da6ff3c2bd1

Request headers

Referer: https://blip.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 29 Jan 2021 01:30:07 GMT
Via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Thu, 04 Apr 2019 15:03:48 GMT
Server: AmazonS3
Age: 17013716
ETag: "93ccd993bbfefbfa9709be27d9a0588b"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Cache-Control: max-age=315360000
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Content-Length: 6443
X-Amz-Cf-Id: pcMve15db9LZ5agrpRX2cVslV45yAuh8gkxqOTxCgLkfY_iF8T4nZg==
Expires: Thu, 04 Apr 2024 15:03:47 GMT

GET
H/1.1 200
OK gu.png
d1uswytv6491xe.cloudfront.net/images/flags/ 437 B
978 B 517ms
486ms Image
image/png 143.204.101.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1uswytv6491xe.cloudfront.net/images/flags/gu.png
Requested by: Host: blip.fm
URL: https://blip.fm/agendatop21
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-50.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7efb9af3df0ee1eaec1782c00202f4ebf05c1c42551b638bd568866ba5ec4523

Request headers

Referer: https://blip.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 23:32:03 GMT
Via: 1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
Last-Modified: Wed, 25 Aug 2010 17:45:32 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA50-C1
ETag: "ce49d063970216609d23b53af87184a4"
X-Cache: Miss from cloudfront
Content-Type: image/png; charset=binary
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 437
X-Amz-Cf-Id: E2OmK-_A_XvWf7BHRjzYrjSoECADYm4DmAYdSpMWRC5cB6KALUbCng==
Expires: Tue, 25 Aug 2015 17:45:30 GMT

GET
H2 200 1*ptQRDWDlEblcDL734-y4Qw.png
miro.medium.com/max/1200/ 35 KB
36 KB 128ms
110ms Image
image/png 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/1200/1*ptQRDWDlEblcDL734-y4Qw.png

Requested by

Host: blip.fm
URL: https://blip.fm/agendatop21

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

10985b0138ee107431b8118e0d8b2efa14439caf69807bf0bde75c96c578f018

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blip.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 23:32:02 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 1403
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 35996
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20210708-194908-a2c5797557
accept-ranges: bytes
cf-ray: 67e5bd89fa18e007-FRA
expires: Sun, 12 Sep 2021 23:32:02 GMT

GET
H/1.1 200
OK placeholder.svg
blip.fm/_/images/ 4 KB
5 KB 201ms
199ms Image
image/svg+xml 54.163.233.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blip.fm/_/images/placeholder.svg
Requested by: Host: blip.fm
URL: https://blip.fm/agendatop21
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.163.233.121 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-163-233-121.compute-1.amazonaws.com
Software: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/7.0.19 /
Resource Hash: c0e57c534e7fce5e66fb419c269b97d436385a2c69b9f508edf480ef60dedf91

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: blip.fm
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://blip.fm/agendatop21
Connection: keep-alive
Referer: https://blip.fm/agendatop21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 23:31:02 GMT
Last-Modified: Wed, 15 Jul 2020 08:57:06 GMT
Server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/7.0.19
ETag: "1194-5aa771bb17c80"
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 4500

GET
H/1.1 200
OK napster.jpg
blip.fm/_/images/napster/ 52 KB
52 KB 104ms
103ms Image
image/jpeg 54.163.233.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blip.fm/_/images/napster/napster.jpg
Requested by: Host: blip.fm
URL: https://blip.fm/agendatop21
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.163.233.121 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-163-233-121.compute-1.amazonaws.com
Software: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/7.0.19 /
Resource Hash: e6d76a2dedcc68e2317925b345474a47ee6294694ded93655ee3d69559a4a583

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: blip.fm
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://blip.fm/agendatop21
Connection: keep-alive
Referer: https://blip.fm/agendatop21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 23:31:02 GMT
Last-Modified: Tue, 04 Aug 2020 05:09:47 GMT
Server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/7.0.19
ETag: "ce4a-5ac0643925cc0"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 52810

GET
H/1.1 200
OK ads.js Show response
empowerlocal-plugin-js.s3.us-east-2.amazonaws.com/ 3 KB
4 KB 119ms
118ms Script
application/javascript 52.219.102.146
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://empowerlocal-plugin-js.s3.us-east-2.amazonaws.com/ads.js
Requested by: Host: blip.fm
URL: https://blip.fm/agendatop21
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.102.146 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.us-east-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: b3d07bd62da73385f67aa7d09c598bade0243347339334c81763124a803dbaf7

Request headers

Referer: https://blip.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 23:32:03 GMT
Last-Modified: Fri, 26 Feb 2021 17:17:08 GMT
Server: AmazonS3
x-amz-request-id: S94FJ3B77MNMZWMY
ETag: "22262cedaaaa5ff76bd686a64713f048"
Content-Type: application/javascript
x-amz-version-id: .L7dXL0GVzyECTjS7anJk4iGuUC1kqkM
Accept-Ranges: bytes
Content-Length: 3328
x-amz-id-2: urkEK8/k+FNPx3CVbyeU/3gPE+ZDRVp6NZdQgELpON0eDobH/5ZswAFetCof46Kt4DwAwahlsdU=

GET
H/1.1 200
OK base.js Show response
blip.fm/_/js/ 505 KB
506 KB 106ms
105ms Script
application/javascript 54.163.233.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://blip.fm/_/js/base.js
Requested by: Host: blip.fm
URL: https://blip.fm/agendatop21
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.163.233.121 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-163-233-121.compute-1.amazonaws.com
Software: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/7.0.19 /
Resource Hash: 4b6a2b0fd27801f153917af3d6558094fd0e76f7e08e21e78b45b0343362d3d6

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: blip.fm
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://blip.fm/agendatop21
Connection: keep-alive
Referer: https://blip.fm/agendatop21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 23:31:02 GMT
Last-Modified: Tue, 09 Mar 2021 21:40:56 GMT
Server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/7.0.19
ETag: "7e5cc-5bd2167c3aa00"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 517580

GET
H2 200 quant.js Show response
secure.quantserve.com/ 24 KB
9 KB 361ms
19ms Script
application/javascript 91.228.74.133
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: blip.fm
URL: https://blip.fm/agendatop21
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.228.74.133 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 95b17ad661699c049d42195b8ccd1d855045a1fcfbd20d8609a6d87fa5703810

Request headers

Referer: https://blip.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 23:32:02 GMT
content-encoding: gzip
etag: "lp772EpWKwf8Kq7YKMhbuw=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Fri, 20 Aug 2021 23:32:02 GMT

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1610890511&utmhn=blip.fm&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Free%20Music...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-1449388-5&cid=520580097.1628897522&jid=2075262196&_v=5.7.2&z=1610890511

35 B
111 B

15ms
14ms

Image
image/gif

2a00:1450:400c:c04::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-1449388-5&cid=520580097.1628897522&jid=2075262196&_v=5.7.2&z=1610890511

Requested by

Host: blip.fm
URL: https://blip.fm/agendatop21

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blip.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 13 Aug 2021 23:32:02 GMT
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 13 Aug 2021 23:32:02 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-1449388-5&cid=520580097.1628897522&jid=2075262196&_v=5.7.2&z=1610890511
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 369
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
298 B 140ms
140ms XHR
text/plain 52.84.44.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fblip.fm%2Fagendatop21&pubid=434bb5e4-3704-4b75-b36c-785a444462bd
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.44.170 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-44-170.mrs52.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://blip.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 23:32:02 GMT
via: 1.1 e5c15247ec560744bc8eee50e069c231.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: MRS52-P1
x-cache: Miss from cloudfront
access-control-allow-origin: https://blip.fm
cache-control: max-age=86087, s-maxage=86400
access-control-allow-credentials: true
x-amz-cf-id: wRB98OYAYRnOG2FS11rxHZD-lkOnYcHjNPVmjLOxUEXXOMuLwFYEbA==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 76ms
26ms XHR
application/javascript 52.84.44.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.44.170 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-44-170.mrs52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://blip.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: UwMoja_wiYmXZ_L.v58hX8_8XzeYFzV9
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 70272
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Thu, 01 Jul 2021 22:05:10 GMT
server: AmazonS3
date: Fri, 13 Aug 2021 04:00:51 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 281d355987643c0eb0bbf0ab368dda61.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: MRS52-P1
x-amz-cf-id: T_x0dCa_Q-hdZsUd5cun8PzXlAO0a8FEnsmmObDP5hORphtt2EOB-A==

GET
H/1.1 200
OK trackpopbg.png
blip.fm/images/ 400 B
732 B 109ms
109ms Image
image/png 54.163.233.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blip.fm/images/trackpopbg.png
Requested by: Host: blip.fm
URL: https://blip.fm/_/css/base.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.163.233.121 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-163-233-121.compute-1.amazonaws.com
Software: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/7.0.19 /
Resource Hash: 51849fb8f2b161981d2a508c4e58503a0a752c6bbac592a742d92efdb1c378c6

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: blip.fm
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://blip.fm/_/css/base.css
Cookie: __utma=171230451.520580097.1628897522.1628897522.1628897522.1; __utmc=171230451; __utmz=171230451.1628897522.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=171230451.1.10.1628897522
Connection: keep-alive
Referer: https://blip.fm/_/css/base.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 23:31:02 GMT
Last-Modified: Tue, 04 Aug 2020 05:09:35 GMT
Server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/7.0.19
ETag: "190-5ac0642db41c0"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 400

GET
H2 200 iframe_api Show response
www.youtube.com/ 980 B
1 KB 41ms
21ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: blip.fm
URL: https://blip.fm/_/js/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f5443d42c7834cd8ff927327229833a12c96c6888dbd9c56c44896b327d3a492

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://blip.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 23:32:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
accept-ch-lifetime: 2592000
content-type: text/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, DPR
cache-control: private, max-age=0
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
expires: Fri, 13 Aug 2021 23:32:02 GMT

GET
H/1.1 200
OK loadPage Show response
blip.fm/ajax/ 18 B
414 B 6394ms
6394ms XHR
application/json 54.163.233.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://blip.fm/ajax/loadPage?page=1&bliperId=2881672
Requested by: Host: blip.fm
URL: https://blip.fm/_/js/base.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.163.233.121 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-163-233-121.compute-1.amazonaws.com
Software: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/7.0.19 / PHP/7.0.19
Resource Hash: 67f2b0a60f37796c436ea0d9f947a22cb196312a87705d10069b65acc2993f01

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: blip.fm
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: empty
X-Requested-With: XMLHttpRequest
Cookie: __utma=171230451.520580097.1628897522.1628897522.1628897522.1; __utmc=171230451; __utmz=171230451.1628897522.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=171230451.1.10.1628897522
Connection: keep-alive
X-Fuzz-Ajax: true
Referer: https://blip.fm/agendatop21
Referer: https://blip.fm/agendatop21
X-Requested-With: XMLHttpRequest
X-Fuzz-Ajax: true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 13 Aug 2021 23:31:02 GMT
Server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/7.0.19
X-Powered-By: PHP/7.0.19
Content-Type: application/json
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 18
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 rules-p-b0cBKofGeCYKg.js Show response
rules.quantcount.com/ 3 B
437 B 40ms
14ms Script
application/javascript 2600:9000:2104:ba00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-b0cBKofGeCYKg.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:ba00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://blip.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 08:11:57 GMT
via: 1.1 025692f042f48f4d5f15fa44d00c09ee.cloudfront.net (CloudFront)
age: 55206
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 3
last-modified: Sat, 04 Mar 2017 20:48:31 GMT
server: AmazonS3
etag: "8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
x-amz-cf-id: A1Bp5jhXrLWNxszY94I_3Il8qR4_hh_PItiNxEEw8nfLwkq28bhcJQ==

GET
H2 200 rules-p-c4o3JsfzdTxY6.js Show response
rules.quantcount.com/ 3 B
437 B 40ms
14ms Script
application/javascript 2600:9000:2104:ba00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-c4o3JsfzdTxY6.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:ba00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://blip.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 07:09:33 GMT
via: 1.1 025692f042f48f4d5f15fa44d00c09ee.cloudfront.net (CloudFront)
age: 58950
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 3
last-modified: Sat, 04 Mar 2017 20:53:31 GMT
server: AmazonS3
etag: "8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
x-amz-cf-id: 9ZBkV-bjoQb0zdNT3lG4k_C1sCZt26-kP1dM0zlN1M7v5EbvP5Gz7A==

GET
H/1.1 200
OK noticebg-black.png
blip.fm/images/ 2 KB
3 KB 110ms
110ms Image
image/png 54.163.233.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blip.fm/images/noticebg-black.png
Requested by: Host: blip.fm
URL: https://blip.fm/_/css/base.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.163.233.121 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-163-233-121.compute-1.amazonaws.com
Software: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/7.0.19 /
Resource Hash: 3983c27985f9ae67aed69d7ca6a82a682a7095df30b8d8253014de0f4ee97427

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: blip.fm
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://blip.fm/_/css/base.css
Cookie: __utma=171230451.520580097.1628897522.1628897522.1628897522.1; __utmc=171230451; __utmz=171230451.1628897522.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=171230451.1.10.1628897522; _dlt=1
Connection: keep-alive
Referer: https://blip.fm/_/css/base.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 23:31:02 GMT
Last-Modified: Tue, 04 Aug 2020 05:09:53 GMT
Server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/7.0.19
ETag: "9d5-5ac0643edea40"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 2517

GET
H/1.1 200
OK dockbg.png
blip.fm/images/ 607 B
939 B 110ms
110ms Image
image/png 54.163.233.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blip.fm/images/dockbg.png
Requested by: Host: blip.fm
URL: https://blip.fm/_/css/base.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.163.233.121 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-163-233-121.compute-1.amazonaws.com
Software: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/7.0.19 /
Resource Hash: c04e372715cffbc60a3f59d89c6ba50bb9f8adbc36c2e75cbd155f4ae1a911e8

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: blip.fm
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://blip.fm/_/css/base.css
Cookie: __utma=171230451.520580097.1628897522.1628897522.1628897522.1; __utmc=171230451; __utmz=171230451.1628897522.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=171230451.1.10.1628897522; _dlt=1
Connection: keep-alive
Referer: https://blip.fm/_/css/base.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 23:31:02 GMT
Last-Modified: Tue, 04 Aug 2020 05:09:37 GMT
Server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/7.0.19
ETag: "25f-5ac0642f9c640"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 607

GET
H/1.1 200
OK alert.png
blip.fm/images/icons/ 3 KB
4 KB 109ms
109ms Image
image/png 54.163.233.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blip.fm/images/icons/alert.png
Requested by: Host: blip.fm
URL: https://blip.fm/_/css/base.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.163.233.121 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-163-233-121.compute-1.amazonaws.com
Software: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/7.0.19 /
Resource Hash: 4db8af548255ad1270380918e096b18fddd5b984f95fd4862f18575f8267162f

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: blip.fm
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://blip.fm/_/css/base.css
Cookie: __utma=171230451.520580097.1628897522.1628897522.1628897522.1; __utmc=171230451; __utmz=171230451.1628897522.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=171230451.1.10.1628897522; _dlt=1
Connection: keep-alive
Referer: https://blip.fm/_/css/base.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 23:31:02 GMT
Last-Modified: Tue, 04 Aug 2020 05:09:49 GMT
Server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/7.0.19
ETag: "d77-5ac0643b0e140"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 3447

GET
H/1.1 200
OK sprite-uber.png
blip.fm/images/blip/ 64 KB
65 KB 107ms
107ms Image
image/png 54.163.233.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blip.fm/images/blip/sprite-uber.png
Requested by: Host: blip.fm
URL: https://blip.fm/_/css/base.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.163.233.121 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-163-233-121.compute-1.amazonaws.com
Software: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/7.0.19 /
Resource Hash: 9585f9660d61236506d8fe0d442168949a866c238ee7fe8c5f32b0aec2b29d71

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: blip.fm
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://blip.fm/_/css/base.css
Cookie: __utma=171230451.520580097.1628897522.1628897522.1628897522.1; __utmc=171230451; __utmz=171230451.1628897522.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=171230451.1.10.1628897522; _dlt=1
Connection: keep-alive
Referer: https://blip.fm/_/css/base.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 23:31:02 GMT
Last-Modified: Tue, 04 Aug 2020 05:09:43 GMT
Server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/7.0.19
ETag: "1015e-5ac06435553c0"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 65886

GET
H/1.1 200
OK dialogbg.png
blip.fm/images/ 6 KB
6 KB 107ms
106ms Image
image/png 54.163.233.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blip.fm/images/dialogbg.png
Requested by: Host: blip.fm
URL: https://blip.fm/_/css/base.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.163.233.121 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-163-233-121.compute-1.amazonaws.com
Software: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/7.0.19 /
Resource Hash: 8389ab2ff25b494852f8aa7c6972c69140ffb4f74ad5fb5f030d6ed3a1160359

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: blip.fm
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://blip.fm/_/css/base.css
Cookie: __utma=171230451.520580097.1628897522.1628897522.1628897522.1; __utmc=171230451; __utmz=171230451.1628897522.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=171230451.1.10.1628897522; _dlt=1
Connection: keep-alive
Referer: https://blip.fm/_/css/base.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 23:31:02 GMT
Last-Modified: Tue, 04 Aug 2020 05:09:44 GMT
Server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/7.0.19
ETag: "17ce-5ac0643649600"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 6094

GET
H3-29 200 www-widgetapi.js Show response
www.youtube.com/s/player/50e823fc/www-widgetapi.vflset/ 126 KB
42 KB 20ms
6ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/50e823fc/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bfd684487fa502cbadc6a43e262a68e04e70ba90fa536625eade641357004111

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blip.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 20:51:28 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 12 Aug 2021 00:18:48 GMT
server: sffe
age: 9634
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42941
x-xss-protection: 0
expires: Sat, 13 Aug 2022 20:51:28 GMT

GET
H2 200 pixel;r=465236815;rf=0;a=p-b0cBKofGeCYKg;url=https%3A%2F%2Fblip.fm%2Fagendatop21;uht=2;fpan=1;fpa=P0-335754222-1628897522778;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=eccc2c00-20210811224039;cm=;gdpr=0;ref=;d...
pixel.quantserve.com/ 35 B
371 B 24ms
22ms Image
image/gif 91.228.74.133
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=465236815;rf=0;a=p-b0cBKofGeCYKg;url=https%3A%2F%2Fblip.fm%2Fagendatop21;uht=2;fpan=1;fpa=P0-335754222-1628897522778;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=eccc2c00-20210811224039;cm=;gdpr=0;ref=;d=blip.fm;je=0;sr=1600x1200x24;dst=1;et=1628897522778;tzo=-120;ogl=title.Blip%252Efm%20-%20Listen%20to%20free%20music%2Ctype.website%2Cimage.https%3A%2F%2Fd1uswytv6491xe%252Ecloudfront%252Enet%2Fimages%2Fblip%2FblipIcon%252Epng%2Curl.http%3A%2F%2Fblip%252Efm%2Csite_name.Blip%252Efm

Requested by

Host: blip.fm
URL: https://blip.fm/agendatop21

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.133 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://blip.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 23:32:02 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 pixel;r=277483070;rf=0;a=p-c4o3JsfzdTxY6;url=https%3A%2F%2Fblip.fm%2Fagendatop21;uht=2;fpan=0;fpa=P0-335754222-1628897522778;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=eccc2c00-20210811224039;cm=;gdpr=0;ref=;d...
pixel.quantserve.com/ 35 B
371 B 23ms
21ms Image
image/gif 91.228.74.133
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=277483070;rf=0;a=p-c4o3JsfzdTxY6;url=https%3A%2F%2Fblip.fm%2Fagendatop21;uht=2;fpan=0;fpa=P0-335754222-1628897522778;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=eccc2c00-20210811224039;cm=;gdpr=0;ref=;d=blip.fm;je=0;sr=1600x1200x24;dst=1;et=1628897522779;tzo=-120;ogl=title.Blip%252Efm%20-%20Listen%20to%20free%20music%2Ctype.website%2Cimage.https%3A%2F%2Fd1uswytv6491xe%252Ecloudfront%252Enet%2Fimages%2Fblip%2FblipIcon%252Epng%2Curl.http%3A%2F%2Fblip%252Efm%2Csite_name.Blip%252Efm

Requested by

Host: blip.fm
URL: https://blip.fm/agendatop21

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.133 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://blip.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 23:32:02 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-29 200 / Show response
www.youtube.com/embed/ Frame 3166 31 KB
10 KB 39ms
39ms Document
text/html 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/?enablejsapi=1&origin=https%3A%2F%2Fblip.fm&widgetid=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/50e823fc/www-widgetapi.vflset/www-widgetapi.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dfab5946bd6b4da8c9851ae533d48191976e544cd030158a488ff9f0d2f4f550

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/?enablejsapi=1&origin=https%3A%2F%2Fblip.fm&widgetid=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://blip.fm/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: YSC=0WsRHAkzVLc; VISITOR_INFO1_LIVE=fZGJG_mCEPE
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://blip.fm/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 13 Aug 2021 23:32:02 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, DPR
accept-ch-lifetime: 2592000
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: CONSENT=PENDING+501; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 www-player-webp.css
www.youtube.com/s/player/50e823fc/ Frame 3166 328 KB
45 KB 7ms
6ms Stylesheet
text/css 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/50e823fc/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/?enablejsapi=1&origin=https%3A%2F%2Fblip.fm&widgetid=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9995890adfe6c6d117c0774fa1a895fc5588115ff7712b1838e059aaf6f5953

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/?enablejsapi=1&origin=https%3A%2F%2Fblip.fm&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 14:43:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 118121
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46094
x-xss-protection: 0
last-modified: Thu, 12 Aug 2021 00:18:48 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 12 Aug 2022 14:43:21 GMT

GET
H3-29 200 www-embed-player.js Show response
www.youtube.com/s/player/50e823fc/www-embed-player.vflset/ Frame 3166 193 KB
64 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/50e823fc/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/?enablejsapi=1&origin=https%3A%2F%2Fblip.fm&widgetid=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd45d78a8d809985739cee4bd27276157a2b7e7dc4068156a22fa922b6ee00bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/?enablejsapi=1&origin=https%3A%2F%2Fblip.fm&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 14:40:22 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 12 Aug 2021 00:18:48 GMT
server: sffe
age: 118300
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65204
x-xss-protection: 0
expires: Fri, 12 Aug 2022 14:40:22 GMT

GET
H3-29 200 base.js Show response
www.youtube.com/s/player/50e823fc/player_ias.vflset/en_US/ Frame 3166 2 MB
494 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/50e823fc/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/?enablejsapi=1&origin=https%3A%2F%2Fblip.fm&widgetid=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

091d0d2297eafd7c4f3cf2a5b009e3ac9830ea24780ac19b6be083176c6e870a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/?enablejsapi=1&origin=https%3A%2F%2Fblip.fm&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 14:44:46 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 12 Aug 2021 00:18:48 GMT
server: sffe
age: 118036
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 505743
x-xss-protection: 0
expires: Fri, 12 Aug 2022 14:44:46 GMT

GET
H3-29 200 fetch-polyfill.js Show response
www.youtube.com/s/player/50e823fc/fetch-polyfill.vflset/ Frame 3166 8 KB
3 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/50e823fc/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/?enablejsapi=1&origin=https%3A%2F%2Fblip.fm&widgetid=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/?enablejsapi=1&origin=https%3A%2F%2Fblip.fm&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 14:40:22 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 12 Aug 2021 00:18:48 GMT
server: sffe
age: 118300
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2830
x-xss-protection: 0
expires: Fri, 12 Aug 2022 14:40:22 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 3166 15 KB
15 KB 15ms
14ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/?enablejsapi=1&origin=https%3A%2F%2Fblip.fm&widgetid=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.youtube.com
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 00:42:56 GMT
x-content-type-options: nosniff
age: 341346
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Aug 2022 00:42:56 GMT

