s.0cf.io Open in urlscan Pro
199.212.255.113 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://s.0cf.io/
Submission Tags: @phishunt_io
Submission: On August 25 via api (August 25th 2021, 6:40:52 pm UTC) from DE

Summary HTTP 53 Redirects Behaviour Indicators

Summary

This website contacted 18 IPs in 9 countries across 37 domains to perform 53 HTTP transactions. The main IP is 199.212.255.113, located in Canada and belongs to FHMNET, CA. The main domain is s.0cf.io.
TLS certificate: Issued by R3 on July 27th 2021. Valid for: 3 months.

This is the only time s.0cf.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
15	199.212.255.113 199.212.255.113	25948 (FHMNET) (FHMNET)
5 5	185.33.220.242 185.33.220.242	29990 (ASN