GET
H3-29

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 3166
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

113 B
161 B

31ms
30ms

XHR
application/json

2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/?enablejsapi=1&origin=https%3A%2F%2Fblip.fm&widgetid=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c64d71a7340d0504d0aebd5cd91d450cd334747ad1f06053def7072862cb74e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 23:32:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 13 Aug 2021 23:32:02 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 3166 29 B
423 B 26ms
6ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/50e823fc/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 23:29:41 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
age: 141
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
expires: Fri, 13 Aug 2021 23:44:41 GMT

GET
H3-29 200 remote.js Show response
www.youtube.com/s/player/50e823fc/player_ias.vflset/en_US/ Frame 3166 95 KB
29 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/50e823fc/player_ias.vflset/en_US/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/50e823fc/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89b0febca2d4760da3faefbc01776bb09e424d642978f1e808917da3a43cb026

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/?enablejsapi=1&origin=https%3A%2F%2Fblip.fm&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 14:44:46 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 12 Aug 2021 00:18:48 GMT
server: sffe
age: 118036
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29765
x-xss-protection: 0
expires: Fri, 12 Aug 2022 14:44:46 GMT

GET
H3-29 200 embed.js Show response
www.youtube.com/s/player/50e823fc/player_ias.vflset/en_US/ Frame 3166 25 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/50e823fc/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/50e823fc/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb0d709906ae03ee405aa0270235921ba881289489b042c0ec25365fc03e83a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/?enablejsapi=1&origin=https%3A%2F%2Fblip.fm&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 14:49:31 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 12 Aug 2021 00:18:48 GMT
server: sffe
age: 117752
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7489
x-xss-protection: 0
expires: Fri, 12 Aug 2022 14:49:31 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 3166 4 KB
2 KB 34ms
14ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/50e823fc/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 23:32:03 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
x-content-type-options: nosniff
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
expires: Fri, 13 Aug 2021 23:32:03 GMT

GET
H/1.1 200
OK index.html Show response
sdk.scdn.co/embedded/ Frame 82CD 569 B
778 B 6ms
5ms Document
text/html 2a04:4e42:62::760
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.scdn.co/embedded/index.html
Requested by: Host: sdk.scdn.co
URL: https://sdk.scdn.co/spotify-player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:62::760 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 1fee0b34c67a3e22047b627896862289225552817e79f658ade465b28c7103e0

Request headers

Host: sdk.scdn.co
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://blip.fm/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://blip.fm/

Response headers

Connection: keep-alive
Content-Length: 343
Last-Modified: Wed, 11 Aug 2021 09:11:49 GMT
ETag: "58e3b6a50613943da4dcedcbe2bb1e12"
Content-Type: text/html
Content-Encoding: gzip
Accept-Ranges: bytes
Date: Fri, 13 Aug 2021 23:32:03 GMT
Age: 224397
X-Served-By: cache-ord1735-ORD, cache-hhn11527-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 2, 501
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 71 KB
25 KB 37ms
13ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: empowerlocal-plugin-js.s3.us-east-2.amazonaws.com
URL: https://empowerlocal-plugin-js.s3.us-east-2.amazonaws.com/header.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94b2dabca19edc6cc311cd01b7412d78399213d99e965630b20e9adfdd591ffa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blip.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 23:32:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "958 / 124 of 1000 / last-modified: 1628892660"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25211
x-xss-protection: 0
expires: Fri, 13 Aug 2021 23:32:03 GMT

GET
H2 200 amp-ad-0.1.js Show response
cdn.ampproject.org/v0/ 71 KB
21 KB 38ms
14ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-ad-0.1.js

Requested by

Host: empowerlocal-plugin-js.s3.us-east-2.amazonaws.com
URL: https://empowerlocal-plugin-js.s3.us-east-2.amazonaws.com/header.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21eeb045f9dd8ff8bb9e8ce9cbc328282dc12d6346110c0b56fb18d9e9b8e0f9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blip.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20704
x-xss-protection: 0
server: sffe
date: Fri, 13 Aug 2021 23:32:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: private, max-age=604800, stale-while-revalidate=604800
etag: "4b9c6be29b7e9be9"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Aug 2021 23:32:03 GMT

GET
H2 200 vue.js Show response
cdn.jsdelivr.net/npm/vue@2.x/dist/ 336 KB
89 KB 21ms
6ms Script
application/javascript 2a04:4e42:3::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/vue@2.x/dist/vue.js

Requested by

Host: empowerlocal-plugin-js.s3.us-east-2.amazonaws.com
URL: https://empowerlocal-plugin-js.s3.us-east-2.amazonaws.com/header.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:3::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

69b75483b270421e1a89426dd59387ba090772313561c3e9fa415396a78e8936

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blip.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 40168
x-jsd-version: 2.6.14
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 90557
etag: W/"53fc9-Jp9Vk24Ybv0rJ6ZZ5HLpQ6vP7ig"
x-served-by: cache-fra19180-FRA
x-jsd-version-type: version
date: Fri, 13 Aug 2021 23:32:03 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 vuetify.js Show response
cdn.jsdelivr.net/npm/vuetify@2.x/dist/ 2 MB
256 KB 27ms
13ms Script
application/javascript 2a04:4e42:3::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/vuetify@2.x/dist/vuetify.js

Requested by

Host: empowerlocal-plugin-js.s3.us-east-2.amazonaws.com
URL: https://empowerlocal-plugin-js.s3.us-east-2.amazonaws.com/header.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:3::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6dd4fff51fbb3100897e6ac0835da4e6af87ba686a9552b994a5abdfc1e95503

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blip.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 6870
x-jsd-version: 2.5.8
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 261690
etag: W/"189d04-zdvdxVDgpheWBcDq9CHpFREWgUc"
x-served-by: cache-fra19180-FRA
x-jsd-version-type: version
date: Fri, 13 Aug 2021 23:32:03 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/250/ 353 KB
114 KB 153ms
52ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/250/addthis_widget.js?pub=Blip.fm

Requested by

Host: blip.fm
URL: https://blip.fm/_/js/base.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://blip.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: "5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Fri, 13 Aug 2021 23:32:03 GMT
x-host: s7.addthis.com
content-length: 116325

GET
H/1.1 200
OK QuickSignup.26.js.jgz Show response
d1uswytv6491xe.cloudfront.net/js/ 1 KB
1 KB 15ms
14ms Script
application/x-javascript 143.204.101.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1uswytv6491xe.cloudfront.net/js/QuickSignup.26.js.jgz
Requested by: Host: blip.fm
URL: https://blip.fm/_/js/base.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-50.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3c00d50d6046dfc2e2a7de2a5a177d35e11b708fe9fc93f966c0d28a304ab485

Request headers

Referer: https://blip.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 03:39:52 GMT
Content-Encoding: gzip
Age: 15796332
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 742
Last-Modified: Thu, 04 Apr 2019 15:06:32 GMT
Server: AmazonS3
ETag: "7bc3abb8437d89e80c9407562df229a6"
Content-Type: application/x-javascript
Via: 1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
Cache-Control: max-age=315360000
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
X-Amz-Cf-Id: 7xrueUBSXZfeXrlK1BXGJ4aEFHrmab5x4ljqrXLcoOkYRhjnTC14Zg==
Expires: Thu, 04 Apr 2024 15:06:30 GMT

GET
H/1.1 200
OK profile.26.js.jgz Show response
d1uswytv6491xe.cloudfront.net/js/ 4 KB
2 KB 16ms
15ms Script
application/x-javascript 143.204.101.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1uswytv6491xe.cloudfront.net/js/profile.26.js.jgz
Requested by: Host: blip.fm
URL: https://blip.fm/_/js/base.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-50.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4b6c4dd2186139cfe5da8627cbd85b7f54e8b4d84164a4f98af88427c6ebb5e0

Request headers

Referer: https://blip.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 10:51:59 GMT
Content-Encoding: gzip
Age: 5488805
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 1287
Last-Modified: Thu, 04 Apr 2019 15:06:42 GMT
Server: AmazonS3
ETag: "b3067d3023e15c0cfc5362eb35a1a08a"
Content-Type: application/x-javascript
Via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
Cache-Control: max-age=315360000
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
X-Amz-Cf-Id: 4fcdnvp-abTvXM_WJ4xh1S49csHERIthBmgQJsz3o_Z-QblL9SCe8w==
Expires: Thu, 04 Apr 2024 15:06:41 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 82CD 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: sdk.scdn.co
URL: https://sdk.scdn.co/embedded/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sdk.scdn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Jul 2021 18:24:06 GMT
server: Golfe2
age: 6929
date: Fri, 13 Aug 2021 21:36:34 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19672
expires: Fri, 13 Aug 2021 23:36:34 GMT

GET
H/1.1 200
OK index.js Show response
sdk.scdn.co/embedded/ Frame 82CD 626 KB
155 KB 6ms
6ms Script
application/javascript 2a04:4e42:62::760
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.scdn.co/embedded/index.js
Requested by: Host: sdk.scdn.co
URL: https://sdk.scdn.co/embedded/index.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:62::760 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 18b87be5275cde608bd496d8ea511da068792e37cd3d2fadff4bafdd9d9494ec

Request headers

Referer: https://sdk.scdn.co/embedded/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 23:32:03 GMT
Content-Encoding: gzip
Last-Modified: Wed, 11 Aug 2021 09:11:49 GMT
Age: 224396
ETag: "26e1d4750fdc579acc17f26db598ee9c"
X-Served-By: cache-ord1737-ORD, cache-hhn11527-HHN
X-Cache: HIT, HIT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 158211
X-Cache-Hits: 1, 2

GET
H2 200 pubads_impl_2021081001.js Show response
securepubads.g.doubleclick.net/gpt/ 329 KB
115 KB 44ms
20ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081001.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

79cc39ab51de99510d98e22dfc56bd456b3ffbb29671e3d2e61719ee50792565

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blip.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 23:32:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 10 Aug 2021 08:39:05 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117457
x-xss-protection: 0
expires: Fri, 13 Aug 2021 23:32:03 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 98 B
744 B 38ms
16ms XHR
application/json 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=blip.fm

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

6cb20c5dcdc3f32e501ce77167a4b9367f3e974b1de4c89e6e7ce92a16dd37a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blip.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 13 Aug 2021 23:32:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87
x-xss-protection: 0
expires: Fri, 13 Aug 2021 23:32:03 GMT

GET
H2 200 / Show response
apresolve.spotify.com/ Frame 82CD 205 B
226 B 29ms
14ms Fetch
application/json 2600:1901:0:524d::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://apresolve.spotify.com/?type=dealer&type=spclient
Requested by: Host: sdk.scdn.co
URL: https://sdk.scdn.co/embedded/index.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:524d:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 655d2013c62900319a0da87ab51de91cf5432d6e119b7e8bd224389100b2931e

Request headers

Referer: https://sdk.scdn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 23:32:03 GMT
content-encoding: gzip
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=0
alt-svc: clear
content-length: 98
via: 1.1 google

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
364 B 79ms
79ms XHR
text/javascript 52.84.44.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fblip.fm%2Fagendatop21&pid=u2Cu2ewtrHXRz&cb=0&ws=1600x1200&v=7.67.00&t=1000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F12230023%2Fel_blip_leaderboard%22%7D%2C%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F12230023%2Fel_blip_leaderboard%22%7D%2C%7B%22sd%22%3A%222%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F12230023%2Fel_blip_leaderboard%22%7D%2C%7B%22sd%22%3A%223%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F12230023%2Fel_blip_leaderboard%22%7D%2C%7B%22sd%22%3A%224%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F12230023%2Fel_blip_leaderboard%22%7D%2C%7B%22sd%22%3A%225%22%2C%22s%22%3A%5B%22300x600%22%5D%2C%22sn%22%3A%22%2F12230023%2Fel_blip_halfpage%22%7D%2C%7B%22sd%22%3A%226%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F12230023%2Fel_blip_mediumrectangle%22%7D%2C%7B%22sd%22%3A%227%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F12230023%2Fel_blip_mediumrectangle%22%7D%2C%7B%22sd%22%3A%228%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F12230023%2Fel_blip_mediumrectangle%22%7D%2C%7B%22sd%22%3A%229%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F12230023%2Fel_blip_mediumrectangle%22%7D%2C%7B%22sd%22%3A%2210%22%2C%22s%22%3A%5B%22336x280%22%5D%2C%22sn%22%3A%22%2F12230023%2Fel_blip_largerectangle%22%7D%2C%7B%22sd%22%3A%2211%22%2C%22s%22%3A%5B%22336x280%22%5D%2C%22sn%22%3A%22%2F12230023%2Fel_blip_largerectangle%22%7D%2C%7B%22sd%22%3A%2212%22%2C%22s%22%3A%5B%22336x280%22%5D%2C%22sn%22%3A%22%2F12230023%2Fel_blip_largerectangle%22%7D%2C%7B%22sd%22%3A%2213%22%2C%22s%22%3A%5B%22336x280%22%5D%2C%22sn%22%3A%22%2F12230023%2Fel_blip_largerectangle%22%7D%2C%7B%22sd%22%3A%2214%22%2C%22s%22%3A%5B%22970x90%22%5D%2C%22sn%22%3A%22%2F12230023%2Fel_blip_largeleaderboard%22%7D%2C%7B%22sd%22%3A%2215%22%2C%22s%22%3A%5B%22160x600%22%5D%2C%22sn%22%3A%22%2F12230023%2Fel_blip_skyscraper%22%7D%2C%7B%22sd%22%3A%2216%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F12230023%2Fel_blip_anchor%22%7D%2C%7B%22sd%22%3A%2217%22%2C%22s%22%3A%5B%22970x250%22%5D%2C%22sn%22%3A%22%2F12230023%2Fel_blip_superleaderboard%22%7D%2C%7B%22sd%22%3A%2218%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F12230023%2Fel_blip_leaderboardtop%22%7D%5D&cfgv=0&pubid=434bb5e4-3704-4b75-b36c-785a444462bd&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.44.170 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-44-170.mrs52.r.cloudfront.net
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Referer: https://blip.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 23:32:03 GMT
via: 1.1 e5c15247ec560744bc8eee50e069c231.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: MRS52-P1
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://blip.fm
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: 7NBpurL8wVD6fR1YEOY32x5Iu-2-MQUkA6wTvWMBi_c_foD7aybC6A==

GET
H2 401 check_scope Show response
api.spotify.com/v1/melody/v1/ Frame 82CD 77 B
247 B 17ms
16ms Fetch
application/json 2600:1901:1:c36::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.spotify.com/v1/melody/v1/check_scope?scope=web-playback

Requested by

Host: sdk.scdn.co
URL: https://sdk.scdn.co/embedded/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:1:c36:: , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

envoy /

Resource Hash

863e7d2c37417b268dcfbeb4430cccad660050490c6d66f2d657370df21c5b06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

authorization: Bearer undefined
Referer: https://sdk.scdn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
www-authenticate: Bearer realm="spotify", error="invalid_token", error_description="Invalid access token"
server: envoy
access-control-allow-origin: *
date: Fri, 13 Aug 2021 23:32:02 GMT
access-control-max-age: 604800
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, PATCH
content-type: application/json
via: HTTP/2 edgeproxy, 1.1 google
access-control-allow-credentials: true
access-control-allow-headers: Accept, App-Platform, Authorization, Content-Type, Origin, Retry-After, Spotify-App-Version, X-Cloud-Trace-Context, client-token, content-access-token
alt-svc: clear
content-length: 92
x-content-type-options: nosniff

OPTIONS
H2 200 check_scope
api.spotify.com/v1/melody/v1/ Frame 0
0 31ms
16ms Preflight 2600:1901:1:c36::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.spotify.com/v1/melody/v1/check_scope?scope=web-playback

Protocol

Server

2600:1901:1:c36:: , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization
Origin: https://sdk.scdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: *
access-control-allow-headers: Accept, App-Platform, Authorization, Content-Type, Origin, Retry-After, Spotify-App-Version, X-Cloud-Trace-Context, client-token, content-access-token
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, PATCH
access-control-allow-credentials: true
access-control-max-age: 604800
content-length: 0
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
date: Fri, 13 Aug 2021 23:32:02 GMT
server: envoy
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: clear

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 55ms
18ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/250/addthis_widget.js?pub=Blip.fm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer: https://blip.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 23:32:03 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: D5503D14AA2F06AA
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=32199
accept-ranges: bytes
content-length: 948
x-amz-id-2: JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/Blip.fm/ 166 B
325 B 314ms
313ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/Blip.fm/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/250/addthis_widget.js?pub=Blip.fm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4cf8b4da854cac70fb514c2d255e93904353bda1fcc7229de2f59d5971d83028

Request headers

Referer: https://blip.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 23:32:03 GMT
content-encoding: gzip
etag: 659743217
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=58, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 154

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 37ms
16ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=blip.fm

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blip.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 13 Aug 2021 23:32:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 36ms
15ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=blip.fm

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blip.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 13 Aug 2021 23:32:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 307 KB
90 KB 526ms
512ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2563890777225502&correlator=744433070443053&output=ldjh&impl=fifs&eid=31062142%2C44741899%2C20211866%2C31062297&vrg=2021081001&ptt=17&sc=1&sfv=1-0-38&ecs=20210813&iu_parts=12230023%2Cel_blip_leaderboard%2Cel_blip_halfpage%2Cel_blip_mediumrectangle%2Cel_blip_largerectangle%2Cel_blip_largeleaderboard%2Cel_blip_skyscraper%2Cel_blip_anchor%2Cel_blip_superleaderboard%2Cel_blip_leaderboardtop&enc_prev_ius=%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F3%2C%2F0%2F3%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F4%2C%2F0%2F4%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8%2C%2F0%2F9&prev_iu_szs=728x90%2C728x90%2C728x90%2C728x90%2C728x90%2C300x600%2C300x250%2C300x250%2C300x250%2C300x250%2C336x280%2C336x280%2C336x280%2C336x280%2C970x90%2C160x600%2C728x90%2C970x250%2C728x90&prev_scp=amznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2&eri=1&cust_params=amznbid%3D0%26amznp%3D0&cookie_enabled=1&bc=31&arp=1&abxe=1&lmt=1628897523&dt=1628897523375&dlt=1628897515819&idt=7440&frm=20&biw=1600&bih=1200&oid=3&adxs=-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C280%2C-9%2C436%2C-9%2C-9&adys=-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C689%2C-9%2C1110%2C-9%2C-9&adks=617433239%2C617433238%2C617433233%2C617433232%2C617433235%2C4165216314%2C3598324391%2C3598324388%2C3598324389%2C3598324394%2C1974185959%2C1974185958%2C1974185957%2C1974185956%2C3076314635%2C2382161721%2C3224969948%2C553478435%2C982267445&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce%7Cf%7Cg%7Ch%7Ci%7Cj&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fblip.fm%2Fagendatop21&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C1040x0%7C0x-1%7C1600x-1%7C0x-1%7C0x-1&msz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C1040x0%7C0x-1%7C1600x-1%7C0x-1%7C0x-1&ga_vid=520580097.1628897522&ga_sid=1628897522&ga_hid=477222114&ga_fc=true&fws=2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C4%2C2%2C516%2C2%2C2&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C1040%2C0%2C1040%2C0%2C0&btvi=-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C0%7C-1%7C0%7C-1%7C-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

d742c90726251e69bb74320f674d4c9d4019a1cc42daaccc86a7aa4d6898a74d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blip.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 23:32:03 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 92066
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-2,-1,-1,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-2,-1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://blip.fm
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5988 6 KB
3 KB 47ms
14ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://blip.fm/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://blip.fm/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Fri, 13 Aug 2021 23:32:03 GMT
expires: Sat, 13 Aug 2022 23:32:03 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 401 check_scope Show response
api.spotify.com/v1/melody/v1/ Frame 82CD 77 B
162 B 16ms
16ms Fetch
application/json 2600:1901:1:c36::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.spotify.com/v1/melody/v1/check_scope?scope=web-playback

Requested by

Host: sdk.scdn.co
URL: https://sdk.scdn.co/embedded/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:1:c36:: , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

envoy /

Resource Hash

863e7d2c37417b268dcfbeb4430cccad660050490c6d66f2d657370df21c5b06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

authorization: Bearer undefined
Referer: https://sdk.scdn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
www-authenticate: Bearer realm="spotify", error="invalid_token", error_description="Invalid access token"
server: envoy
access-control-allow-origin: *
date: Fri, 13 Aug 2021 23:32:03 GMT
access-control-max-age: 604800
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, PATCH
content-type: application/json
via: HTTP/2 edgeproxy, 1.1 google
access-control-allow-credentials: true
access-control-allow-headers: Accept, App-Platform, Authorization, Content-Type, Origin, Retry-After, Spotify-App-Version, X-Cloud-Trace-Context, client-token, content-access-token
alt-svc: clear
content-length: 92
x-content-type-options: nosniff

OPTIONS
H2 200 check_scope
api.spotify.com/v1/melody/v1/ Frame 0
0 16ms
16ms Preflight 2600:1901:1:c36::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.spotify.com/v1/melody/v1/check_scope?scope=web-playback

Protocol

Server

2600:1901:1:c36:: , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization
Origin: https://sdk.scdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: *
access-control-allow-headers: Accept, App-Platform, Authorization, Content-Type, Origin, Retry-After, Spotify-App-Version, X-Cloud-Trace-Context, client-token, content-access-token
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, PATCH
access-control-allow-credentials: true
access-control-max-age: 604800
content-length: 0
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
date: Fri, 13 Aug 2021 23:32:03 GMT
server: envoy
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: clear

GET
H3-29 200 container.html Show response
36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B69F 6 KB
3 KB 23ms
7ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://blip.fm/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://blip.fm/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Fri, 13 Aug 2021 23:32:03 GMT
expires: Sat, 13 Aug 2022 23:32:03 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 container.html Show response
36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 77E7 6 KB
3 KB 19ms
7ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://blip.fm/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://blip.fm/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Fri, 13 Aug 2021 23:32:03 GMT
expires: Sat, 13 Aug 2022 23:32:03 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 31ms
18ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7761979199bf20d25fe4726392f9e6c268295e5d179b2bb5a683cb10fb6ad0d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blip.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 23:32:03 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628854342869989"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27733
x-xss-protection: 0
expires: Fri, 13 Aug 2021 23:32:03 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
9 KB 46ms
25ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021081001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c955c0a1569cb27e14c8ce81e804696ba908e93c84f492acfcfcc259dca58d55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blip.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 13 Aug 2021 23:32:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8486
x-xss-protection: 0

GET
H3-29 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 1B2A 624 B
297 B 16ms
15ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNXU-7NDbHcsCE0jqAqVbr9uekGgVFdGHUk2UhWDCIvuAB_siwhP9-rGEAVPgl1aPD5Q-bTvkzY5YLPFrvgRnoQSOnE05-tXJpiNaklDp0bc8zJYScFao4AsJ7gpNQGwP1LV_GfFcOr9JVy3144S1wSbp7pMxRIBDcS793q3ffSIilrWTjg

Requested by

Host: 36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com
URL: https://36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNXU-7NDbHcsCE0jqAqVbr9uekGgVFdGHUk2UhWDCIvuAB_siwhP9-rGEAVPgl1aPD5Q-bTvkzY5YLPFrvgRnoQSOnE05-tXJpiNaklDp0bc8zJYScFao4AsJ7gpNQGwP1LV_GfFcOr9JVy3144S1wSbp7pMxRIBDcS793q3ffSIilrWTjg
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnsIckT1VvUV4LLc6loIHAyj8NDnIGC1lCVLDL6qvWIcvzJQzk4UEvXZe_f
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 13 Aug 2021 23:32:03 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 77E7 24 KB
13 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BWJLupLTTOolPNVlvXowS7jnU85g6WJprI0dZzBzDoMXYaN0cmY6pGJp5HeuNCXH90o32COLwXoFdRZSzDTKIxTaO9jG5-AyalwGEg8EpTRiX8bKNRaHFTHZQXOn9_3VYZk7LHGbzr-Dev1MEhhJNMgT-fng&cry=1&dbm_d=AKAmf-AHOqvgOGHM5w-EDFj1sh-VAcl3zdD1Ej_eNNiUMy5GdU_B8XNhRXBc4xS9dLjsw18s3hMt3wTBJJX9w0ri1F2mBTtNBAYpBfSXipNsYb7M6F21uQIGJ5CRmXu4gefC4mK7lIpbZ4LykEJNrcyrUHC6xTRZugfVJY9IjPNq9ww9_TfmIZsbXxxVJwG-RcGE-d-rj_Pf8SFDl0eiqLBI3eH3H79n6evdKYiWKNrUmn-gO7xmrPbdb_g_OmiMoCYk-SemrpxzAaNvxizuSp1piPE6jOxFHY-3AMRGRxBdDK4ZQwTYh4A4tDLQ6kvW76oh_mfuu7Y-T7gsIVuF8JPoVADdX5x3fJWinoHBDLq0IpRNCfKJ-D6iBnMr7-su5ivqFXovSt4kzrvfq4lUWWz3uUYavs19Krb4FLevS6Mt7ErteTLQ2v8vEJxz08Hg8huXvbCvUu4chldXVnKnskTBIaGGvTaAdw-WvBItc7z5hwZjkYQ9vGriN3XRPP4qIFd6I7BA4K9ka2ZYd9L4TNiHFVRxhtRej7TS0E4lS2HxGeuXZfY4Elhm0Ak1VS7Kb9LONpiwRYShP-EpMph00X7M5uSeNRRR4TGFIqP3uEhNPPToekDZmjEHqPvjUOBdPRShobLm_bPMQ-jcgTW91iPJ1WFLBoklretjCwsSkZhhSyPB1goxNXZc1Pwh9SqDryuhzUhwnhTAwVRJcVZrJ0rhKtx1hh4OhbiDj2bv7HX3NxiYj8p-aOWC1-plDfHFy8E6VJvA6YKZdj45Dc0xwzPmIjdW39R5kmilLeXaQBfPotGa-b8KkNTwWsuYPK8ol7DQNGjqKh6GHlKlM0OmOx2eXW0AJWqzthWWhyJRJPDm7HaL0SVEu0fSpgWoYF8yQpS11JPj79cbwDmVDtQzZDpBNMAeA5ZcBqi2HX7cM7Tn2qGEYI5NFYYeM3Z7qft1JufhACMZbyhtzHxCGyV9HRtFhmLfvVOYFPF7t64AAdEnI3ry8amZYvwQ1pd4xk67k0Tm6zlHjxeBrhu268uzZOZDlmV6obxFdPTD2yhi23BAU9Il0BO_ZzB1ixApiU7ZH-e-8M0FdImMn5jShTRC7ZTAQufss_HYXYF2B7UVJFWClLbrxG9JAeed474hI8_aOEo8F6K6q1omvhP79UmKzqBuAjTMfph_011n93V9SoDTtb8a1QnrM1qIpLghYmP1GXmHr-kJ2NxgTfsiGxeouoPGZPUMK6z4-hZk_5fRupnvoT8w17dv-M-xcfHhHxtkan5ue4CP6KirULob6zZGaxbgdRF07Ol4JoSB4Uq2weD-uO4p26_H7hxJkTWAesYQAL3IAlzd7x8tHkIdr2XGz43CbcyFRRN75OwgHg8d_0wuXFhPOX8xhiYiCeI5VObTUZyphNM8PsDR0ZW_zfg302WHkkfdGo3wpYRq6v1PSQkAodR17oVvTUJl_tj0UgtmBxjzEklylZOUZJz4TwSPuGqoecoL_DqxNGkuUG5kT7YOU98BwMwvEo9zRn1cHY5zOK-ZFskKadgmgyEfCG6xELAm4lUHLDHwFS8XdmVNnlBSCub-C90iMkzEEwqf5oqDF_14y8-V7uStxzRxfd3p-86vmrJe0gcQwdylNdf8Ti4e2Tz9YJ9GeCk7b5XLobjEvYlodzN-63DcDch0q_aaiLo0O50G0my_-W_Y5SSgBaGivyKvLC-VPNJhzFp_7rQNxorU_xxW9xXsAzPwQd2dryoTWvQSajgycdX0KKy-SfdE2zKULn76tbb77rv_GE0qpS_RASVVtf_A05PomRrU50JqSIl-4KoDc_xaZzGrQUVQ380_YHULIUzR70BprPcBIHM1oy3ywwGFHfu1devdJuvK8NO36J5rrZZPmXcv4pBiisKNBwus0nAP7DwdtgjSNOMeTfJh1ukhGJLjDSKAMYLK8ukPO40MGJOzC44mUP2mcAY83unX1qAC4XlCN4zSF7K88tP12f0p5A8_AbzMRXLU7rRq4d-xGTyhSys6HupS9H8SjgwXoFhsKJF3-3Iu4U3Ks3HeAXV2_o0-QHLN1QaE9T2cd-tmZoOJ6JygXz7mhlLR0jy5K_03ALmEHjeBbS7LOefleIAeJoKQq_MLl3pgomEP3rAgFi9KtbJy56lZWbNTvIDn8H7i3Se-eC2B6kwafykkCyglqqDaJEOQeZ2KPBj9E78T95BAK1LF60abIQUkzEgcb7lGsqKW8e_tIAFrFkHVc211wV-KZ1EBUCkPTuZ9NSL4A-7gkwl0hQzEg8hF_3z9Kmj32kQKM26LGvYIkmJ3PPh6lRqsRCpSSqOHK9NpHcBokLqeUDzv5QaLaUE-KWO0-T0Jcu7ITIcoiKXpTuHacz36g-K7rOZ-dtZBpv4Z5tEOVkvBnzPYX7j2BWky4euRIV8A9Dap-OYCQjsmBtT6O-LnHlkdaZQMB2iXkTswrmA9Wt79dTGEYvbG_hA69WLE4KRc2VARzpB8jwIzD39ifsT2c9bY-kxPVb4I6vYDkXTWk6y6dk_J6rd7eyqim2yX7Ubq3zF43hx2Tib5ZcbICEdGeWbWbHocBGkOnFeQBEGadDtP9PEKxtkwUsldbXrwacBlZnxUe-2mqx17ljlfaSZMfiNY3mo7ld-dXclRI0-9Y3krrxK-6xvTDQ95c-eCHoYGzGYYTAODlW7OOmqVeIQIk2UYbNUby4awUN2AozqYwfGugM1n33qwt9DVO9iuq6lxaC7m3lirFO4MQFoHa_FqgjCDg310z9p0Bcv9ZU2R8x7W1Ap17Km0bdrq9ji_tRfLMIJZjVDAqyihc92N9PRzDF8guSfRCUuKfcqy-CmrwC1-8dh6NbJIxbsu_1mFWuXXoRliQOqS_l2zDBaR3ZRiA1yYgOKFNYAgr5EXHVmuJA4Q1BNYI0lVEcoWOkRopxuvGcKNF45aDmYKUi7u9_mBnLbVxUOeVhh6AlawCJgWqbBdPv_foTI9qVgS1Ob4QBxud2qzDDMzM3Wcryf64Hg9CJl9o0vUtwCkcy-vH4Hb-TV2IAa5HE_m7ZOIDUavpT2CcSUKk8tOxmITqSlHlawM-ATGMHcelELcgGCaK_auBnYWf6hlfTGUWrKtcLZdFyJQjPGbJQkUGYvAd-uG81viU5jhsiGiZ5vbkhoOfQY6X9lrUf2NvyfIDVCcO-P1WhQ&cid=CAASEuRo6u1-qPkHeAfLvG6KE8cUIA&rfl=1%2Chttps%253A%252F%252Fblip.fm%252F%240

Requested by

Host: blip.fm
URL: https://blip.fm/agendatop21

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93285985019ebc5530acd407a871c4ad2ac2f48f2c9734ab60d74b36ef1acace

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 23:32:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13035
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 77E7 42 B
107 B 58ms
39ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Du2W0eDuiB8qEm4gBnZGSrSlYcmUd1PH2YaFmYl59F46TGBWv7S92EvYZ2JrfdMY50fpK9E5Sztxzq-k0X1Oc2v2DLhojm9yoRleOIWfM8mqwnw4A

Requested by

Host: 36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com
URL: https://36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 23:32:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/ Frame 77E7 2 KB
1 KB 34ms
10ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/window_focus_fy2019.js

Requested by

Host: 36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com
URL: https://36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 23:13:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1119
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 Aug 2021 23:13:25 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 77E7 124 KB
37 KB 21ms
19ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com
URL: https://36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37fbc56848d8a6f47f63521ede0688ab5769b28faecbd34e9fecbfc9e1dcd029

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 23:32:04 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628854326415524"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38195
x-xss-protection: 0
expires: Fri, 13 Aug 2021 23:32:04 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/ Frame 77E7 14 KB
7 KB 29ms
5ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com
URL: https://36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 23:17:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 854
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6204
x-xss-protection: 0
server: cafe
etag: 11055049251678278959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 Aug 2021 23:17:50 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 77E7 0
0 14ms
13ms Image
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTXx9ZN_07j3tcb0Zp4z1OqsZ3dO2QXJf33VxWNXo88KLZpvJVh_dwPXThOtoqA_KxWK6Jd_Ql9RpqxhBCI-JnuSySCYg
Requested by: Host: 36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com
URL: https://36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 423C 640 B
316 B 17ms
17ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYncXFlQEwAQ&v=APEucNU8QDgYmD4768n08v2IXBdHfgzY-F8XRbFPD-yRBTdqPvZGz64OCRw_gA_KUVHc14B8ILQ2EBXRFV_Cn2LTUjlXVNEnGGlbroWMCRg3rTu0MyW-waAMEGM-2BfqHRJlF0yETqMjeulICy-9sGHUKN3wG5bTz8y0iup5IV6DeWKSJymcj1M

Requested by

Host: 36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com
URL: https://36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CN-KGhCn9EsYncXFlQEwAQ&v=APEucNU8QDgYmD4768n08v2IXBdHfgzY-F8XRbFPD-yRBTdqPvZGz64OCRw_gA_KUVHc14B8ILQ2EBXRFV_Cn2LTUjlXVNEnGGlbroWMCRg3rTu0MyW-waAMEGM-2BfqHRJlF0yETqMjeulICy-9sGHUKN3wG5bTz8y0iup5IV6DeWKSJymcj1M
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnsIckT1VvUV4LLc6loIHAyj8NDnIGC1lCVLDL6qvWIcvzJQzk4UEvXZe_f
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 13 Aug 2021 23:32:04 GMT
server: cafe
cache-control: private
content-length: 295
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame B69F 25 KB
13 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B7kgmq39zSID9wgqZylCkYcOhQ_U3pW80pw9-REbVjLUeDrvsdtUK3IYmQ0cFf8m3fYXs3pLzNf8dkNR1lw8uUG4fYltlCXjzkuNOv26GjRAPz_Pf8WDn9pvdQIIKSsivc7Zie5l33qHgjwDCW6--xz5ohPQ&cry=1&dbm_d=AKAmf-Cp7Z6kBvK0cg9AamIWNunQptMZ45lHnNBLEsN00DRGR5FYY11rbJ4g3YB8lqVsKru26P1hYRSZNqxEax0guo78gB6DrjtKhmErbZhx7mjOm_DSfeZPozUqCGsUNo3iMvnJe6MjHzB62EefaN-QZIDCO0n4cfy_JuIPcHezH1Fa-sYMg8tjPeCC_mw6o7FL0eyTuM4GMNjoGtmTyy3m0izH4Harujd_EX68aEL_CoYqhRCm95m2ovkH5qmTmEblkCxjyFn1o00MsH2qsFX6busP_LpO49FBrxLMc24WW2S4PFT0viM9SyVpI0f6CQnAnSV6amAMYcCMK8V_8Ugt9PLSL_a986YFUvd2m7IVA43HLKbFZTYFbAr6RYLk0-o8SicMwOg7q22BZ-biSDQwfIEzGdeLN_GtI7ECf6LkTOWJw5IirvXNRmwfi_yb2rXpaPi6SRt09Bp3j7L5oi9BpLdH6X3Yc-sBxZdwwtPBWL1OsjlPEPoPTuuB5S6pdnwR1aTMBsU9-cx-o3ERQtaLckkjDrdLF1Fs-QOtBh9Ox5mg0RpfFX6UEhq_3CORGF8ifp3R6wCPxaqvIE_pyQg7CMkTOjZ13N3NBe3LTc84rQr1gHevIuINzOi3kFnku2c52_-p-nPEC39dIXHQWau4wV4cApZfHiiKkv2gT3pUaNlQQ_ndcGlLNugVV3B8TF5tsLb0gUDQnNo9hdD4w1edjfYd52JfhSyAOZpYGhnndfoH2FAnoxfT90xWCfKOP4hEi-IJMIYLKam5883csgXkeGREYIryhmChTCfzEl6MKqGCsyWcvFRWXPmls5uN9TPjQN1LlOTwjMjqZ8r59tA5FxffRs_rReTi0zk1ljJYs0HMUErZcKQ1CRsfEAbm7Iv9GxG24Lgu_lyXDX2PYvW3yXm_q_tBN283ThaP9VA4l9Dzwv9UguQH7C9iJzvOBQPxR9jnMJObHrh8uv9S7KVaCn8DjoaQYbI4_UZpXMKZ-sp3RXbjrTRtgJcydVDoB1i3AL3VLYOWAgmhTBiFc8UG5ivppr516AEtyV5EshJvmd5hbkRbEqjFGfSI8d0I9X4BKi_TkbhSeJUxullQxrK0lxpEe0qfcWM9oKNCQlS9yApTusPZpXtO_qfm12GOHAdweZujlxRdrK3RW8SCwCAsC5s6Ez1Q9tSaA7DBQzNTFvhuGD8AARyVOoWg3XPa4YK3BBFTY0sUZLZ79Pagx60ctNf0G83v7Zl3M9mFHdd1nq0t5RSkI0s-BYhnXmTrOKV2EbDRiZNfWIGHiy2UxaL4E55o6RGiGnOF2yTNTGaZPRf2VXRaTViE93gAyMAXmpPkEckBQI-sA0j8WXmJcFoVZootvX23tXUHdTarAclJo2gpcorOeY1vEzrTP94kTizgl_zBJoTbZrFfZLYkj1nkwVSb2nQe7B2N8ELrqoM_38u2wbLeWOWhEsqwcnaGmieEpXES6zyYqPixLw-0AuGDrHc-XTBhL-d397RK9dO67mFs3G4XEupdr0Qph0pItLI5RAMm7YF5AEWvlr7tJL5F6TXsLx08BbPb0x9p-pfB64_jQzENHiB85XsixA5K-xOAQKQ7KGeTT5n4dr0fQRJjF0fvWwL5-dvL4Un9GgbrX53M6H3da4QBoKyUxEwdM874imGAS031w1xboeaMbI-K9dyx96tn5yVzYoSSq99Ni0ESvBENcvHSLlly-siK5jUpOTAAvSJURmQFoXvo4BvapOpOtVg9fecK358Q70T7lB_II5pv95DFt4Nx073akSZoSuDiAQFUFbs0GR_joCA8lR5orWwiL6Gb7p6FguKvkMmxTKUZUoViG2dLM-5dW-jTb18uygG3MZRAzXg3Zo9RvmRjspJ-mbW0C4AkLxasRUs1ersc_0FiAmR_k90EGfD3d2rQ2mbsVzuQ_ATz7mc7SgitpamtGi1vRGYkIEhZmFr6B-r4lArfHkvzgFin25U5rni1p8T7En8GJHE3wsIf1iVaf60KgA810Tv7JDUgA8rHNtn1NPhJLnohsbVZ5QM1_KM5Tn3oRslmMoNM323ozzl5WO5WdMD071GlNJ5AW9gUdtQBxUir8mw8ePaCnBlALFnK8_Q3QdwZMG8GRLjhWXBnuRnQleSvKrN5TyEjFRE4bz0fmzqU4vjfSG0VLkysNb2pw6qE7jA-yG1MH5SwZSNZRSmIPxIpPjbNDuZoOtP2u0XKJsURkK_CjRMuGXB8QjZb3h_xhaIasslz244gc_qk9OB26cGAf7KaejsRKOeaPPcAUKMutHPe6v93iMkamjnP9Nm5LwzfsF9W2Tu81TP_E8A6uVcMRoigcaNy_nRGvSx4gq5DPsY3EawljqtK1Blupfb5vhwPnQU7Ua2Ue1U_mhiVEYqT6TH-pPCuCb4DcZAwNTB-InE8ZLnfyFqsQ93lZaLyAo-XRwhMrWnmiIXa6w747lSH1zjg17xgMaI6jp8Gr7ATMT2atQ8WOv4U02vXz0EsZDlhHOnXb3HVINIqC2Z0Z03KeTy4czp_e4pAvEy5qRevn80FYwH34vNX_E-WOf9YlIbOCw2vdkMIcOYOFEztrOTGtN5_PTFcjR-gar9lk2nkJiQjhV1FD08Xu-OnAAspLqaqDkK0XaeB8a0ufgM4uaFuXPXRSaHgBEEl4NNNr8BpFUpzW-eV5_KnhtP9y5r13mFNat99eVNLOenwWHsRVKC0uRdRZh6-b48IuQUEFzUrhuL9t_tcOKPQJBoURhYu_xWTJpnnbqPEhLnFgFjsiIvnwOBC2YW63m6MIrnW2TEQ98j9qmpfh-6puRJE5XjszFqLGAxR1AjLerDHARTbLKVzGDvHeK5kkuim92pa10-WzThbi7CU0EIpiE8YyRQ8Fh0kVWOOSfKHoBEm5wkIXiZh7faaQtHrRQu37iBKTIjekp_-vrGEV48pgHBqzbBMMjlOy5c-2p2asJNaCutoqT04t6ZES6JyFX2X9ZmK52ysplt33fdxBKHYL0SNmAKR8Zdu5cdm1QfrPVKoOAO6WIb5n0-h-M9lYVbREyyTvpwMhPsLojdc8WGVrGyNC3IMrsTbULV8ahOkETvHN97O_v8Zobi7L8GzXxA3MhsYJg9wBOLGmVNC6B7_pAI-lx6keF266QdKzwDTz5BMTPDMAcV18b7EdaNuIm6edH4zl9E&cid=CAASEuRoP9pGYbOTJutkiQ9GcKaHSw&rfl=1%2Chttps%253A%252F%252Fblip.fm%252F%240

Requested by

Host: blip.fm
URL: https://blip.fm/agendatop21

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2acff66da112ece30104e15e1d04cd2002629f749d2e44830c2fb9b613370d00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 23:32:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13114
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame B69F 42 B
515 B 51ms
39ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Aa5u4o3V3Ug5tIsViWaMLXApry26B9fQPmhNVY492xZYYy2k2PcXEtDEX0JgLqyxwTspaxdh8UBIZedsAhjfPxn06PDPRXBFlGcBfMP5iEwBDYnzc

Requested by

Host: 36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com
URL: https://36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 23:32:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/ Frame B69F 2 KB
1 KB 27ms
11ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/window_focus_fy2019.js

Requested by

Host: 36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com
URL: https://36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 23:13:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1119
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 Aug 2021 23:13:25 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B69F 124 KB
37 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com
URL: https://36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37fbc56848d8a6f47f63521ede0688ab5769b28faecbd34e9fecbfc9e1dcd029

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 23:32:04 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628854326415524"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38195
x-xss-protection: 0
expires: Fri, 13 Aug 2021 23:32:04 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/ Frame B69F 14 KB
6 KB 22ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com
URL: https://36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 23:17:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 854
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6204
x-xss-protection: 0
server: cafe
etag: 11055049251678278959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 Aug 2021 23:17:50 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame B69F 0
0 14ms
14ms Image
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTTbTOhfrg1hW4gU5iCUACVvtVpio-Qp-HeKeC4LlKUOUCNHzckjo-gOXis_NJ9aLjK0OAASXA_eBLgpEROnQcUZPeI9Q
Requested by: Host: 36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com
URL: https://36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 37ms
22ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blip.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 23:32:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Fri, 13 Aug 2021 23:32:04 GMT

GET
H3-29 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210809/r20110914/ Frame 77E7 24 KB
9 KB 20ms
7ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210809/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BWJLupLTTOolPNVlvXowS7jnU85g6WJprI0dZzBzDoMXYaN0cmY6pGJp5HeuNCXH90o32COLwXoFdRZSzDTKIxTaO9jG5-AyalwGEg8EpTRiX8bKNRaHFTHZQXOn9_3VYZk7LHGbzr-Dev1MEhhJNMgT-fng&cry=1&dbm_d=AKAmf-AHOqvgOGHM5w-EDFj1sh-VAcl3zdD1Ej_eNNiUMy5GdU_B8XNhRXBc4xS9dLjsw18s3hMt3wTBJJX9w0ri1F2mBTtNBAYpBfSXipNsYb7M6F21uQIGJ5CRmXu4gefC4mK7lIpbZ4LykEJNrcyrUHC6xTRZugfVJY9IjPNq9ww9_TfmIZsbXxxVJwG-RcGE-d-rj_Pf8SFDl0eiqLBI3eH3H79n6evdKYiWKNrUmn-gO7xmrPbdb_g_OmiMoCYk-SemrpxzAaNvxizuSp1piPE6jOxFHY-3AMRGRxBdDK4ZQwTYh4A4tDLQ6kvW76oh_mfuu7Y-T7gsIVuF8JPoVADdX5x3fJWinoHBDLq0IpRNCfKJ-D6iBnMr7-su5ivqFXovSt4kzrvfq4lUWWz3uUYavs19Krb4FLevS6Mt7ErteTLQ2v8vEJxz08Hg8huXvbCvUu4chldXVnKnskTBIaGGvTaAdw-WvBItc7z5hwZjkYQ9vGriN3XRPP4qIFd6I7BA4K9ka2ZYd9L4TNiHFVRxhtRej7TS0E4lS2HxGeuXZfY4Elhm0Ak1VS7Kb9LONpiwRYShP-EpMph00X7M5uSeNRRR4TGFIqP3uEhNPPToekDZmjEHqPvjUOBdPRShobLm_bPMQ-jcgTW91iPJ1WFLBoklretjCwsSkZhhSyPB1goxNXZc1Pwh9SqDryuhzUhwnhTAwVRJcVZrJ0rhKtx1hh4OhbiDj2bv7HX3NxiYj8p-aOWC1-plDfHFy8E6VJvA6YKZdj45Dc0xwzPmIjdW39R5kmilLeXaQBfPotGa-b8KkNTwWsuYPK8ol7DQNGjqKh6GHlKlM0OmOx2eXW0AJWqzthWWhyJRJPDm7HaL0SVEu0fSpgWoYF8yQpS11JPj79cbwDmVDtQzZDpBNMAeA5ZcBqi2HX7cM7Tn2qGEYI5NFYYeM3Z7qft1JufhACMZbyhtzHxCGyV9HRtFhmLfvVOYFPF7t64AAdEnI3ry8amZYvwQ1pd4xk67k0Tm6zlHjxeBrhu268uzZOZDlmV6obxFdPTD2yhi23BAU9Il0BO_ZzB1ixApiU7ZH-e-8M0FdImMn5jShTRC7ZTAQufss_HYXYF2B7UVJFWClLbrxG9JAeed474hI8_aOEo8F6K6q1omvhP79UmKzqBuAjTMfph_011n93V9SoDTtb8a1QnrM1qIpLghYmP1GXmHr-kJ2NxgTfsiGxeouoPGZPUMK6z4-hZk_5fRupnvoT8w17dv-M-xcfHhHxtkan5ue4CP6KirULob6zZGaxbgdRF07Ol4JoSB4Uq2weD-uO4p26_H7hxJkTWAesYQAL3IAlzd7x8tHkIdr2XGz43CbcyFRRN75OwgHg8d_0wuXFhPOX8xhiYiCeI5VObTUZyphNM8PsDR0ZW_zfg302WHkkfdGo3wpYRq6v1PSQkAodR17oVvTUJl_tj0UgtmBxjzEklylZOUZJz4TwSPuGqoecoL_DqxNGkuUG5kT7YOU98BwMwvEo9zRn1cHY5zOK-ZFskKadgmgyEfCG6xELAm4lUHLDHwFS8XdmVNnlBSCub-C90iMkzEEwqf5oqDF_14y8-V7uStxzRxfd3p-86vmrJe0gcQwdylNdf8Ti4e2Tz9YJ9GeCk7b5XLobjEvYlodzN-63DcDch0q_aaiLo0O50G0my_-W_Y5SSgBaGivyKvLC-VPNJhzFp_7rQNxorU_xxW9xXsAzPwQd2dryoTWvQSajgycdX0KKy-SfdE2zKULn76tbb77rv_GE0qpS_RASVVtf_A05PomRrU50JqSIl-4KoDc_xaZzGrQUVQ380_YHULIUzR70BprPcBIHM1oy3ywwGFHfu1devdJuvK8NO36J5rrZZPmXcv4pBiisKNBwus0nAP7DwdtgjSNOMeTfJh1ukhGJLjDSKAMYLK8ukPO40MGJOzC44mUP2mcAY83unX1qAC4XlCN4zSF7K88tP12f0p5A8_AbzMRXLU7rRq4d-xGTyhSys6HupS9H8SjgwXoFhsKJF3-3Iu4U3Ks3HeAXV2_o0-QHLN1QaE9T2cd-tmZoOJ6JygXz7mhlLR0jy5K_03ALmEHjeBbS7LOefleIAeJoKQq_MLl3pgomEP3rAgFi9KtbJy56lZWbNTvIDn8H7i3Se-eC2B6kwafykkCyglqqDaJEOQeZ2KPBj9E78T95BAK1LF60abIQUkzEgcb7lGsqKW8e_tIAFrFkHVc211wV-KZ1EBUCkPTuZ9NSL4A-7gkwl0hQzEg8hF_3z9Kmj32kQKM26LGvYIkmJ3PPh6lRqsRCpSSqOHK9NpHcBokLqeUDzv5QaLaUE-KWO0-T0Jcu7ITIcoiKXpTuHacz36g-K7rOZ-dtZBpv4Z5tEOVkvBnzPYX7j2BWky4euRIV8A9Dap-OYCQjsmBtT6O-LnHlkdaZQMB2iXkTswrmA9Wt79dTGEYvbG_hA69WLE4KRc2VARzpB8jwIzD39ifsT2c9bY-kxPVb4I6vYDkXTWk6y6dk_J6rd7eyqim2yX7Ubq3zF43hx2Tib5ZcbICEdGeWbWbHocBGkOnFeQBEGadDtP9PEKxtkwUsldbXrwacBlZnxUe-2mqx17ljlfaSZMfiNY3mo7ld-dXclRI0-9Y3krrxK-6xvTDQ95c-eCHoYGzGYYTAODlW7OOmqVeIQIk2UYbNUby4awUN2AozqYwfGugM1n33qwt9DVO9iuq6lxaC7m3lirFO4MQFoHa_FqgjCDg310z9p0Bcv9ZU2R8x7W1Ap17Km0bdrq9ji_tRfLMIJZjVDAqyihc92N9PRzDF8guSfRCUuKfcqy-CmrwC1-8dh6NbJIxbsu_1mFWuXXoRliQOqS_l2zDBaR3ZRiA1yYgOKFNYAgr5EXHVmuJA4Q1BNYI0lVEcoWOkRopxuvGcKNF45aDmYKUi7u9_mBnLbVxUOeVhh6AlawCJgWqbBdPv_foTI9qVgS1Ob4QBxud2qzDDMzM3Wcryf64Hg9CJl9o0vUtwCkcy-vH4Hb-TV2IAa5HE_m7ZOIDUavpT2CcSUKk8tOxmITqSlHlawM-ATGMHcelELcgGCaK_auBnYWf6hlfTGUWrKtcLZdFyJQjPGbJQkUGYvAd-uG81viU5jhsiGiZ5vbkhoOfQY6X9lrUf2NvyfIDVCcO-P1WhQ&cid=CAASEuRo6u1-qPkHeAfLvG6KE8cUIA&rfl=1%2Chttps%253A%252F%252Fblip.fm%252F%240

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f9da31cabd7ad9f32c9a2c18ce1838a6eaeeca9fbf55995a3e5a2abb2aface6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 23:29:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 146
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9343
x-xss-protection: 0
server: cafe
etag: 12459758733850244510
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 Aug 2021 23:29:38 GMT

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 77E7 41 KB
15 KB 10ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 09:42:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49798
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Aug 2022 09:42:06 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 1B2A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM_Yzq8_NDscMBeVBTRW_lc&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM_Yzq8_NDscMBeVBTRW_lc&google_cver=1&C=1

43 B
894 B

29ms
28ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM_Yzq8_NDscMBeVBTRW_lc&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNXU-7NDbHcsCE0jqAqVbr9uekGgVFdGHUk2UhWDCIvuAB_siwhP9-rGEAVPgl1aPD5Q-bTvkzY5YLPFrvgRnoQSOnE05-tXJpiNaklDp0bc8zJYScFao4AsJ7gpNQGwP1LV_GfFcOr9JVy3144S1wSbp7pMxRIBDcS793q3ffSIilrWTjg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 13 Aug 2021 23:32:04 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 13 Aug 2021 23:32:04 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 13 Aug 2021 23:32:04 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM_Yzq8_NDscMBeVBTRW_lc&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Fri, 13 Aug 2021 23:32:04 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 1B2A
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YRcA9Jrg9A3sk3-Rh0Fm4gAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM_Yzq8_NDscMBeVBTRW_lc&google_cver=1

43 B
894 B

24ms
24ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM_Yzq8_NDscMBeVBTRW_lc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNXU-7NDbHcsCE0jqAqVbr9uekGgVFdGHUk2UhWDCIvuAB_siwhP9-rGEAVPgl1aPD5Q-bTvkzY5YLPFrvgRnoQSOnE05-tXJpiNaklDp0bc8zJYScFao4AsJ7gpNQGwP1LV_GfFcOr9JVy3144S1wSbp7pMxRIBDcS793q3ffSIilrWTjg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 13 Aug 2021 23:32:04 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 13 Aug 2021 23:32:04 GMT

Redirect headers

pragma: no-cache
date: Fri, 13 Aug 2021 23:32:04 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM_Yzq8_NDscMBeVBTRW_lc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 1B2A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESECM_ezFuODUjoBLX7miKbmk&google_cver=1

43 B
1004 B

17ms
13ms

Image
image/gif

185.33.221.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESECM_ezFuODUjoBLX7miKbmk&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNXU-7NDbHcsCE0jqAqVbr9uekGgVFdGHUk2UhWDCIvuAB_siwhP9-rGEAVPgl1aPD5Q-bTvkzY5YLPFrvgRnoQSOnE05-tXJpiNaklDp0bc8zJYScFao4AsJ7gpNQGwP1LV_GfFcOr9JVy3144S1wSbp7pMxRIBDcS793q3ffSIilrWTjg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.52 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 13 Aug 2021 23:32:04 GMT
X-Proxy-Origin: 89.249.64.211; 89.249.64.211; 725.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 75ca6874-6a65-4208-94fa-f4d3d4152033
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 13 Aug 2021 23:32:04 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESECM_ezFuODUjoBLX7miKbmk&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 1B2A
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTkyOTkyNjA1MTQwODA2NDA5Mg%3D%3D

170 B
188 B

24ms
24ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTkyOTkyNjA1MTQwODA2NDA5Mg%3D%3D

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 23:32:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 13 Aug 2021 23:32:04 GMT
X-Proxy-Origin: 89.249.64.211; 89.249.64.211; 725.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 9e7e7017-82c6-4b3d-8140-f8ede602c820
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTkyOTkyNjA1MTQwODA2NDA5Mg%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 423C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOmIOPf1TIydFZ0T1UEca6g&google_cver=1

43 B
172 B

16ms
16ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOmIOPf1TIydFZ0T1UEca6g&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYncXFlQEwAQ&v=APEucNU8QDgYmD4768n08v2IXBdHfgzY-F8XRbFPD-yRBTdqPvZGz64OCRw_gA_KUVHc14B8ILQ2EBXRFV_Cn2LTUjlXVNEnGGlbroWMCRg3rTu0MyW-waAMEGM-2BfqHRJlF0yETqMjeulICy-9sGHUKN3wG5bTz8y0iup5IV6DeWKSJymcj1M
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.213.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 23:32:04 GMT
via: 1.1 google
server: OXGW/16.213.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 13 Aug 2021 23:32:04 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOmIOPf1TIydFZ0T1UEca6g&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 423C
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZmJkZjJhYTgtNmI4MS0yNWYwLWNhYzUtMzQ4MTZiMjBlOGI3

170 B
188 B

25ms
25ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZmJkZjJhYTgtNmI4MS0yNWYwLWNhYzUtMzQ4MTZiMjBlOGI3

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYncXFlQEwAQ&v=APEucNU8QDgYmD4768n08v2IXBdHfgzY-F8XRbFPD-yRBTdqPvZGz64OCRw_gA_KUVHc14B8ILQ2EBXRFV_Cn2LTUjlXVNEnGGlbroWMCRg3rTu0MyW-waAMEGM-2BfqHRJlF0yETqMjeulICy-9sGHUKN3wG5bTz8y0iup5IV6DeWKSJymcj1M

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 23:32:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 13 Aug 2021 23:32:04 GMT
content-encoding: gzip
server: OXGW/16.213.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZmJkZjJhYTgtNmI4MS0yNWYwLWNhYzUtMzQ4MTZiMjBlOGI3
content-type: image/gif
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H2

200

um
sync.teads.tv/ Frame 423C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESENbsch5YlK8y7DdxRTu_4Ss&google_cver=1

23 B
172 B

56ms
44ms

Image
image/gif

104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESENbsch5YlK8y7DdxRTu_4Ss&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYncXFlQEwAQ&v=APEucNU8QDgYmD4768n08v2IXBdHfgzY-F8XRbFPD-yRBTdqPvZGz64OCRw_gA_KUVHc14B8ILQ2EBXRFV_Cn2LTUjlXVNEnGGlbroWMCRg3rTu0MyW-waAMEGM-2BfqHRJlF0yETqMjeulICy-9sGHUKN3wG5bTz8y0iup5IV6DeWKSJymcj1M
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.3 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 23:32:04 GMT
cache-control: max-age=0, no-cache, no-store
expires: Fri, 13 Aug 2021 23:32:04 GMT
server: akka-http/10.2.3
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 13 Aug 2021 23:32:04 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.teads.tv/um?eid=3&uid=CAESENbsch5YlK8y7DdxRTu_4Ss&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 423C 23 B
172 B 104ms
46ms Image
image/gif 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYncXFlQEwAQ&v=APEucNU8QDgYmD4768n08v2IXBdHfgzY-F8XRbFPD-yRBTdqPvZGz64OCRw_gA_KUVHc14B8ILQ2EBXRFV_Cn2LTUjlXVNEnGGlbroWMCRg3rTu0MyW-waAMEGM-2BfqHRJlF0yETqMjeulICy-9sGHUKN3wG5bTz8y0iup5IV6DeWKSJymcj1M
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.3 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 23:32:04 GMT
cache-control: max-age=0, no-cache, no-store
expires: Fri, 13 Aug 2021 23:32:04 GMT
server: akka-http/10.2.3
content-length: 23
content-type: image/gif

GET
H3-29 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210809/r20110914/ Frame B69F 24 KB
9 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210809/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B7kgmq39zSID9wgqZylCkYcOhQ_U3pW80pw9-REbVjLUeDrvsdtUK3IYmQ0cFf8m3fYXs3pLzNf8dkNR1lw8uUG4fYltlCXjzkuNOv26GjRAPz_Pf8WDn9pvdQIIKSsivc7Zie5l33qHgjwDCW6--xz5ohPQ&cry=1&dbm_d=AKAmf-Cp7Z6kBvK0cg9AamIWNunQptMZ45lHnNBLEsN00DRGR5FYY11rbJ4g3YB8lqVsKru26P1hYRSZNqxEax0guo78gB6DrjtKhmErbZhx7mjOm_DSfeZPozUqCGsUNo3iMvnJe6MjHzB62EefaN-QZIDCO0n4cfy_JuIPcHezH1Fa-sYMg8tjPeCC_mw6o7FL0eyTuM4GMNjoGtmTyy3m0izH4Harujd_EX68aEL_CoYqhRCm95m2ovkH5qmTmEblkCxjyFn1o00MsH2qsFX6busP_LpO49FBrxLMc24WW2S4PFT0viM9SyVpI0f6CQnAnSV6amAMYcCMK8V_8Ugt9PLSL_a986YFUvd2m7IVA43HLKbFZTYFbAr6RYLk0-o8SicMwOg7q22BZ-biSDQwfIEzGdeLN_GtI7ECf6LkTOWJw5IirvXNRmwfi_yb2rXpaPi6SRt09Bp3j7L5oi9BpLdH6X3Yc-sBxZdwwtPBWL1OsjlPEPoPTuuB5S6pdnwR1aTMBsU9-cx-o3ERQtaLckkjDrdLF1Fs-QOtBh9Ox5mg0RpfFX6UEhq_3CORGF8ifp3R6wCPxaqvIE_pyQg7CMkTOjZ13N3NBe3LTc84rQr1gHevIuINzOi3kFnku2c52_-p-nPEC39dIXHQWau4wV4cApZfHiiKkv2gT3pUaNlQQ_ndcGlLNugVV3B8TF5tsLb0gUDQnNo9hdD4w1edjfYd52JfhSyAOZpYGhnndfoH2FAnoxfT90xWCfKOP4hEi-IJMIYLKam5883csgXkeGREYIryhmChTCfzEl6MKqGCsyWcvFRWXPmls5uN9TPjQN1LlOTwjMjqZ8r59tA5FxffRs_rReTi0zk1ljJYs0HMUErZcKQ1CRsfEAbm7Iv9GxG24Lgu_lyXDX2PYvW3yXm_q_tBN283ThaP9VA4l9Dzwv9UguQH7C9iJzvOBQPxR9jnMJObHrh8uv9S7KVaCn8DjoaQYbI4_UZpXMKZ-sp3RXbjrTRtgJcydVDoB1i3AL3VLYOWAgmhTBiFc8UG5ivppr516AEtyV5EshJvmd5hbkRbEqjFGfSI8d0I9X4BKi_TkbhSeJUxullQxrK0lxpEe0qfcWM9oKNCQlS9yApTusPZpXtO_qfm12GOHAdweZujlxRdrK3RW8SCwCAsC5s6Ez1Q9tSaA7DBQzNTFvhuGD8AARyVOoWg3XPa4YK3BBFTY0sUZLZ79Pagx60ctNf0G83v7Zl3M9mFHdd1nq0t5RSkI0s-BYhnXmTrOKV2EbDRiZNfWIGHiy2UxaL4E55o6RGiGnOF2yTNTGaZPRf2VXRaTViE93gAyMAXmpPkEckBQI-sA0j8WXmJcFoVZootvX23tXUHdTarAclJo2gpcorOeY1vEzrTP94kTizgl_zBJoTbZrFfZLYkj1nkwVSb2nQe7B2N8ELrqoM_38u2wbLeWOWhEsqwcnaGmieEpXES6zyYqPixLw-0AuGDrHc-XTBhL-d397RK9dO67mFs3G4XEupdr0Qph0pItLI5RAMm7YF5AEWvlr7tJL5F6TXsLx08BbPb0x9p-pfB64_jQzENHiB85XsixA5K-xOAQKQ7KGeTT5n4dr0fQRJjF0fvWwL5-dvL4Un9GgbrX53M6H3da4QBoKyUxEwdM874imGAS031w1xboeaMbI-K9dyx96tn5yVzYoSSq99Ni0ESvBENcvHSLlly-siK5jUpOTAAvSJURmQFoXvo4BvapOpOtVg9fecK358Q70T7lB_II5pv95DFt4Nx073akSZoSuDiAQFUFbs0GR_joCA8lR5orWwiL6Gb7p6FguKvkMmxTKUZUoViG2dLM-5dW-jTb18uygG3MZRAzXg3Zo9RvmRjspJ-mbW0C4AkLxasRUs1ersc_0FiAmR_k90EGfD3d2rQ2mbsVzuQ_ATz7mc7SgitpamtGi1vRGYkIEhZmFr6B-r4lArfHkvzgFin25U5rni1p8T7En8GJHE3wsIf1iVaf60KgA810Tv7JDUgA8rHNtn1NPhJLnohsbVZ5QM1_KM5Tn3oRslmMoNM323ozzl5WO5WdMD071GlNJ5AW9gUdtQBxUir8mw8ePaCnBlALFnK8_Q3QdwZMG8GRLjhWXBnuRnQleSvKrN5TyEjFRE4bz0fmzqU4vjfSG0VLkysNb2pw6qE7jA-yG1MH5SwZSNZRSmIPxIpPjbNDuZoOtP2u0XKJsURkK_CjRMuGXB8QjZb3h_xhaIasslz244gc_qk9OB26cGAf7KaejsRKOeaPPcAUKMutHPe6v93iMkamjnP9Nm5LwzfsF9W2Tu81TP_E8A6uVcMRoigcaNy_nRGvSx4gq5DPsY3EawljqtK1Blupfb5vhwPnQU7Ua2Ue1U_mhiVEYqT6TH-pPCuCb4DcZAwNTB-InE8ZLnfyFqsQ93lZaLyAo-XRwhMrWnmiIXa6w747lSH1zjg17xgMaI6jp8Gr7ATMT2atQ8WOv4U02vXz0EsZDlhHOnXb3HVINIqC2Z0Z03KeTy4czp_e4pAvEy5qRevn80FYwH34vNX_E-WOf9YlIbOCw2vdkMIcOYOFEztrOTGtN5_PTFcjR-gar9lk2nkJiQjhV1FD08Xu-OnAAspLqaqDkK0XaeB8a0ufgM4uaFuXPXRSaHgBEEl4NNNr8BpFUpzW-eV5_KnhtP9y5r13mFNat99eVNLOenwWHsRVKC0uRdRZh6-b48IuQUEFzUrhuL9t_tcOKPQJBoURhYu_xWTJpnnbqPEhLnFgFjsiIvnwOBC2YW63m6MIrnW2TEQ98j9qmpfh-6puRJE5XjszFqLGAxR1AjLerDHARTbLKVzGDvHeK5kkuim92pa10-WzThbi7CU0EIpiE8YyRQ8Fh0kVWOOSfKHoBEm5wkIXiZh7faaQtHrRQu37iBKTIjekp_-vrGEV48pgHBqzbBMMjlOy5c-2p2asJNaCutoqT04t6ZES6JyFX2X9ZmK52ysplt33fdxBKHYL0SNmAKR8Zdu5cdm1QfrPVKoOAO6WIb5n0-h-M9lYVbREyyTvpwMhPsLojdc8WGVrGyNC3IMrsTbULV8ahOkETvHN97O_v8Zobi7L8GzXxA3MhsYJg9wBOLGmVNC6B7_pAI-lx6keF266QdKzwDTz5BMTPDMAcV18b7EdaNuIm6edH4zl9E&cid=CAASEuRoP9pGYbOTJutkiQ9GcKaHSw&rfl=1%2Chttps%253A%252F%252Fblip.fm%252F%240

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f9da31cabd7ad9f32c9a2c18ce1838a6eaeeca9fbf55995a3e5a2abb2aface6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 23:29:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 146
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9343
x-xss-protection: 0
server: cafe
etag: 12459758733850244510
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 Aug 2021 23:29:38 GMT

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame B69F 41 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 09:42:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49798
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Aug 2022 09:42:06 GMT

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 218D 22 KB
8 KB 12ms
9ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Fri, 13 Aug 2021 09:42:06 GMT
expires: Sat, 13 Aug 2022 09:42:06 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 49798
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK zy291edt4ui9 Show response
hal9000.redintelligence.net/zone/ Frame B69F 11 KB
4 KB 48ms
13ms Script
text/html 138.201.63.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/zy291edt4ui9?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbajZ8wAXYaGFHdb63gPbuLngBLXN-YNXnNC5q-UM8C4QASC1y4pGYJX68IGMB8gBCakC0UZT2s7Lsz6oAwGqBLgBT9A3QXtQLKUzzYM2S6ikZghjykldOl7DTflKjWB6raQWBBmcFjCNrH7PGrSHeJk4h8p0NIMRV801zsmh2bGu2s2DbK_nGFItDyQbXsMi5XyDFEMbM6VnTFGiVvvj3-GNiglhFexlLR89jWh9TY6rMmUvDYitwBDgaO1GdEwsuPsCw_tzHnU1q5totlYBXj91ZN6ORAFJddRiVKVCYIRqsMzbLNWiFJktuLUJWnKhEIDL2NKJzFubjMAEqp38vs8B4AQDkAYBoAZNgAfr5-heqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgbqAeqm7EC2AcA0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi04MTA1MTk1ODAzOTE0MDY5gAoDmAsByAsBgAwBsBPCmtoK0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoP9pGYbOTJutkiQ9GcKaHSw%26sig%3DAOD64_2G9BtVDZQg2WBo1ZpwOX_qiivGMw%26client%3Dca-pub-6949480713202456%26dbm_c%3DAKAmf-D_kWD2Bmljktrw3YDHx69L4lcTXGAkt_PnOxOQe9UF1Y20R4WtTWBP3_Q1xBUFIJQUaDOPwkXrvVuLVB9dWVIVWCcYfSfqZruK1x6O4L3yzRCa6DPX_x8nXVikbbxqKwWksZU4KFNb89bSMxQotX0fTvZsrA%26cry%3D1%26dbm_d%3DAKAmf-BlYljNFmnP5tVRtmdTIfHhFIQDZ_WafUsVkqywGK29XZKxRRYtdwpYVfwN9XM1KvBW2JKVu68NrybRuC0wWkeXo-_jBCliD8GZMe8JoHg5OIqGhB2gnQ3tQTOvMRikm_IKZfHhiTT50ZLTCyQ_8nEcKU5LJmJrb--3nr1JeM9KuXtU2w0ZXcVpQip7v5hXL7MNRlO4wBql4RBJfgLyh6a9pmLN7RazMUlyFulEmoQPWLgXw7mVTOXe-6Cw4b-PFJExoEO7_rPkqfRtbPG6oggCxMzfO8mh09G5uZSs5RB7kHZDhOroF7iwl03_RvAW1M4MpPBQBVkMI6t5ClQWjagsb_GuBHFunUaBuNVwrjMrRb044T8ugRO8nJAWbtq6jnuLVRC_bQqx8QWikkFdzvkWhmoajdzwuyIpHW8oQgeGZcm3_jW-7zRx8pHULXibWcxp1_i0%26adurl%3D
Requested by: Host: 36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com
URL: https://36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.164 Lingenfeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: d2d08b01aa8be1fae8ed00f720d7dfa6657c3001ac0275f7b8f9265398f1b8a9

Request headers

Referer: https://36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 23:32:04 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3879
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK 4727t6qteyti Show response
hal9000.redintelligence.net/zone/ Frame 77E7 11 KB
4 KB 48ms
13ms Script
text/html 138.201.63.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/4727t6qteyti?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCNweP8wAXYaKFHdb63gPbuLngBLXN-YNX_Ni5q-UM8C4QASC1y4pGYJX68IGMB8gBCakC0UZT2s7Lsz6oAwGqBLgBT9BW7_YbFnCKa3-oJKFGtuiS_zRrh06wTqzfl6gBEBEqF7QAKE4QAxcrJDP-f_Kc2jOEvls6tojC_4_xv7NH64hPFmrHD8bOnZxjLjI-i3tArBCmd8PehZMmgy0IlaLjtx0DVWv6ji-zHMNrkdCF84D7XVlO1BEcrjVen8DRp94G69-tiM0Ote1O2Ry0alahVjvMeS-zqpkNL-OrBoU3kT_e2AfaA2sFKpJjU6RGd5-QHeQNMregIcAEqp38vs8B4AQDkAYBoAZNgAfr5-heqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgbqAeqm7EC2AcA0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi04MTA1MTk1ODAzOTE0MDY5gAoDmAsByAsBgAwBsBPCmtoK0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRo6u1-qPkHeAfLvG6KE8cUIA%26sig%3DAOD64_0QXMIt8dhPb1Y1l15t9kYyyqNDnw%26client%3Dca-pub-6949480713202456%26dbm_c%3DAKAmf-DBhByZTPEnLQNci2TTOLDzZqVCpsPF_5YenNk3jrLVzotwc_69-9zsIq2kSZck2StqGF7ih-y9c0Ugg9qldCRQLLbzkdT-va4wdKKn66i-dIiK9Lyb5DYR7lhW1UHXtM8nt26php5wzYa4NH2NniHM0G9Q4Q%26cry%3D1%26dbm_d%3DAKAmf-AZinrW4OoQ3H0RCNx-IpazOzGp5wg03mKL8emn_n58l4mXbkxf4Ip_bYALKUpgASphGcIdGkkT3UDayU3xXRlVpyRX1zj_t1H2z_RWVCABxjxwhefgvC0xTEHaDk4ZPHUD-FARfzOluvIGNDOefe7JKv_zhnRn3f0eXyv4CYCQuFdvBejWdJgfDlQDv1dAk1_N4IwqfpEH1CMjYgVAp2v-yfv9IRjOH8-5qsVUiV73KTFl8xjdSX5GXXm-G7YXaCRmfsCtlkBCBT7EAQLREoh3erhygKvj4NTfWY8HIBWOnL_ChDtkOBfl5n20KigBzXTDWQFvncy7RQ_pG2LZ12dTOR0kyomnXZ2TPV-KlkNArrSapbDn7tQ0-l849t6ghUjRhOrNLl7lGua9Tt9irEo8VGne99QoUqgAcZ-GNt6ZIkBcYqk1CX2fFcphuiVjlnOW1kDR%26adurl%3D
Requested by: Host: 36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com
URL: https://36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.164 Lingenfeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 4e04c2141825fa92168c710e1251d96405a1fac98857a4c89afb2237a8e50b02

Request headers

Referer: https://36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 23:32:04 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3875
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame F403 22 KB
8 KB 7ms
7ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Fri, 13 Aug 2021 09:42:06 GMT
expires: Sat, 13 Aug 2022 09:42:06 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 49798
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame B430 12 KB
5 KB 9ms
6ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://blip.fm/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://blip.fm/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Fri, 13 Aug 2021 20:39:22 GMT
expires: Sat, 13 Aug 2022 20:39:22 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 10362
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3113 783 B
532 B 28ms
24ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

199d9e0a70273c2c7988736b8145f23740b54f4c3a400cc3d1a95ab73bffc58b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-k5UpvVx1Sq+0/nsIhPWxTg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://blip.fm/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://blip.fm/

Response headers

expires: Fri, 13 Aug 2021 23:32:04 GMT
date: Fri, 13 Aug 2021 23:32:04 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-k5UpvVx1Sq+0/nsIhPWxTg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 1ybhf5PHJCoiRTy-ubeljLlyS14gR-QFfTY_U8tl74U.js Show response
pagead2.googlesyndication.com/bg/ Frame 218D 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1ybhf5PHJCoiRTy-ubeljLlyS14gR-QFfTY_U8tl74U.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d726e17f93c7242a22453cbeb9b7a58cb9724b5e2047e4057d363f53cb65ef85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:32:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64793
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13373
x-xss-protection: 0
last-modified: Tue, 03 Aug 2021 09:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 13 Aug 2022 05:32:11 GMT

GET
H3-29 200 1ybhf5PHJCoiRTy-ubeljLlyS14gR-QFfTY_U8tl74U.js Show response
pagead2.googlesyndication.com/bg/ Frame F403 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1ybhf5PHJCoiRTy-ubeljLlyS14gR-QFfTY_U8tl74U.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d726e17f93c7242a22453cbeb9b7a58cb9724b5e2047e4057d363f53cb65ef85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:32:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64793
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13373
x-xss-protection: 0
last-modified: Tue, 03 Aug 2021 09:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 13 Aug 2022 05:32:11 GMT

GET
H3-29 200 1ybhf5PHJCoiRTy-ubeljLlyS14gR-QFfTY_U8tl74U.js Show response
pagead2.googlesyndication.com/bg/ Frame B430 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1ybhf5PHJCoiRTy-ubeljLlyS14gR-QFfTY_U8tl74U.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d726e17f93c7242a22453cbeb9b7a58cb9724b5e2047e4057d363f53cb65ef85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:32:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64793
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13373
x-xss-protection: 0
last-modified: Tue, 03 Aug 2021 09:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 13 Aug 2022 05:32:11 GMT

GET
H/1.1

200
OK

request.php Show response
hal900015.redintelligence.net/ Frame B69F
Redirect Chain

https://hal900015.redintelligence.net/request.php?zone=zy291edt4ui9&nw=20&renderingType=javascript&namespace=b4b808dac5&subid=&uid=82eb8c498987d8f0&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900015.redintelligence.net/request.php?zone=zy291edt4ui9&nw=20&renderingType=javascript&namespace=b4b808dac5&subid=&uid=82eb8c498987d8f0&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

2 KB
1 KB

100ms
77ms

Script
application/x-javascript

138.201.135.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900015.redintelligence.net/request.php?zone=zy291edt4ui9&nw=20&renderingType=javascript&namespace=b4b808dac5&subid=&uid=82eb8c498987d8f0&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbajZ8wAXYaGFHdb63gPbuLngBLXN-YNXnNC5q-UM8C4QASC1y4pGYJX68IGMB8gBCakC0UZT2s7Lsz6oAwGqBLgBT9A3QXtQLKUzzYM2S6ikZghjykldOl7DTflKjWB6raQWBBmcFjCNrH7PGrSHeJk4h8p0NIMRV801zsmh2bGu2s2DbK_nGFItDyQbXsMi5XyDFEMbM6VnTFGiVvvj3-GNiglhFexlLR89jWh9TY6rMmUvDYitwBDgaO1GdEwsuPsCw_tzHnU1q5totlYBXj91ZN6ORAFJddRiVKVCYIRqsMzbLNWiFJktuLUJWnKhEIDL2NKJzFubjMAEqp38vs8B4AQDkAYBoAZNgAfr5-heqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgbqAeqm7EC2AcA0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi04MTA1MTk1ODAzOTE0MDY5gAoDmAsByAsBgAwBsBPCmtoK0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoP9pGYbOTJutkiQ9GcKaHSw%26sig%3DAOD64_2G9BtVDZQg2WBo1ZpwOX_qiivGMw%26client%3Dca-pub-6949480713202456%26dbm_c%3DAKAmf-D_kWD2Bmljktrw3YDHx69L4lcTXGAkt_PnOxOQe9UF1Y20R4WtTWBP3_Q1xBUFIJQUaDOPwkXrvVuLVB9dWVIVWCcYfSfqZruK1x6O4L3yzRCa6DPX_x8nXVikbbxqKwWksZU4KFNb89bSMxQotX0fTvZsrA%26cry%3D1%26dbm_d%3DAKAmf-BlYljNFmnP5tVRtmdTIfHhFIQDZ_WafUsVkqywGK29XZKxRRYtdwpYVfwN9XM1KvBW2JKVu68NrybRuC0wWkeXo-_jBCliD8GZMe8JoHg5OIqGhB2gnQ3tQTOvMRikm_IKZfHhiTT50ZLTCyQ_8nEcKU5LJmJrb--3nr1JeM9KuXtU2w0ZXcVpQip7v5hXL7MNRlO4wBql4RBJfgLyh6a9pmLN7RazMUlyFulEmoQPWLgXw7mVTOXe-6Cw4b-PFJExoEO7_rPkqfRtbPG6oggCxMzfO8mh09G5uZSs5RB7kHZDhOroF7iwl03_RvAW1M4MpPBQBVkMI6t5ClQWjagsb_GuBHFunUaBuNVwrjMrRb044T8ugRO8nJAWbtq6jnuLVRC_bQqx8QWikkFdzvkWhmoajdzwuyIpHW8oQgeGZcm3_jW-7zRx8pHULXibWcxp1_i0%26adurl%3D&documentReferer=https%3A%2F%2Fblip.fm%2F&ancestorOrigins=https%3A%2F%2Fblip.fm&random=9274376717977&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: 36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com
URL: https://36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.135.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.135.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 2ffa6c2aa93c8f4f0318ae4c3585b930f0d731631b2811385fe38be4c6a72aef

Request headers

Referer: https://36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 13 Aug 2021 23:32:04 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 32599900006067400710632011686015
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 893
Expires: Sat, 14 Aug 2021 00:32:04 +0200

Redirect headers

Pragma: no-cache
Date: Fri, 13 Aug 2021 23:32:04 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=zy291edt4ui9&nw=20&renderingType=javascript&namespace=b4b808dac5&subid=&uid=82eb8c498987d8f0&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbajZ8wAXYaGFHdb63gPbuLngBLXN-YNXnNC5q-UM8C4QASC1y4pGYJX68IGMB8gBCakC0UZT2s7Lsz6oAwGqBLgBT9A3QXtQLKUzzYM2S6ikZghjykldOl7DTflKjWB6raQWBBmcFjCNrH7PGrSHeJk4h8p0NIMRV801zsmh2bGu2s2DbK_nGFItDyQbXsMi5XyDFEMbM6VnTFGiVvvj3-GNiglhFexlLR89jWh9TY6rMmUvDYitwBDgaO1GdEwsuPsCw_tzHnU1q5totlYBXj91ZN6ORAFJddRiVKVCYIRqsMzbLNWiFJktuLUJWnKhEIDL2NKJzFubjMAEqp38vs8B4AQDkAYBoAZNgAfr5-heqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgbqAeqm7EC2AcA0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi04MTA1MTk1ODAzOTE0MDY5gAoDmAsByAsBgAwBsBPCmtoK0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoP9pGYbOTJutkiQ9GcKaHSw%26sig%3DAOD64_2G9BtVDZQg2WBo1ZpwOX_qiivGMw%26client%3Dca-pub-6949480713202456%26dbm_c%3DAKAmf-D_kWD2Bmljktrw3YDHx69L4lcTXGAkt_PnOxOQe9UF1Y20R4WtTWBP3_Q1xBUFIJQUaDOPwkXrvVuLVB9dWVIVWCcYfSfqZruK1x6O4L3yzRCa6DPX_x8nXVikbbxqKwWksZU4KFNb89bSMxQotX0fTvZsrA%26cry%3D1%26dbm_d%3DAKAmf-BlYljNFmnP5tVRtmdTIfHhFIQDZ_WafUsVkqywGK29XZKxRRYtdwpYVfwN9XM1KvBW2JKVu68NrybRuC0wWkeXo-_jBCliD8GZMe8JoHg5OIqGhB2gnQ3tQTOvMRikm_IKZfHhiTT50ZLTCyQ_8nEcKU5LJmJrb--3nr1JeM9KuXtU2w0ZXcVpQip7v5hXL7MNRlO4wBql4RBJfgLyh6a9pmLN7RazMUlyFulEmoQPWLgXw7mVTOXe-6Cw4b-PFJExoEO7_rPkqfRtbPG6oggCxMzfO8mh09G5uZSs5RB7kHZDhOroF7iwl03_RvAW1M4MpPBQBVkMI6t5ClQWjagsb_GuBHFunUaBuNVwrjMrRb044T8ugRO8nJAWbtq6jnuLVRC_bQqx8QWikkFdzvkWhmoajdzwuyIpHW8oQgeGZcm3_jW-7zRx8pHULXibWcxp1_i0%26adurl%3D&documentReferer=https%3A%2F%2Fblip.fm%2F&ancestorOrigins=https%3A%2F%2Fblip.fm&random=9274376717977&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Sat, 14 Aug 2021 00:32:04 +0200

GET
H/1.1

200
OK

request.php Show response
hal90007.redintelligence.net/ Frame 77E7
Redirect Chain

https://hal90007.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=fb15f6f1d1&subid=&uid=5721e45b80def6ff&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
https://hal90007.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=fb15f6f1d1&subid=&uid=5721e45b80def6ff&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...

2 KB
1 KB

120ms
97ms

Script
application/x-javascript

138.201.63.157
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90007.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=fb15f6f1d1&subid=&uid=5721e45b80def6ff&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCNweP8wAXYaKFHdb63gPbuLngBLXN-YNX_Ni5q-UM8C4QASC1y4pGYJX68IGMB8gBCakC0UZT2s7Lsz6oAwGqBLgBT9BW7_YbFnCKa3-oJKFGtuiS_zRrh06wTqzfl6gBEBEqF7QAKE4QAxcrJDP-f_Kc2jOEvls6tojC_4_xv7NH64hPFmrHD8bOnZxjLjI-i3tArBCmd8PehZMmgy0IlaLjtx0DVWv6ji-zHMNrkdCF84D7XVlO1BEcrjVen8DRp94G69-tiM0Ote1O2Ry0alahVjvMeS-zqpkNL-OrBoU3kT_e2AfaA2sFKpJjU6RGd5-QHeQNMregIcAEqp38vs8B4AQDkAYBoAZNgAfr5-heqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgbqAeqm7EC2AcA0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi04MTA1MTk1ODAzOTE0MDY5gAoDmAsByAsBgAwBsBPCmtoK0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRo6u1-qPkHeAfLvG6KE8cUIA%26sig%3DAOD64_0QXMIt8dhPb1Y1l15t9kYyyqNDnw%26client%3Dca-pub-6949480713202456%26dbm_c%3DAKAmf-DBhByZTPEnLQNci2TTOLDzZqVCpsPF_5YenNk3jrLVzotwc_69-9zsIq2kSZck2StqGF7ih-y9c0Ugg9qldCRQLLbzkdT-va4wdKKn66i-dIiK9Lyb5DYR7lhW1UHXtM8nt26php5wzYa4NH2NniHM0G9Q4Q%26cry%3D1%26dbm_d%3DAKAmf-AZinrW4OoQ3H0RCNx-IpazOzGp5wg03mKL8emn_n58l4mXbkxf4Ip_bYALKUpgASphGcIdGkkT3UDayU3xXRlVpyRX1zj_t1H2z_RWVCABxjxwhefgvC0xTEHaDk4ZPHUD-FARfzOluvIGNDOefe7JKv_zhnRn3f0eXyv4CYCQuFdvBejWdJgfDlQDv1dAk1_N4IwqfpEH1CMjYgVAp2v-yfv9IRjOH8-5qsVUiV73KTFl8xjdSX5GXXm-G7YXaCRmfsCtlkBCBT7EAQLREoh3erhygKvj4NTfWY8HIBWOnL_ChDtkOBfl5n20KigBzXTDWQFvncy7RQ_pG2LZ12dTOR0kyomnXZ2TPV-KlkNArrSapbDn7tQ0-l849t6ghUjRhOrNLl7lGua9Tt9irEo8VGne99QoUqgAcZ-GNt6ZIkBcYqk1CX2fFcphuiVjlnOW1kDR%26adurl%3D&documentReferer=https%3A%2F%2Fblip.fm%2F&ancestorOrigins=https%3A%2F%2Fblip.fm&random=2034427194471&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: 36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com
URL: https://36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.157 Lingenfeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.157.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 3b81caff0f37ecac424ecb3b1876b4e778ca24587f524bb846f980ef1758a13c

Request headers

Referer: https://36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 13 Aug 2021 23:32:04 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 94200600005983400710612011686007
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 894
Expires: Sat, 14 Aug 2021 00:32:04 +0200

Redirect headers

Pragma: no-cache
Date: Fri, 13 Aug 2021 23:32:04 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=fb15f6f1d1&subid=&uid=5721e45b80def6ff&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCNweP8wAXYaKFHdb63gPbuLngBLXN-YNX_Ni5q-UM8C4QASC1y4pGYJX68IGMB8gBCakC0UZT2s7Lsz6oAwGqBLgBT9BW7_YbFnCKa3-oJKFGtuiS_zRrh06wTqzfl6gBEBEqF7QAKE4QAxcrJDP-f_Kc2jOEvls6tojC_4_xv7NH64hPFmrHD8bOnZxjLjI-i3tArBCmd8PehZMmgy0IlaLjtx0DVWv6ji-zHMNrkdCF84D7XVlO1BEcrjVen8DRp94G69-tiM0Ote1O2Ry0alahVjvMeS-zqpkNL-OrBoU3kT_e2AfaA2sFKpJjU6RGd5-QHeQNMregIcAEqp38vs8B4AQDkAYBoAZNgAfr5-heqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgbqAeqm7EC2AcA0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi04MTA1MTk1ODAzOTE0MDY5gAoDmAsByAsBgAwBsBPCmtoK0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRo6u1-qPkHeAfLvG6KE8cUIA%26sig%3DAOD64_0QXMIt8dhPb1Y1l15t9kYyyqNDnw%26client%3Dca-pub-6949480713202456%26dbm_c%3DAKAmf-DBhByZTPEnLQNci2TTOLDzZqVCpsPF_5YenNk3jrLVzotwc_69-9zsIq2kSZck2StqGF7ih-y9c0Ugg9qldCRQLLbzkdT-va4wdKKn66i-dIiK9Lyb5DYR7lhW1UHXtM8nt26php5wzYa4NH2NniHM0G9Q4Q%26cry%3D1%26dbm_d%3DAKAmf-AZinrW4OoQ3H0RCNx-IpazOzGp5wg03mKL8emn_n58l4mXbkxf4Ip_bYALKUpgASphGcIdGkkT3UDayU3xXRlVpyRX1zj_t1H2z_RWVCABxjxwhefgvC0xTEHaDk4ZPHUD-FARfzOluvIGNDOefe7JKv_zhnRn3f0eXyv4CYCQuFdvBejWdJgfDlQDv1dAk1_N4IwqfpEH1CMjYgVAp2v-yfv9IRjOH8-5qsVUiV73KTFl8xjdSX5GXXm-G7YXaCRmfsCtlkBCBT7EAQLREoh3erhygKvj4NTfWY8HIBWOnL_ChDtkOBfl5n20KigBzXTDWQFvncy7RQ_pG2LZ12dTOR0kyomnXZ2TPV-KlkNArrSapbDn7tQ0-l849t6ghUjRhOrNLl7lGua9Tt9irEo8VGne99QoUqgAcZ-GNt6ZIkBcYqk1CX2fFcphuiVjlnOW1kDR%26adurl%3D&documentReferer=https%3A%2F%2Fblip.fm%2F&ancestorOrigins=https%3A%2F%2Fblip.fm&random=2034427194471&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Sat, 14 Aug 2021 00:32:04 +0200

GET
H2 401 check_scope Show response
api.spotify.com/v1/melody/v1/ Frame 82CD 77 B
162 B 16ms
15ms Fetch
application/json 2600:1901:1:c36::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.spotify.com/v1/melody/v1/check_scope?scope=web-playback

Requested by

Host: sdk.scdn.co
URL: https://sdk.scdn.co/embedded/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:1:c36:: , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

envoy /

Resource Hash

863e7d2c37417b268dcfbeb4430cccad660050490c6d66f2d657370df21c5b06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

authorization: Bearer undefined
Referer: https://sdk.scdn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
www-authenticate: Bearer realm="spotify", error="invalid_token", error_description="Invalid access token"
server: envoy
access-control-allow-origin: *
date: Fri, 13 Aug 2021 23:32:03 GMT
access-control-max-age: 604800
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, PATCH
content-type: application/json
via: HTTP/2 edgeproxy, 1.1 google
access-control-allow-credentials: true
access-control-allow-headers: Accept, App-Platform, Authorization, Content-Type, Origin, Retry-After, Spotify-App-Version, X-Cloud-Trace-Context, client-token, content-access-token
alt-svc: clear
content-length: 92
x-content-type-options: nosniff

OPTIONS
H2 200 check_scope
api.spotify.com/v1/melody/v1/ Frame 0
0 15ms
15ms Preflight 2600:1901:1:c36::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.spotify.com/v1/melody/v1/check_scope?scope=web-playback

Protocol

Server

2600:1901:1:c36:: , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization
Origin: https://sdk.scdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: *
access-control-allow-headers: Accept, App-Platform, Authorization, Content-Type, Origin, Retry-After, Spotify-App-Version, X-Cloud-Trace-Context, client-token, content-access-token
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, PATCH
access-control-allow-credentials: true
access-control-max-age: 604800
content-length: 0
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
date: Fri, 13 Aug 2021 23:32:03 GMT
server: envoy
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: clear

GET
H3-29

200

activityi;dc_pre=CLjWwZKUr_ICFfvTEQgdmC8GzQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3267547880835.5884 Show response
5994599.fls.doubleclick.net/ Frame 55ED
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3267547880835.5884?
https://5994599.fls.doubleclick.net/activityi;dc_pre=CLjWwZKUr_ICFfvTEQgdmC8GzQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3267547880835.5884?

541 B
440 B

34ms
19ms

Document
text/html

142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CLjWwZKUr_ICFfvTEQgdmC8GzQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3267547880835.5884?

Requested by

Host: blip.fm
URL: https://blip.fm/agendatop21

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

cafe /

Resource Hash

28b0837272c3f6c665c8284760d576200bf54ddef8a2b5bdf4d8df135962ccd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 5994599.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CLjWwZKUr_ICFfvTEQgdmC8GzQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3267547880835.5884?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 13 Aug 2021 23:32:04 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 415
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 13-Aug-2021 23:47:04 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 13 Aug 2021 23:32:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CLjWwZKUr_ICFfvTEQgdmC8GzQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3267547880835.5884?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK request_content.php Show response
hal900015.redintelligence.net/ Frame 2AC9 7 KB
3 KB 34ms
12ms Document
text/html 138.201.135.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900015.redintelligence.net/request_content.php?s=32599900006067400710632011686015&a=a62e7e71
Requested by: Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request.php?zone=zy291edt4ui9&nw=20&renderingType=javascript&namespace=b4b808dac5&subid=&uid=82eb8c498987d8f0&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbajZ8wAXYaGFHdb63gPbuLngBLXN-YNXnNC5q-UM8C4QASC1y4pGYJX68IGMB8gBCakC0UZT2s7Lsz6oAwGqBLgBT9A3QXtQLKUzzYM2S6ikZghjykldOl7DTflKjWB6raQWBBmcFjCNrH7PGrSHeJk4h8p0NIMRV801zsmh2bGu2s2DbK_nGFItDyQbXsMi5XyDFEMbM6VnTFGiVvvj3-GNiglhFexlLR89jWh9TY6rMmUvDYitwBDgaO1GdEwsuPsCw_tzHnU1q5totlYBXj91ZN6ORAFJddRiVKVCYIRqsMzbLNWiFJktuLUJWnKhEIDL2NKJzFubjMAEqp38vs8B4AQDkAYBoAZNgAfr5-heqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgbqAeqm7EC2AcA0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi04MTA1MTk1ODAzOTE0MDY5gAoDmAsByAsBgAwBsBPCmtoK0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoP9pGYbOTJutkiQ9GcKaHSw%26sig%3DAOD64_2G9BtVDZQg2WBo1ZpwOX_qiivGMw%26client%3Dca-pub-6949480713202456%26dbm_c%3DAKAmf-D_kWD2Bmljktrw3YDHx69L4lcTXGAkt_PnOxOQe9UF1Y20R4WtTWBP3_Q1xBUFIJQUaDOPwkXrvVuLVB9dWVIVWCcYfSfqZruK1x6O4L3yzRCa6DPX_x8nXVikbbxqKwWksZU4KFNb89bSMxQotX0fTvZsrA%26cry%3D1%26dbm_d%3DAKAmf-BlYljNFmnP5tVRtmdTIfHhFIQDZ_WafUsVkqywGK29XZKxRRYtdwpYVfwN9XM1KvBW2JKVu68NrybRuC0wWkeXo-_jBCliD8GZMe8JoHg5OIqGhB2gnQ3tQTOvMRikm_IKZfHhiTT50ZLTCyQ_8nEcKU5LJmJrb--3nr1JeM9KuXtU2w0ZXcVpQip7v5hXL7MNRlO4wBql4RBJfgLyh6a9pmLN7RazMUlyFulEmoQPWLgXw7mVTOXe-6Cw4b-PFJExoEO7_rPkqfRtbPG6oggCxMzfO8mh09G5uZSs5RB7kHZDhOroF7iwl03_RvAW1M4MpPBQBVkMI6t5ClQWjagsb_GuBHFunUaBuNVwrjMrRb044T8ugRO8nJAWbtq6jnuLVRC_bQqx8QWikkFdzvkWhmoajdzwuyIpHW8oQgeGZcm3_jW-7zRx8pHULXibWcxp1_i0%26adurl%3D&documentReferer=https%3A%2F%2Fblip.fm%2F&ancestorOrigins=https%3A%2F%2Fblip.fm&random=9274376717977&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.135.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.135.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e97712e8675216c659268bad3e3cf820a0fe6c5686abf9d3e2c3bdedc0f85cef

Request headers

Host: hal900015.redintelligence.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: 8lcfmzhxc8d6_uid=64b1ed448d9b70fa
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com/

Response headers

Date: Fri, 13 Aug 2021 23:32:04 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Sat, 14 Aug 2021 00:32:04 +0200
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2305
Connection: close
Content-Type: text/html; charset=utf-8

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 2FD7 1 KB
880 B 6ms
5ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com
URL: https://36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 13 Aug 2021 11:56:19 GMT
expires: Sat, 14 Aug 2021 11:56:19 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 41745
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame B69F 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d3509d8699a32eb91b6be37637bbce14a5bfe828bb135d0216b65a744e54affe

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29

200

activityi;dc_pre=CPHnw5KUr_ICFZzhEQgdZzAP4Q;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5977367589269.185 Show response
5994599.fls.doubleclick.net/ Frame 33BB
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5977367589269.185?
https://5994599.fls.doubleclick.net/activityi;dc_pre=CPHnw5KUr_ICFZzhEQgdZzAP4Q;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5977367589269.185?

391 B
348 B

41ms
40ms

Document
text/html

142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CPHnw5KUr_ICFZzhEQgdZzAP4Q;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5977367589269.185?

Requested by

Host: blip.fm
URL: https://blip.fm/agendatop21

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

cafe /

Resource Hash

75529f3899322d4d58746f86b87039126b00c0acfdba1defd47bd9b216794d4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 5994599.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CPHnw5KUr_ICFZzhEQgdZzAP4Q;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5977367589269.185?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 13 Aug 2021 23:32:04 GMT
expires: Fri, 13 Aug 2021 23:32:04 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 323
x-xss-protection: 0
set-cookie: IDE=AHWqTUkEHK04s_iNDidlqGWZr0zKhHjFIMcruRBhLiwa0RgGN3TUXVYrIr_jmh-s7E4; expires=Wed, 07-Sep-2022 23:32:04 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 13 Aug 2021 23:32:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CPHnw5KUr_ICFZzhEQgdZzAP4Q;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5977367589269.185?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK request_content.php Show response
hal90007.redintelligence.net/ Frame 2236 4 KB
2 KB 34ms
12ms Document
text/html 138.201.63.157
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90007.redintelligence.net/request_content.php?s=94200600005983400710612011686007&a=24f3af48
Requested by: Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=fb15f6f1d1&subid=&uid=5721e45b80def6ff&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCNweP8wAXYaKFHdb63gPbuLngBLXN-YNX_Ni5q-UM8C4QASC1y4pGYJX68IGMB8gBCakC0UZT2s7Lsz6oAwGqBLgBT9BW7_YbFnCKa3-oJKFGtuiS_zRrh06wTqzfl6gBEBEqF7QAKE4QAxcrJDP-f_Kc2jOEvls6tojC_4_xv7NH64hPFmrHD8bOnZxjLjI-i3tArBCmd8PehZMmgy0IlaLjtx0DVWv6ji-zHMNrkdCF84D7XVlO1BEcrjVen8DRp94G69-tiM0Ote1O2Ry0alahVjvMeS-zqpkNL-OrBoU3kT_e2AfaA2sFKpJjU6RGd5-QHeQNMregIcAEqp38vs8B4AQDkAYBoAZNgAfr5-heqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgbqAeqm7EC2AcA0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi04MTA1MTk1ODAzOTE0MDY5gAoDmAsByAsBgAwBsBPCmtoK0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRo6u1-qPkHeAfLvG6KE8cUIA%26sig%3DAOD64_0QXMIt8dhPb1Y1l15t9kYyyqNDnw%26client%3Dca-pub-6949480713202456%26dbm_c%3DAKAmf-DBhByZTPEnLQNci2TTOLDzZqVCpsPF_5YenNk3jrLVzotwc_69-9zsIq2kSZck2StqGF7ih-y9c0Ugg9qldCRQLLbzkdT-va4wdKKn66i-dIiK9Lyb5DYR7lhW1UHXtM8nt26php5wzYa4NH2NniHM0G9Q4Q%26cry%3D1%26dbm_d%3DAKAmf-AZinrW4OoQ3H0RCNx-IpazOzGp5wg03mKL8emn_n58l4mXbkxf4Ip_bYALKUpgASphGcIdGkkT3UDayU3xXRlVpyRX1zj_t1H2z_RWVCABxjxwhefgvC0xTEHaDk4ZPHUD-FARfzOluvIGNDOefe7JKv_zhnRn3f0eXyv4CYCQuFdvBejWdJgfDlQDv1dAk1_N4IwqfpEH1CMjYgVAp2v-yfv9IRjOH8-5qsVUiV73KTFl8xjdSX5GXXm-G7YXaCRmfsCtlkBCBT7EAQLREoh3erhygKvj4NTfWY8HIBWOnL_ChDtkOBfl5n20KigBzXTDWQFvncy7RQ_pG2LZ12dTOR0kyomnXZ2TPV-KlkNArrSapbDn7tQ0-l849t6ghUjRhOrNLl7lGua9Tt9irEo8VGne99QoUqgAcZ-GNt6ZIkBcYqk1CX2fFcphuiVjlnOW1kDR%26adurl%3D&documentReferer=https%3A%2F%2Fblip.fm%2F&ancestorOrigins=https%3A%2F%2Fblip.fm&random=2034427194471&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.157 Lingenfeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.157.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 4657e94091d2113e39d4223811db36f6a0b78c7abbec7fc3e9c6e381655b709a

Request headers

Host: hal90007.redintelligence.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: 8lcfmzhxc8d6_uid=64b1ed448d9b70fa
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com/

Response headers

Date: Fri, 13 Aug 2021 23:32:04 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Sat, 14 Aug 2021 00:32:04 +0200
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1524
Connection: close
Content-Type: text/html; charset=utf-8

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame F13F 1 KB
749 B 6ms
6ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com
URL: https://36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 13 Aug 2021 11:56:19 GMT
expires: Sat, 14 Aug 2021 11:56:19 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 41745
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 77E7 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb219f2004233a641b125add0cf45e9bf988d69af37692e443a1bd70bc8a3984

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 218D 0
20 B 45ms
42ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BRPXa8wAXYd2DPdXFgAf4w4rQCQAAAAA4AeAEAg&bg=!AAOlA0fNAAbOj6irzo87ACkAdvg8WlxC9thb1Frnc8PI4E_8gSn1n_g3gnawmnG1ox8mj2YPhPdjygIAAAC3UgAAAEVoAQeZAsRIYTC_hG3f4RZPANuPLd0KGkedR1XTZvmm8TfPPWXB4PGAWN4qyZuibG7E81rRckD7KOMoAZHdID0A0UCvqGtUy7Rq2je_2gU3ZTzZbPVjfWza6ue3X15ZMhYWp8OKJu066BdDz_mJKW73_meG2sgmRCB_P5FdMJlLY-Yppm-j6BCt_DdVmQaalanjyLHmfeUulvHIPM7aL0lVvqLDl1kHWn80vklBkJR8JP8f132icPwyQE6VlPExa8Gc9oM48n8uLXCqRapoV0hpBhBCBcxThVmh1zBlxGKsPy_WwLn6E3bM3Urs2iWOfjKVEbWm9Sh5vKSdoZUw5im5fUSOi5zAzVxgrZ_DK86s3m-Un8ya_-xyC71YD-i7z5OsVkkCtYvEFewJHnRfFXLFE5UpKVVSSB2tNJPC8598nsDiKbq1M1PFi2z3VoORJ93aT33XUKAnwHio_738mb4qkD4PUeqcAEs-63RvkZAXtWiZQK0aQOAgrAEO29DHl6of1B-EfwI3AkjxgFEgB0L69b7wVaiMG5mqOWs8Sk1RxDb4Offn5VSBq37C98rZosEXUsjk9j-PJA9ERoqZB9w3E7i5-tqQixf1hAvKVoifoqTpeFOdhNLn31qneiG6JczJ6NzzxtUYUR8bfsgPcr7YsNILUZ6MOEziCmk2ErHw9lti7AK-Jjl5SQjAl57EsbNZJy1HGOPSfX1MDgvAikb8XZ29QBjZH1N6a1tgC2aIHjTDJOkrtBCHopbEeVk2f0Bx8p_3KKt-s1wnNQLjItXUKQvClkGxsoqrKOvFdjEIBRtBHrmXY2EiHya5e54suQHGB84bFgQ-OLzm1tFXAIz8crorqhy7P0dk_BM7qYW6mw0gpo9JzWa2oJnjGNOriw7TuQfHVfZtcsnzENRIbK-yG9-csQ91hTve6n9GpQQEfoNPdWipwj_LXQo

Requested by

Host: 36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com
URL: https://36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 23:32:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.6.2/ Frame 2AC9 89 KB
32 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js

Requested by

Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request_content.php?s=32599900006067400710632011686015&a=a62e7e71

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hal900015.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 16:03:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26936
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32245
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Aug 2022 16:03:08 GMT

GET
H/1.1 200
OK DE-970x90.jpg
cdn.contentspread.net/24i/advertiser/32995/creativesup/ Frame 2AC9 45 KB
45 KB 60ms
14ms Image
image/jpeg 88.99.69.161
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.contentspread.net/24i/advertiser/32995/creativesup/DE-970x90.jpg
Requested by: Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request_content.php?s=32599900006067400710632011686015&a=a62e7e71
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.69.161 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.161.69.99.88.clients.your-server.de
Software: nginx /
Resource Hash: 111f89907f15880eac1cbb2d94d9ec4d166639db3a53ca75c11dd59a2887435d

Request headers

Referer: https://hal900015.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 23:32:04 GMT
Last-Modified: Thu, 13 Apr 2017 09:13:45 GMT
Server: nginx
ETag: "58ef4149-b211"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 45585

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 2FD7
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESENOWnmoaQlLHKBgMQVpSHx8&google_cver=1&google_push=AYg5qPLp5uEp20w5gbYkbSKq90rAUVu4Wj9mG3KBUvZ7c9NChGoriG1MxghFbPzxWWBGbXHvzsHh4NpE8s2...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPLp5uEp20w5gbYkbSKq90rAUVu4Wj9mG3KBUvZ7c9NChGoriG1MxghFbPzxWWBGbXHvzsHh4NpE8s2tUmN5ORFJ3W0O6OPS&google_hm=WDQsMe4jQkirSw6G53xr59M

170 B
188 B

20ms
18ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPLp5uEp20w5gbYkbSKq90rAUVu4Wj9mG3KBUvZ7c9NChGoriG1MxghFbPzxWWBGbXHvzsHh4NpE8s2tUmN5ORFJ3W0O6OPS&google_hm=WDQsMe4jQkirSw6G53xr59M

Requested by

Host: 36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com
URL: https://36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 23:32:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 13 Aug 2021 23:32:04 GMT
via: 1.1 google
server: Apache-Coyote/1.1
status: 302
p3p: CP="NOI DSP COR NID CUR OUR NOR"
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPLp5uEp20w5gbYkbSKq90rAUVu4Wj9mG3KBUvZ7c9NChGoriG1MxghFbPzxWWBGbXHvzsHh4NpE8s2tUmN5ORFJ3W0O6OPS&google_hm=WDQsMe4jQkirSw6G53xr59M
cache-control: no-cache, must-revalidate
content-type: text/html;charset=UTF-8
alt-svc: clear
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 403
Forbidden gg_pixel
sync.adaptv.advertising.com/ Frame 2FD7 14 B
14 B 662ms
102ms Image
text/plain 3.230.12.180
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adaptv.advertising.com/gg_pixel?google_gid=CAESED2UC1c1DRXPhBtTJXkVurY&google_cver=1&google_push=AYg5qPJawQDaDbe8cT17k2jhL-QeKQP27XcEanVG5KdSOmlHCDg7atSsd9kvbsYMb_UkUBdtujSl8NXNgfU_A3_AniTk27UDDnuZ
Requested by: Host: 36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com
URL: https://36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.230.12.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-12-180.compute-1.amazonaws.com
Software: ribs2.0 /
Resource Hash: 0db80e4ae35fcf307507f9ced66fe9ccb3147c1ea12a60ea034092e6aa3ebf40

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: ribs2.0
Connection: keep-alive
Content-Length: 14
Content-Type: text/plain

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 2FD7
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEL_Bzqz-6MN9l-YH9wxsP4k&google_cver=1&google_push=AYg5qPJPuQYDyHGsOxEgndFcwFR2Zt5dbks13hr_IVgH21dMWdc-Ezlt9y8Jv-oCl1WqezeCoN5Ifv77j7PrvdPLIWCzgA0...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJPuQYDyHGsOxEgndFcwFR2Zt5dbks13hr_IVgH21dMWdc-Ezlt9y8Jv-oCl1WqezeCoN5Ifv77j7PrvdPLIWCzgA0m2lBY&google_hm=NDU5MDkxNTQ0NDk3MzE1Mj...

170 B
188 B

18ms
18ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJPuQYDyHGsOxEgndFcwFR2Zt5dbks13hr_IVgH21dMWdc-Ezlt9y8Jv-oCl1WqezeCoN5Ifv77j7PrvdPLIWCzgA0m2lBY&google_hm=NDU5MDkxNTQ0NDk3MzE1MjU4NA%3D%3D

Requested by

Host: 36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com
URL: https://36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 23:32:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 13 Aug 2021 23:32:04 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJPuQYDyHGsOxEgndFcwFR2Zt5dbks13hr_IVgH21dMWdc-Ezlt9y8Jv-oCl1WqezeCoN5Ifv77j7PrvdPLIWCzgA0m2lBY&google_hm=NDU5MDkxNTQ0NDk3MzE1MjU4NA%3D%3D
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 dot.gif
s0.2mdn.net/ Frame 2FD7 43 B
99 B 41ms
15ms Image
image/gif 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_gid=CAESEMhXuL5jFnDeXBvmJ9HuWsw&google_cver=1&google_push=AYg5qPJ-izXNZStEGKee_F6OqrKeUYJ4C_Mnc_WioAdm6Fdnzyl4NNXfshTTDkAzXYSihK1BRhDY_hkiub4iwv62QWQ_O5z1lLU

Requested by

Host: 36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com
URL: https://36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 23:32:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Sat, 14 Aug 2021 23:32:04 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 2FD7
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEKqEO3aSkd5ffkdQo64OVHY&google_cver=1&google_push=AYg5qPK0B5O_ViQyO6Q5-4GqZgQWSSsk8NQZKxYUk9iEHSCuD2ZhwnbQxEvTfGQzAtv_LUc19qj-Gofg2O6_xCUmypOQpQ537C8z
https://rtb.openx.net/sync/dds?google_gid=CAESEKqEO3aSkd5ffkdQo64OVHY&google_cver=1&google_push=AYg5qPK0B5O_ViQyO6Q5-4GqZgQWSSsk8NQZKxYUk9iEHSCuD2ZhwnbQxEvTfGQzAtv_LUc19qj-Gofg2O6_xCUmypOQpQ537C8z&...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPK0B5O_ViQyO6Q5-4GqZgQWSSsk8NQZKxYUk9iEHSCuD2ZhwnbQxEvTfGQzAtv_LUc19qj-Gofg2O6_xCUmypOQpQ537C8z&google_hm=nDz2_5jkwIkLvkCXiYqTMQ==

170 B
188 B

17ms
16ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPK0B5O_ViQyO6Q5-4GqZgQWSSsk8NQZKxYUk9iEHSCuD2ZhwnbQxEvTfGQzAtv_LUc19qj-Gofg2O6_xCUmypOQpQ537C8z&google_hm=nDz2_5jkwIkLvkCXiYqTMQ==

Requested by

Host: 36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com
URL: https://36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 23:32:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 13 Aug 2021 23:32:04 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPK0B5O_ViQyO6Q5-4GqZgQWSSsk8NQZKxYUk9iEHSCuD2ZhwnbQxEvTfGQzAtv_LUc19qj-Gofg2O6_xCUmypOQpQ537C8z&google_hm=nDz2_5jkwIkLvkCXiYqTMQ==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: h51alljkp232s5qvrj3cb41574uk504e

GET

pixel
cm.g.doubleclick.net/ Frame 2FD7
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEEtDoo59NKo6ZVM5_jtTvTc&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEEtDoo59NKo6ZVM5_jtTvTc&google_push=AY...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRcA9On40a7pQCSSnGgsjwAABG8AAAIB&google_push=AYg5qPJlevANhZYxLS-SGretWnyW_g5XhiEmYdcwu2TEOMwUiQgKu1POoS3iuSUjfK2IeepTv-RjW7aILwwwjwYv2Z...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRcA9On40a7pQCSSnGgsjwAABG8AAAIB&google_push=AYg5qPJlevANhZYxLS-SGretWnyW_g5XhiEmYdcwu2TEOMwUiQgKu1POoS3iuSUjfK2IeepTv-RjW7aILwwwjwYv2Z...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRcA9On40a7pQCSSnGgsjwAABG8AAAIB&google_push=AYg5qPJlevANhZYxLS-SGretWnyW_g5XhiEmYdcwu2TEOMwUiQgKu1POoS3iuSUjfK2IeepTv-RjW7aILwwwjwYv2Z...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRcA9On40a7pQCSSnGgsjwAABG8AAAIB&google_push=AYg5qPJlevANhZYxLS-SGretWnyW_g5XhiEmYdcwu2TEOMwUiQgKu1POoS3iuSUjfK2IeepTv-RjW7aILwwwjwYv2Z...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRcA9On40a7pQCSSnGgsjwAABG8AAAIB&google_push=AYg5qPJlevANhZYxLS-SGretWnyW_g5XhiEmYdcwu2TEOMwUiQgKu1POoS3iuSUjfK2IeepTv-RjW7aILwwwjwYv2Z...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRcA9On40a7pQCSSnGgsjwAABG8AAAIB&google_push=AYg5qPJlevANhZYxLS-SGretWnyW_g5XhiEmYdcwu2TEOMwUiQgKu1POoS3iuSUjfK2IeepTv-RjW7aILwwwjwYv2Z...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRcA9On40a7pQCSSnGgsjwAABG8AAAIB&google_push=AYg5qPJlevANhZYxLS-SGretWnyW_g5XhiEmYdcwu2TEOMwUiQgKu1POoS3iuSUjfK2IeepTv-RjW7aILwwwjwYv2Z...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRcA9On40a7pQCSSnGgsjwAABG8AAAIB&google_push=AYg5qPJlevANhZYxLS-SGretWnyW_g5XhiEmYdcwu2TEOMwUiQgKu1POoS3iuSUjfK2IeepTv-RjW7aILwwwjwYv2Z...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRcA9On40a7pQCSSnGgsjwAABG8AAAIB&google_push=AYg5qPJlevANhZYxLS-SGretWnyW_g5XhiEmYdcwu2TEOMwUiQgKu1POoS3iuSUjfK2IeepTv-RjW7aILwwwjwYv2Z...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRcA9On40a7pQCSSnGgsjwAABG8AAAIB&google_push=AYg5qPJlevANhZYxLS-SGretWnyW_g5XhiEmYdcwu2TEOMwUiQgKu1POoS3iuSUjfK2IeepTv-RjW7aILwwwjwYv2Z...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRcA9On40a7pQCSSnGgsjwAABG8AAAIB&google_push=AYg5qPJlevANhZYxLS-SGretWnyW_g5XhiEmYdcwu2TEOMwUiQgKu1POoS3iuSUjfK2IeepTv-RjW7aILwwwjwYv2Z...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRcA9On40a7pQCSSnGgsjwAABG8AAAIB&google_push=AYg5qPJlevANhZYxLS-SGretWnyW_g5XhiEmYdcwu2TEOMwUiQgKu1POoS3iuSUjfK2IeepTv-RjW7aILwwwjwYv2Z...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRcA9On40a7pQCSSnGgsjwAABG8AAAIB&google_push=AYg5qPJlevANhZYxLS-SGretWnyW_g5XhiEmYdcwu2TEOMwUiQgKu1POoS3iuSUjfK2IeepTv-RjW7aILwwwjwYv2Z...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRcA9On40a7pQCSSnGgsjwAABG8AAAIB&google_push=AYg5qPJlevANhZYxLS-SGretWnyW_g5XhiEmYdcwu2TEOMwUiQgKu1POoS3iuSUjfK2IeepTv-RjW7aILwwwjwYv2Z...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRcA9On40a7pQCSSnGgsjwAABG8AAAIB&google_push=AYg5qPJlevANhZYxLS-SGretWnyW_g5XhiEmYdcwu2TEOMwUiQgKu1POoS3iuSUjfK2IeepTv-RjW7aILwwwjwYv2Z...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRcA9On40a7pQCSSnGgsjwAABG8AAAIB&google_push=AYg5qPJlevANhZYxLS-SGretWnyW_g5XhiEmYdcwu2TEOMwUiQgKu1POoS3iuSUjfK2IeepTv-RjW7aILwwwjwYv2Z...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRcA9On40a7pQCSSnGgsjwAABG8AAAIB&google_push=AYg5qPJlevANhZYxLS-SGretWnyW_g5XhiEmYdcwu2TEOMwUiQgKu1POoS3iuSUjfK2IeepTv-RjW7aILwwwjwYv2Z...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRcA9On40a7pQCSSnGgsjwAABG8AAAIB&google_push=AYg5qPJlevANhZYxLS-SGretWnyW_g5XhiEmYdcwu2TEOMwUiQgKu1POoS3iuSUjfK2IeepTv-RjW7aILwwwjwYv2Z...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRcA9On40a7pQCSSnGgsjwAABG8AAAIB&google_push=AYg5qPJlevANhZYxLS-SGretWnyW_g5XhiEmYdcwu2TEOMwUiQgKu1POoS3iuSUjfK2IeepTv-RjW7aILwwwjwYv2Z...

0
0

GET
H2 200 dot.gif
s0.2mdn.net/ Frame 2FD7 43 B
413 B 40ms
15ms Image
image/gif 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_gid=CAESEHfbz6QlJ4ngdqbr72ya9mU&google_cver=1&google_push=AYg5qPJVXieKqr43U6YHp5T6dsJaSBM9t2tLWGmEKI0VlgpzOjpK_7GuagvriVDvRTNiZuIcAZD3n3rMBnjHFFEoW5Wf9ni7g9Me

Requested by

Host: 36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com
URL: https://36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 23:32:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Sat, 14 Aug 2021 23:32:04 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 2FD7 0
59 B 20ms
18ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JLCWvsYGElJF_4jtuTtAWGqw27qH8EGcNoCOonBK7RF1b_a4hzVnsrxLoCOm21MbmUyPBOWw

Requested by

Host: 36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com
URL: https://36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 23:32:04 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame F13F 0
104 B 97ms
56ms Image
text/plain 2a02:fa8:8806:12::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEC-BHB5avdJZTXQjWGPRnC8&google_cver=1&google_push=AYg5qPKUYIX33spDPbeeuUYWvXilGnMufP8jGeJOUcJNjfuOeAJg0T1xkFIu_D8o5cfJI4L4wpFZF2TktNu74F4hKYV1j5BZ88CV
Requested by: Host: 36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com
URL: https://36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1400 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 23:32:04 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame F13F
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHy3Ps12Dt5QnXnGilUZWqM&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHy3Ps12Dt5QnXnGilUZWqM&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=N1RKZEE0SjIxTWVHRUk1&google_gid=CAESEHy3Ps12Dt5QnXnGilUZWqM&google_cver=1&google_push=AYg5qPJIxW53lyM9qISPILwrmyvUBB8_J3hJuBn5lU2HqWN...

170 B
188 B

17ms
16ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=N1RKZEE0SjIxTWVHRUk1&google_gid=CAESEHy3Ps12Dt5QnXnGilUZWqM&google_cver=1&google_push=AYg5qPJIxW53lyM9qISPILwrmyvUBB8_J3hJuBn5lU2HqWNgCAY31wX5lfSY2WgXOzB_1ilnVgwn63BswKX7tybYjvpHESSSTbuF

Requested by

Host: 36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com
URL: https://36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 23:32:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 13 Aug 2021 23:32:04 GMT
Server: PingMatch/v2.0.30-661-ga8ef792#rel-ec2-master i-0e5ad42a7c615fafc@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=604800; includeSubDomains
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=N1RKZEE0SjIxTWVHRUk1&google_gid=CAESEHy3Ps12Dt5QnXnGilUZWqM&google_cver=1&google_push=AYg5qPJIxW53lyM9qISPILwrmyvUBB8_J3hJuBn5lU2HqWNgCAY31wX5lfSY2WgXOzB_1ilnVgwn63BswKX7tybYjvpHESSSTbuF
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame F13F
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEAzSYjWyb3mfIrxTU80w4ac&google_cver=1&google_push=AYg5qPIS-nBU4x4BR1zYJy1L1UxVx2YHZ5j1XmEFlN8G3S5hMGeDT2VzhR22V5_4Rqm0MQmmQOh36P1HqTFy_WCD...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPIS-nBU4x4BR1zYJy1L1UxVx2YHZ5j1XmEFlN8G3S5hMGeDT2VzhR22V5_4Rqm0MQmmQOh36P1HqTFy_WCDlNvZ90s0KVE

170 B
188 B

17ms
16ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPIS-nBU4x4BR1zYJy1L1UxVx2YHZ5j1XmEFlN8G3S5hMGeDT2VzhR22V5_4Rqm0MQmmQOh36P1HqTFy_WCDlNvZ90s0KVE

Requested by

Host: 36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com
URL: https://36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 23:32:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 13 Aug 2021 23:32:01 GMT
Server: MT3 3831 a91c15f master cdg-pixel-x25
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPIS-nBU4x4BR1zYJy1L1UxVx2YHZ5j1XmEFlN8G3S5hMGeDT2VzhR22V5_4Rqm0MQmmQOh36P1HqTFy_WCDlNvZ90s0KVE
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 13 Aug 2021 23:32:00 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame F13F 0
135 B 37ms
15ms Image
text/plain 34.96.105.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEOVHFRKtH2VfJHMbaBUlvd4&google_cver=1&google_push=AYg5qPLjQ7uAniD65uuGBoaAzKLhebZ_OPG72QCJ7Yo1drZULgqMDIVSqnJd3sdU0FTgTNZfW0ZqAfw-s8o8DYC86ynRPFd_70x7
Requested by: Host: 36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com
URL: https://36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 23:32:04 GMT
via: 1.1 google
alt-svc: clear

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame F13F
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEAvLobvoofhDIBRFt39VEsA&google_cver=1&google_push=AYg5qPKpHX7v8tux4ObO3v0MjUhicAUdhpu7uaJTZIAeMmFWhnM1UTTW0JPgrUjxs3GUuXv7Hd6TlhVZfNb2jxNl...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=_p65fvKUT_eFc7k6wTekIQ2&google_push=AYg5qPKpHX7v8tux4ObO3v0MjUhicAUdhpu7uaJTZIAeMmFWhnM1UTTW0JPgrUjxs3GUuXv7Hd6TlhVZfNb2jxNlyF0E-maFLog

170 B
188 B

18ms
17ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=_p65fvKUT_eFc7k6wTekIQ2&google_push=AYg5qPKpHX7v8tux4ObO3v0MjUhicAUdhpu7uaJTZIAeMmFWhnM1UTTW0JPgrUjxs3GUuXv7Hd6TlhVZfNb2jxNlyF0E-maFLog

Requested by

Host: 36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com
URL: https://36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 23:32:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 13 Aug 2021 23:32:04 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.15.12
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=_p65fvKUT_eFc7k6wTekIQ2&google_push=AYg5qPKpHX7v8tux4ObO3v0MjUhicAUdhpu7uaJTZIAeMmFWhnM1UTTW0JPgrUjxs3GUuXv7Hd6TlhVZfNb2jxNlyF0E-maFLog
x-host: tde-deliveryengine-production-75454cbd8f-vzs5f
alt-svc: clear
content-length: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame F13F
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESED...
https://sync.targeting.unrulymedia.com/csync/RX-3db87d10-dffd-4405-bea9-2631ced3a891-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPJUErRV5fv_D3S0HjpCH...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPJUErRV5fv_D3S0HjpCHsJptDMcEXop-XRe0XUUEhTTUlMHJZte4KBGI4WCA8jhNlvk2nw4mNA3DtYOyPxlJYodwcBCYiad&google_hm=Az24fRDf_UQFvqkmMc7TqJE

170 B
188 B

16ms
16ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPJUErRV5fv_D3S0HjpCHsJptDMcEXop-XRe0XUUEhTTUlMHJZte4KBGI4WCA8jhNlvk2nw4mNA3DtYOyPxlJYodwcBCYiad&google_hm=Az24fRDf_UQFvqkmMc7TqJE

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 23:32:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPJUErRV5fv_D3S0HjpCHsJptDMcEXop-XRe0XUUEhTTUlMHJZte4KBGI4WCA8jhNlvk2nw4mNA3DtYOyPxlJYodwcBCYiad&google_hm=Az24fRDf_UQFvqkmMc7TqJE
date: Fri, 13 Aug 2021 23:32:04 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX3db87d10dffd4405bea92631ced3a891003
content-type: text/html

GET
H2 200 dot.gif
s0.2mdn.net/ Frame F13F 43 B
99 B 35ms
15ms Image
image/gif 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_gid=CAESEHfbz6QlJ4ngdqbr72ya9mU&google_cver=1&google_push=AYg5qPIK_2dixmCmF3P_DXd2mpZfBWNw6b5bhzhbx2lUyw70Eg7dbw5pMwBWVRrZoDwi_O1dUIWNNsvnc-60T4xcFEKqVzquCUh0Hg

Requested by

Host: 36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com
URL: https://36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 23:32:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Sat, 14 Aug 2021 23:32:04 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame F13F 0
49 B 18ms
16ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KVc-WfsJGRof9PIvZh8eWgPU-jrnG_s3dfLPmswj1qpAOShDpvW5cOql_qADD2DmAr5jviiQ

Requested by

Host: 36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com
URL: https://36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 23:32:04 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F403 0
20 B 43ms
42ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BFMIb9AAXYZOQAdr43gPTyLF4AAAAADgB4AQC&bg=!CgmlCU3NAAbOj6irzo87ACkAdvg8WsLCUCwMDEMNgrIEVvc5yfTfUa08D1l6hhOTgkSfQhDaKIYt_wIAAADbUgAAABNoAQeZAsBzQC4NkhJNtqHjriY20BPzKkf7XYwQcpoSZhxqo44xIKf5UtRWDXV1n7HgCG7d7SC8Hxrq1LT2C5G4JdLkOqJM-lYgD20OcK85Ck5Fx7363Y91FS-KYwTRcxK4vHoLhpnFlUiEQyKJhgyMnY3hXqrGr2tI1REaezr6hfVPOo0JEPf7r924UWF-LulZdT3Lev1FAh3GFyFOljI7ZhW2fsMpGAVVQYl6vAEFODjLIilZsT_qOpsFlFd7zEUfgSJprWD844m-oOX-kRgGHQLHQ1PPUkOZ7pxcc-ZYNFPXfXdCpCSD1KnIxHq9Xbu3un45iJUYMS3UGJ7Dv5AnkoFNsCBMnvP8z4aMzsD6wh-ygASMmkjyuhc2NDkSQ2herGRI8rfUl0GKtuDR03AyHqFg5qWYoatQ1DnNBzMYzKgW-cpqQ85Y_qhzqQrUZztVR09eseRiK7XTK2SCJV1OfDbVv1zqMJAs_Fp0nwfY6NsISrpe1awe9Sk4Yr9Hoc-mUNZKon44MAzS3uK66PC9ylOVnwVXiIhKqgKn5K1vkZN8KjyRWqEnAgum36PUf-IkPWbKTmhU6qwfcLoOEe9jgumsNJIZQgg1K8yw324iPytM-bFf8-dvNMJ6FmK6ESAzox2F8KGVwZR4HmPVU62F1b-Uh-166FMqTba0mC91t3ZOyjl995KbSuTjOjkyPv2eEiYemjfIwL8toAR1YW7WaLjpR17UvYxu7rw6FMbmmJVtMN0OaBFKCPEaLCoChh5zHU5ZnKowLExhP4Y-q0uWG6cigB-xuwmUTfWkQPqAVLUDM4i0vCWrzVIQzDnVjD0aOMbofhE7NtSeu4B2eZo0PeyrUSqot4ufO6W-2lW2Ik6f3TjegPq_ZP8dGzuCBoK5p-Kqm-gefvyEGofUanVVPITrRl18ywVabuGy5gqLOfN8OpBhvg

Requested by

Host: 36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com
URL: https://36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 23:32:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 42ms
41ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021081001&jk=2563890777225502&bg=!EBOlE1fNAAbOj6irzo87ACkAdvg8WtAl6kwUivHM4dWGTp1u4MYAS7iB_FLjSXBAQUkkjS31oFCkvgIAAACoUgAAACZoAQcKALpxrm_O2xB4gIRIPyjVxUL6Dr6YTwlW-XY3o4Ls-C1DYCnohRfdopz7aaju02VPPtQp6yRLxF2tZW-MjJ6oxbug50Cp34FVvXXYoc_CBNC2ndRcUzsQETELnlzH7jiked8-Ze95aJohwMC1Bj-yJVcU24ffXpRfSqrqRnC_wsJknZFeNFP0N-NcWNa4FZPb4OailHRmlCKcoUZHLRSysd48-MJHqwPNZIkskijMh3GnFLv6ZxX-3mslDe2ZAm2bu1QNoGZD66hhKOfR2AoLfs09ZqkbRSla24xsu8vR0pab8FvvYTaSpQFDpyWSfF5ySOM4d02NuGtYCmWK9V315PXtW3QIpfPMQjPcO06UyJWcl7-eGJA1VSxxh0rCXk_OIVa7S4I4Bz6iWme-kMP5ipsW_sdu85XEufZ2gDoykTWLHnA1nIQeoj5f2ZReL2ecvfB-X25AUAA0FywAnPLQKyKQZag6PebfP55NSDoGPI4MKEaoSHuIP2L_wgi04Q21-PMZa3-JzIoSJHSFx4WcqNUvYJVqAPvZ9fGGmiZe8xKP220JHih51NsUwm5vYfI_MHvMdqUWbyklSlW2bhERUErGYQrB0DG_MtmmmbwXi_-KL-ZLHv37Bow6-G9q8PBk-AGGbzyjyx-nygVwrZhgV-VgnhI0422UVGob1d7PMcgn81vQlsSWuLJpvEsqvlsw5V_FMpgJ8m9986ySVfOFUlPTUiksxP0PVEW-MC_ntPZJM2K3GtrX-_AXXWzH1qzFdN3sBUAmsnN6anXsI7Pi6zk7BRGEJ3c5DD6WJImHuV8-c3Pqs8OSSIYKwRYgTPTCXSPYaMQzIMBFbKC1iWZZgI3NuVcNUOEmxMOgzXwI3RRCh-MNkv6zc5POUGrgj0alD3YiD49fpQj7zwVCUHoqrzOgsT5KVTbXggOydS9jO_mF61RDs_GLoVeebkxIXk3lT0WQiuNQ8BU0awOj1qkHkwtfTKcZXKf2Yms9OTHQ_ZfV_9qVIkVTGrWBgUSpxmdxnkbyA0w_BNLrz3ousvlD5TRX9rAmq0Pxvi2e7D5tyScpQFoXqyUc5KZ1CsY

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blip.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 23:32:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 728x90_OMAC_2016_Launch%20(4).jpg
cdn.contentspread.net/24i/advertiser/32995/creativesup/ Frame 2236 44 KB
44 KB 55ms
17ms Image
image/jpeg 88.99.69.161
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.contentspread.net/24i/advertiser/32995/creativesup/728x90_OMAC_2016_Launch%20(4).jpg
Requested by: Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request_content.php?s=94200600005983400710612011686007&a=24f3af48
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.69.161 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.161.69.99.88.clients.your-server.de
Software: nginx /
Resource Hash: e8ec2a4d84f51a4860526181c3822b954b3a134dc14446ba753b37708470171d

Request headers

Referer: https://hal90007.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 23:32:04 GMT
Last-Modified: Mon, 20 Jun 2016 09:28:47 GMT
Server: nginx
ETag: "5767b74f-af88"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 44936

GET
H/1.1 200
OK viewability Show response
hal90007.redintelligence.net/ Frame 2236 0
150 B 35ms
12ms Script
text/html 138.201.63.157
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90007.redintelligence.net/viewability?s=94200600005983400710612011686007&a=2d91785e&vb=m
Requested by: Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request_content.php?s=94200600005983400710612011686007&a=24f3af48
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.157 Lingenfeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.157.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hal90007.redintelligence.net/request_content.php?s=94200600005983400710612011686007&a=24f3af48
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 23:32:04 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame 2236 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 / Show response
adservice.google.com/ddm/fls/i/dc_pre=CLjWwZKUr_ICFfvTEQgdmC8GzQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3267547880835.5884;~oref=https://36846... Frame B8E9 540 B
650 B 42ms
42ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CLjWwZKUr_ICFfvTEQgdmC8GzQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3267547880835.5884;~oref=https://36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com/

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CLjWwZKUr_ICFfvTEQgdmC8GzQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3267547880835.5884?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f4b29278940a758d6744f91139a3f38ea1902b5d97099984a22cead408ffca2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: adservice.google.com
:scheme: https
:path: /ddm/fls/i/dc_pre=CLjWwZKUr_ICFfvTEQgdmC8GzQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3267547880835.5884;~oref=https://36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://5994599.fls.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://5994599.fls.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 13 Aug 2021 23:32:04 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 417
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK viewability Show response
hal900015.redintelligence.net/ Frame 2AC9 0
150 B 39ms
12ms Script
text/html 138.201.135.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900015.redintelligence.net/viewability?s=32599900006067400710632011686015&a=8f145f0b&vb=m
Requested by: Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request_content.php?s=32599900006067400710632011686015&a=a62e7e71
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.135.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.135.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hal900015.redintelligence.net/request_content.php?s=32599900006067400710632011686015&a=a62e7e71
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 23:32:04 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame 2AC9 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 dc_pre=CPHnw5KUr_ICFZzhEQgdZzAP4Q;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5977367589269.185
adservice.google.com/ddm/fls/z/ Frame 33BB 42 B
118 B 41ms
41ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CPHnw5KUr_ICFZzhEQgdZzAP4Q;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5977367589269.185

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CPHnw5KUr_ICFZzhEQgdZzAP4Q;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5977367589269.185?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5994599.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 23:32:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
adservice.google.de/ddm/fls/i/dc_pre=CLjWwZKUr_ICFfvTEQgdmC8GzQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3267547880835.5884;~oref=https://36846e... Frame 4090 194 B
391 B 45ms
42ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CLjWwZKUr_ICFfvTEQgdmC8GzQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3267547880835.5884;~oref=https://36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com/

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CLjWwZKUr_ICFfvTEQgdmC8GzQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3267547880835.5884;~oref=https://36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: adservice.google.de
:scheme: https
:path: /ddm/fls/i/dc_pre=CLjWwZKUr_ICFfvTEQgdmC8GzQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3267547880835.5884;~oref=https://36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://adservice.google.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://adservice.google.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 13 Aug 2021 23:32:04 GMT
expires: Fri, 13 Aug 2021 23:32:04 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 177
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 401 check_scope Show response
api.spotify.com/v1/melody/v1/ Frame 82CD 77 B
162 B 16ms
15ms Fetch
application/json 2600:1901:1:c36::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.spotify.com/v1/melody/v1/check_scope?scope=web-playback

Requested by

Host: sdk.scdn.co
URL: https://sdk.scdn.co/embedded/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:1:c36:: , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

envoy /

Resource Hash

863e7d2c37417b268dcfbeb4430cccad660050490c6d66f2d657370df21c5b06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

authorization: Bearer undefined
Referer: https://sdk.scdn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
www-authenticate: Bearer realm="spotify", error="invalid_token", error_description="Invalid access token"
server: envoy
access-control-allow-origin: *
date: Fri, 13 Aug 2021 23:32:04 GMT
access-control-max-age: 604800
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, PATCH
content-type: application/json
via: HTTP/2 edgeproxy, 1.1 google
access-control-allow-credentials: true
access-control-allow-headers: Accept, App-Platform, Authorization, Content-Type, Origin, Retry-After, Spotify-App-Version, X-Cloud-Trace-Context, client-token, content-access-token
alt-svc: clear
content-length: 92
x-content-type-options: nosniff

OPTIONS
H2 200 check_scope
api.spotify.com/v1/melody/v1/ Frame 0
0 15ms
15ms Preflight 2600:1901:1:c36::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.spotify.com/v1/melody/v1/check_scope?scope=web-playback

Protocol

Server

2600:1901:1:c36:: , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization
Origin: https://sdk.scdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: *
access-control-allow-headers: Accept, App-Platform, Authorization, Content-Type, Origin, Retry-After, Spotify-App-Version, X-Cloud-Trace-Context, client-token, content-access-token
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, PATCH
access-control-allow-credentials: true
access-control-max-age: 604800
content-length: 0
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
date: Fri, 13 Aug 2021 23:32:04 GMT
server: envoy
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: clear

GET
H2 401 check_scope Show response
api.spotify.com/v1/melody/v1/ Frame 82CD 77 B
162 B 18ms
18ms Fetch
application/json 2600:1901:1:c36::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.spotify.com/v1/melody/v1/check_scope?scope=web-playback

Requested by

Host: sdk.scdn.co
URL: https://sdk.scdn.co/embedded/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:1:c36:: , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

envoy /

Resource Hash

863e7d2c37417b268dcfbeb4430cccad660050490c6d66f2d657370df21c5b06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

authorization: Bearer undefined
Referer: https://sdk.scdn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
www-authenticate: Bearer realm="spotify", error="invalid_token", error_description="Invalid access token"
server: envoy
access-control-allow-origin: *
date: Fri, 13 Aug 2021 23:32:04 GMT
access-control-max-age: 604800
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, PATCH
content-type: application/json
via: HTTP/2 edgeproxy, 1.1 google
access-control-allow-credentials: true
access-control-allow-headers: Accept, App-Platform, Authorization, Content-Type, Origin, Retry-After, Spotify-App-Version, X-Cloud-Trace-Context, client-token, content-access-token
alt-svc: clear
content-length: 92
x-content-type-options: nosniff

OPTIONS
H2 200 check_scope
api.spotify.com/v1/melody/v1/ Frame 0
0 15ms
15ms Preflight 2600:1901:1:c36::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.spotify.com/v1/melody/v1/check_scope?scope=web-playback

Protocol

Server

2600:1901:1:c36:: , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization
Origin: https://sdk.scdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: *
access-control-allow-headers: Accept, App-Platform, Authorization, Content-Type, Origin, Retry-After, Spotify-App-Version, X-Cloud-Trace-Context, client-token, content-access-token
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, PATCH
access-control-allow-credentials: true
access-control-max-age: 604800
content-length: 0
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
date: Fri, 13 Aug 2021 23:32:04 GMT
server: envoy
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: clear

POST
H2 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 3166 28 B
320 B 21ms
20ms XHR
application/json 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/50e823fc/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 120
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/?enablejsapi=1&origin=https%3A%2F%2Fblip.fm&widgetid=1
X-YouTube-Client-Version: 1.20210811.1.0
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtmWkdKR19tQ0VQRSjygdyIBg%3D%3D
X-YouTube-Ad-Signals: dt=1628897522888&flash=0&frm=2&u_tz=120&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C320%2C270&vis=1&wgl=true&ca_type=image&bid=ANyPxKolUW5PzGfxCOXTxdoVDdKNvlBqFLb32BKDg-iOsdBhTj57VvHGwm8Pa5j99HqUxJhxnjpLU4gsrV55zG9gRajbcO3zZw

Response headers

date: Fri, 13 Aug 2021 23:32:05 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Fri, 13 Aug 2021 23:32:05 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B69F 42 B
64 B 54ms
41ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvMey7IkF9VZkogZ0o2MGrud99D6PHx1ymX2I3HfpniMWFNOdyE9_OP6pdfN95ZjoopzVr93aVLAHbeIpt4yq91SHtTihEPMyG-JtQLz0uImc-h&sai=AMfl-YTYHTj5gDvb0RjM4qOzXxhM8X0qK3I-JPDfUe-r1QTKhK6TGBL6Wdn7GuJgh9tl70IcWPm_y4-Li7ILhY1t1Whquf0bXwnnz54jYY4SuuPsO5yIXCzM4vrpFnI&sig=Cg0ArKJSzOE95QAJRiGhEAE&cid=CAASEuRoP9pGYbOTJutkiQ9GcKaHSw&id=lidar2&mcvt=1000&p=689,315,779,1285&asp=689,315,779,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210813&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3076314635&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1628897523955&dlt=25&rpt=388&isd=0&lsd=0&msd=0&r=v&speed=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 23:32:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 77E7 42 B
64 B 41ms
40ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssjYq2uYOkwAs7NoJQqvrk5gffMhe_k6pBLRJ6V_-XfJdXgTnGLOZuF5yXprBeNRXnpanDmx3WH3rhZVqxIpHYSPhGkwMgBzn-vI4xFEWNpA6Bp&sai=AMfl-YThQFKAwEzDCcCY2VQUdrcHJI6EmiaGZgBa4_tBkq9R4niOcpYkJizbNo5QNFNWUfS4joqQWc0XKSVo55_vwZeRIFsJSNkbB_XJgihn0aCB1HIjXneF60C6c-w&sig=Cg0ArKJSzItzjehFi3xvEAE&cid=CAASEuRo6u1-qPkHeAfLvG6KE8cUIA&id=lidar2&mcvt=1000&p=1110,436,1200,1164&asp=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210813&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3224969948&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1628897523957&dlt=22&rpt=413&isd=0&lsd=0&msd=0&r=v&speed=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 23:32:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK viewability Show response
hal90007.redintelligence.net/ Frame 2236 0
150 B 36ms
12ms Script
text/html 138.201.63.157
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90007.redintelligence.net/viewability?s=94200600005983400710612011686007&a=2d91785e&vb=v
Requested by: Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request_content.php?s=94200600005983400710612011686007&a=24f3af48
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.157 Lingenfeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.157.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hal90007.redintelligence.net/request_content.php?s=94200600005983400710612011686007&a=24f3af48
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 23:32:05 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 401 check_scope Show response
api.spotify.com/v1/melody/v1/ Frame 82CD 77 B
162 B 17ms
16ms Fetch
application/json 2600:1901:1:c36::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.spotify.com/v1/melody/v1/check_scope?scope=web-playback

Requested by

Host: sdk.scdn.co
URL: https://sdk.scdn.co/embedded/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:1:c36:: , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

envoy /

Resource Hash

863e7d2c37417b268dcfbeb4430cccad660050490c6d66f2d657370df21c5b06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

authorization: Bearer undefined
Referer: https://sdk.scdn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
www-authenticate: Bearer realm="spotify", error="invalid_token", error_description="Invalid access token"
server: envoy
access-control-allow-origin: *
date: Fri, 13 Aug 2021 23:32:05 GMT
access-control-max-age: 604800
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, PATCH
content-type: application/json
via: HTTP/2 edgeproxy, 1.1 google
access-control-allow-credentials: true
access-control-allow-headers: Accept, App-Platform, Authorization, Content-Type, Origin, Retry-After, Spotify-App-Version, X-Cloud-Trace-Context, client-token, content-access-token
alt-svc: clear
content-length: 92
x-content-type-options: nosniff

OPTIONS
H2 200 check_scope
api.spotify.com/v1/melody/v1/ Frame 0
0 16ms
16ms Preflight 2600:1901:1:c36::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.spotify.com/v1/melody/v1/check_scope?scope=web-playback

Protocol

Server

2600:1901:1:c36:: , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization
Origin: https://sdk.scdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: *
access-control-allow-headers: Accept, App-Platform, Authorization, Content-Type, Origin, Retry-After, Spotify-App-Version, X-Cloud-Trace-Context, client-token, content-access-token
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, PATCH
access-control-allow-credentials: true
access-control-max-age: 604800
content-length: 0
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
date: Fri, 13 Aug 2021 23:32:05 GMT
server: envoy
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: clear

GET
H/1.1 200
OK viewability Show response
hal900015.redintelligence.net/ Frame 2AC9 0
150 B 35ms
13ms Script
text/html 138.201.135.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900015.redintelligence.net/viewability?s=32599900006067400710632011686015&a=8f145f0b&vb=v
Requested by: Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request_content.php?s=32599900006067400710632011686015&a=a62e7e71
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.135.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.135.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hal900015.redintelligence.net/request_content.php?s=32599900006067400710632011686015&a=a62e7e71
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 23:32:05 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 401 check_scope Show response
api.spotify.com/v1/melody/v1/ Frame 82CD 77 B
162 B 16ms
16ms Fetch
application/json 2600:1901:1:c36::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.spotify.com/v1/melody/v1/check_scope?scope=web-playback

Requested by

Host: sdk.scdn.co
URL: https://sdk.scdn.co/embedded/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:1:c36:: , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

envoy /

Resource Hash

863e7d2c37417b268dcfbeb4430cccad660050490c6d66f2d657370df21c5b06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

authorization: Bearer undefined
Referer: https://sdk.scdn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
www-authenticate: Bearer realm="spotify", error="invalid_token", error_description="Invalid access token"
server: envoy
access-control-allow-origin: *
date: Fri, 13 Aug 2021 23:32:06 GMT
access-control-max-age: 604800
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, PATCH
content-type: application/json
via: HTTP/2 edgeproxy, 1.1 google
access-control-allow-credentials: true
access-control-allow-headers: Accept, App-Platform, Authorization, Content-Type, Origin, Retry-After, Spotify-App-Version, X-Cloud-Trace-Context, client-token, content-access-token
alt-svc: clear
content-length: 92
x-content-type-options: nosniff

OPTIONS
H2 200 check_scope
api.spotify.com/v1/melody/v1/ Frame 0
0 15ms
15ms Preflight 2600:1901:1:c36::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.spotify.com/v1/melody/v1/check_scope?scope=web-playback

Protocol

Server

2600:1901:1:c36:: , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization
Origin: https://sdk.scdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: *
access-control-allow-headers: Accept, App-Platform, Authorization, Content-Type, Origin, Retry-After, Spotify-App-Version, X-Cloud-Trace-Context, client-token, content-access-token
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, PATCH
access-control-allow-credentials: true
access-control-max-age: 604800
content-length: 0
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
date: Fri, 13 Aug 2021 23:32:06 GMT
server: envoy
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: clear

GET
H2 401 check_scope Show response
api.spotify.com/v1/melody/v1/ Frame 82CD 77 B
162 B 16ms
16ms Fetch
application/json 2600:1901:1:c36::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.spotify.com/v1/melody/v1/check_scope?scope=web-playback

Requested by

Host: sdk.scdn.co
URL: https://sdk.scdn.co/embedded/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:1:c36:: , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

envoy /

Resource Hash

863e7d2c37417b268dcfbeb4430cccad660050490c6d66f2d657370df21c5b06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

authorization: Bearer undefined
Referer: https://sdk.scdn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
www-authenticate: Bearer realm="spotify", error="invalid_token", error_description="Invalid access token"
server: envoy
access-control-allow-origin: *
date: Fri, 13 Aug 2021 23:32:06 GMT
access-control-max-age: 604800
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, PATCH
content-type: application/json
via: HTTP/2 edgeproxy, 1.1 google
access-control-allow-credentials: true
access-control-allow-headers: Accept, App-Platform, Authorization, Content-Type, Origin, Retry-After, Spotify-App-Version, X-Cloud-Trace-Context, client-token, content-access-token
alt-svc: clear
content-length: 92
x-content-type-options: nosniff

OPTIONS
H2 200 check_scope
api.spotify.com/v1/melody/v1/ Frame 0
0 15ms
15ms Preflight 2600:1901:1:c36::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.spotify.com/v1/melody/v1/check_scope?scope=web-playback

Protocol

Server

2600:1901:1:c36:: , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization
Origin: https://sdk.scdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: *
access-control-allow-headers: Accept, App-Platform, Authorization, Content-Type, Origin, Retry-After, Spotify-App-Version, X-Cloud-Trace-Context, client-token, content-access-token
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, PATCH
access-control-allow-credentials: true
access-control-max-age: 604800
content-length: 0
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
date: Fri, 13 Aug 2021 23:32:07 GMT
server: envoy
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: clear

GET
H2 401 check_scope Show response
api.spotify.com/v1/melody/v1/ Frame 82CD 77 B
162 B 16ms
16ms Fetch
application/json 2600:1901:1:c36::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.spotify.com/v1/melody/v1/check_scope?scope=web-playback

Requested by

Host: sdk.scdn.co
URL: https://sdk.scdn.co/embedded/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:1:c36:: , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

envoy /

Resource Hash

863e7d2c37417b268dcfbeb4430cccad660050490c6d66f2d657370df21c5b06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

authorization: Bearer undefined
Referer: https://sdk.scdn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
www-authenticate: Bearer realm="spotify", error="invalid_token", error_description="Invalid access token"
server: envoy
access-control-allow-origin: *
date: Fri, 13 Aug 2021 23:32:07 GMT
access-control-max-age: 604800
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, PATCH
content-type: application/json
via: HTTP/2 edgeproxy, 1.1 google
access-control-allow-credentials: true
access-control-allow-headers: Accept, App-Platform, Authorization, Content-Type, Origin, Retry-After, Spotify-App-Version, X-Cloud-Trace-Context, client-token, content-access-token
alt-svc: clear
content-length: 92
x-content-type-options: nosniff

OPTIONS
H2 200 check_scope
api.spotify.com/v1/melody/v1/ Frame 0
0 15ms
15ms Preflight 2600:1901:1:c36::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.spotify.com/v1/melody/v1/check_scope?scope=web-playback

Protocol

Server

2600:1901:1:c36:: , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization
Origin: https://sdk.scdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: *
access-control-allow-headers: Accept, App-Platform, Authorization, Content-Type, Origin, Retry-After, Spotify-App-Version, X-Cloud-Trace-Context, client-token, content-access-token
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, PATCH
access-control-allow-credentials: true
access-control-max-age: 604800
content-length: 0
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
date: Fri, 13 Aug 2021 23:32:07 GMT
server: envoy
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: clear

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRcA9On40a7pQCSSnGgsjwAABG8AAAIB&google_push=AYg5qPJlevANhZYxLS-SGretWnyW_g5XhiEmYdcwu2TEOMwUiQgKu1POoS3iuSUjfK2IeepTv-RjW7aILwwwjwYv2ZRmXSW4iBt9&google_gid=CAESEEtDoo59NKo6ZVM5_jtTvTc&google_cver=1

Verdicts & Comments Add Verdict or Comment

222 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: 0WsRHAkzVLc
.blip.fm/	1970-01-20 05:52:46	Name: __qca Value: P0-335754222-1628897522778
.blip.fm/	1969-12-31 23:59:59	Name: _dlt Value: 1
.blip.fm/	1970-01-20 00:51:05	Name: __utmz Value: 171230451.1628897522.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.blip.fm/	1970-01-19 20:28:19	Name: __utmb Value: 171230451.1.10.1628897522
.blip.fm/	1969-12-31 23:59:59	Name: __utmc Value: 171230451
.blip.fm/	1970-01-19 20:28:18	Name: __utmt Value: 1
.youtube.com/	1970-01-20 00:47:29	Name: VISITOR_INFO1_LIVE Value: fZGJG_mCEPE
.blip.fm/	1970-01-20 13:59:29	Name: __utma Value: 171230451.520580097.1628897522.1628897522.1628897522.1

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	info	URL: https://cdn.jsdelivr.net/npm/vue@2.x/dist/vue.js(Line 9099) Message: Download the Vue Devtools extension for a better development experience: https://github.com/vuejs/vue-devtools
console-api	info	URL: https://cdn.jsdelivr.net/npm/vue@2.x/dist/vue.js(Line 9108) Message: You are running Vue in development mode. Make sure to turn on production mode when deploying for production. See more tips at https://vuejs.org/guide/deployment.html
console-api	error	URL: https://blip.fm/_/js/spotify-api.js(Line 158) Message: Failed to initialize player
console-api	error	URL: https://blip.fm/_/js/spotify-api.js(Line 163) Message: Authentication failed

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

36846e212f66301bf217cb1c4dd33a65.safeframe.googlesyndication.com
5994599.fls.doubleclick.net
ads.travelaudience.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
api.spotify.com
apresolve.spotify.com
blip.fm
c.amazon-adsystem.com
cdn.ampproject.org
cdn.contentspread.net
cdn.jsdelivr.net
cdnjs.cloudflare.com
cm.g.doubleclick.net
d1uswytv6491xe.cloudfront.net
dclk-match.dotomi.com
dsum-sec.casalemedia.com
empowerlocal-plugin-js.s3.us-east-2.amazonaws.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
hal9000.redintelligence.net
hal900015.redintelligence.net
hal90007.redintelligence.net
ib.adnxs.com
miro.medium.com
pagead2.googlesyndication.com
pixel.quantserve.com
pm.w55c.net
pr-bh.ybp.yahoo.com
rtb.openx.net
rules.quantcount.com
s0.2mdn.net
s7.addthis.com
sdk.scdn.co
secure.quantserve.com
securepubads.g.doubleclick.net
ssl.google-analytics.com
static.doubleclick.net
stats.g.doubleclick.net
sync.1rx.io
sync.adaptv.advertising.com
sync.mathtag.com
sync.targeting.unrulymedia.com
sync.teads.tv
tpc.googlesyndication.com
tr.blismedia.com
us-u.openx.net
v1.addthisedge.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.youtube.com
z.moatads.com
cm.g.doubleclick.net
104.111.242.245
104.75.88.126
138.201.135.164
138.201.63.157
138.201.63.164
142.250.185.226
142.250.185.230
142.250.186.162
143.204.101.50
185.29.135.190
185.33.221.52
2.18.234.21
2.18.235.40
213.19.147.44
2600:1901:0:524d::
2600:1901:1:c36::
2600:9000:2104:ba00:6:44e3:f8c0:93a1
2606:4700:7::a29f:9804
2606:4700::6810:135e
2a00:1288:110:c305::8000
2a00:1450:4001:803::2004
2a00:1450:4001:808::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2001
2a00:1450:4001:811::2003
2a00:1450:4001:811::2004
2a00:1450:4001:811::200a
2a00:1450:4001:812::200e
2a00:1450:4001:813::2002
2a00:1450:4001:813::2008
2a00:1450:4001:828::2006
2a00:1450:4001:828::200a
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
2a00:1450:4001:830::2006
2a00:1450:4001:831::2003
2a00:1450:400c:c04::9d
2a02:fa8:8806:12::1400
2a04:4e42:3::485
2a04:4e42:62::760
3.124.143.99
3.230.12.180
34.96.105.8
35.186.193.173
35.186.253.211
35.190.0.66
35.244.159.8
52.219.102.146
52.84.44.170
54.163.233.121
88.99.69.161
91.228.74.133
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
091d0d2297eafd7c4f3cf2a5b009e3ac9830ea24780ac19b6be083176c6e870a
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0db80e4ae35fcf307507f9ced66fe9ccb3147c1ea12a60ea034092e6aa3ebf40
10985b0138ee107431b8118e0d8b2efa14439caf69807bf0bde75c96c578f018
111f89907f15880eac1cbb2d94d9ec4d166639db3a53ca75c11dd59a2887435d
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
17c3bd5b578cb7f4fccd1ad422794185e0c96b0c68a60756f4b1a72b674972c8
18b87be5275cde608bd496d8ea511da068792e37cd3d2fadff4bafdd9d9494ec
199d9e0a70273c2c7988736b8145f23740b54f4c3a400cc3d1a95ab73bffc58b
1feda3dc45dfdcb46ec8f8abdafc23f06d4e2d954a864ec9e9e61b857dc8d1e8
1fee0b34c67a3e22047b627896862289225552817e79f658ade465b28c7103e0
21eeb045f9dd8ff8bb9e8ce9cbc328282dc12d6346110c0b56fb18d9e9b8e0f9
28b0837272c3f6c665c8284760d576200bf54ddef8a2b5bdf4d8df135962ccd0
2acff66da112ece30104e15e1d04cd2002629f749d2e44830c2fb9b613370d00
2f4b29278940a758d6744f91139a3f38ea1902b5d97099984a22cead408ffca2
2ffa6c2aa93c8f4f0318ae4c3585b930f0d731631b2811385fe38be4c6a72aef
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
35e9144015046c3d25f20ddbd1f3036306891c441a18343c1d1e2da6ff3c2bd1
37fbc56848d8a6f47f63521ede0688ab5769b28faecbd34e9fecbfc9e1dcd029
3983c27985f9ae67aed69d7ca6a82a682a7095df30b8d8253014de0f4ee97427
3b81caff0f37ecac424ecb3b1876b4e778ca24587f524bb846f980ef1758a13c
3c00d50d6046dfc2e2a7de2a5a177d35e11b708fe9fc93f966c0d28a304ab485
3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7
3c8e32e9a68235f5bf06d4bd78dbde6139b26e709b1393c9af93a15be38879d2
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4657e94091d2113e39d4223811db36f6a0b78c7abbec7fc3e9c6e381655b709a
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b6a2b0fd27801f153917af3d6558094fd0e76f7e08e21e78b45b0343362d3d6
4b6c4dd2186139cfe5da8627cbd85b7f54e8b4d84164a4f98af88427c6ebb5e0
4cf8b4da854cac70fb514c2d255e93904353bda1fcc7229de2f59d5971d83028
4db8af548255ad1270380918e096b18fddd5b984f95fd4862f18575f8267162f
4e04c2141825fa92168c710e1251d96405a1fac98857a4c89afb2237a8e50b02
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
506acc31c96d7717fb734d9af0d16f6bccc7f93444b6b4485a66b90ca906a80b
51849fb8f2b161981d2a508c4e58503a0a752c6bbac592a742d92efdb1c378c6
5345a3bf0a85143d337b572e4cea04e8705eb606e47611d54a7c1e1f6242308a
655d2013c62900319a0da87ab51de91cf5432d6e119b7e8bd224389100b2931e
67f2b0a60f37796c436ea0d9f947a22cb196312a87705d10069b65acc2993f01
69b75483b270421e1a89426dd59387ba090772313561c3e9fa415396a78e8936
6cb20c5dcdc3f32e501ce77167a4b9367f3e974b1de4c89e6e7ce92a16dd37a0
6dd4fff51fbb3100897e6ac0835da4e6af87ba686a9552b994a5abdfc1e95503
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
75529f3899322d4d58746f86b87039126b00c0acfdba1defd47bd9b216794d4b
7761979199bf20d25fe4726392f9e6c268295e5d179b2bb5a683cb10fb6ad0d2
79cc39ab51de99510d98e22dfc56bd456b3ffbb29671e3d2e61719ee50792565
7efb9af3df0ee1eaec1782c00202f4ebf05c1c42551b638bd568866ba5ec4523
82e2d5fd2ae7a2dfb049133d30a1c14aa65ddacffd138a73921f2994766c3324
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8389ab2ff25b494852f8aa7c6972c69140ffb4f74ad5fb5f030d6ed3a1160359
863e7d2c37417b268dcfbeb4430cccad660050490c6d66f2d657370df21c5b06
88c003ca3b8264aa64112d6c7ebe5a82011b6041c24460dbea7a31d3bfafee34
89b0febca2d4760da3faefbc01776bb09e424d642978f1e808917da3a43cb026
93285985019ebc5530acd407a871c4ad2ac2f48f2c9734ab60d74b36ef1acace
94b2dabca19edc6cc311cd01b7412d78399213d99e965630b20e9adfdd591ffa
9585f9660d61236506d8fe0d442168949a866c238ee7fe8c5f32b0aec2b29d71
95b17ad661699c049d42195b8ccd1d855045a1fcfbd20d8609a6d87fa5703810
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a23389e429dd06fef35779a55445e4a89dca384b6805d2b26fb2e50c1228f4a9
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a74acb7a696191bfe5e2819a4bac32c071a0302e63413044e4f6b4e396d5e6d5
a9995890adfe6c6d117c0774fa1a895fc5588115ff7712b1838e059aaf6f5953
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
ad6c03b014c238c864d168340a81b0249fb963c060c336b5a85868da5efd6a3f
ae6e79fcd093e4a8968d1ebc25b12f74f12503794384e0de7598761261c01f70
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3d07bd62da73385f67aa7d09c598bade0243347339334c81763124a803dbaf7
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8
bfd684487fa502cbadc6a43e262a68e04e70ba90fa536625eade641357004111
c04e372715cffbc60a3f59d89c6ba50bb9f8adbc36c2e75cbd155f4ae1a911e8
c0e57c534e7fce5e66fb419c269b97d436385a2c69b9f508edf480ef60dedf91
c64d71a7340d0504d0aebd5cd91d450cd334747ad1f06053def7072862cb74e0
c955c0a1569cb27e14c8ce81e804696ba908e93c84f492acfcfcc259dca58d55
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cac4360b64e45cb4dec85db122e8565e26842137d54cbd7cdb9211c041c47e2b
cb0d709906ae03ee405aa0270235921ba881289489b042c0ec25365fc03e83a4
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
d2d08b01aa8be1fae8ed00f720d7dfa6657c3001ac0275f7b8f9265398f1b8a9
d3509d8699a32eb91b6be37637bbce14a5bfe828bb135d0216b65a744e54affe
d726e17f93c7242a22453cbeb9b7a58cb9724b5e2047e4057d363f53cb65ef85
d742c90726251e69bb74320f674d4c9d4019a1cc42daaccc86a7aa4d6898a74d
d770749019637859894001e3ce01057cc47b89c89f5afe98f1c6d0aaf9a4648d
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
dd45d78a8d809985739cee4bd27276157a2b7e7dc4068156a22fa922b6ee00bd
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
dfab5946bd6b4da8c9851ae533d48191976e544cd030158a488ff9f0d2f4f550
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4a54349dc54879fad8d1567c0dbaad10d67553f8d1c190f3939e46b434c6e9a
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
e6d76a2dedcc68e2317925b345474a47ee6294694ded93655ee3d69559a4a583
e7a1375f883984026b922acfbe7cbc0bd02effdbfbfdde9354922a6055502624
e8ec2a4d84f51a4860526181c3822b954b3a134dc14446ba753b37708470171d
e97712e8675216c659268bad3e3cf820a0fe6c5686abf9d3e2c3bdedc0f85cef
eb219f2004233a641b125add0cf45e9bf988d69af37692e443a1bd70bc8a3984
ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5443d42c7834cd8ff927327229833a12c96c6888dbd9c56c44896b327d3a492
f9da31cabd7ad9f32c9a2c18ce1838a6eaeeca9fbf55995a3e5a2abb2aface6b
ff7bf0e46bc638dc36c28fd98b218a1983bc2badd30cbed318de10c270f66ec1

blip.fm Open in urlscan Pro 54.163.233.121 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

173 Requests

99 %HTTPS

54 %IPv6

41 Domains

57 Subdomains

49 IPs

6 Countries

2938 kBTransfer

8498 kBSize

9 Cookies

2 Outgoing links

Redirected requests

173 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

blip.fm Open in urlscan Pro
54.163.233.121 Public Scan

Screenshot
Live screenshot

Full Image

173
Requests

99 %
HTTPS

54 %
IPv6

41
Domains

57
Subdomains

49
IPs

6
Countries

2938 kB
Transfer

8498 kB
Size

9
Cookies

173 HTTP transactions
4 data transactions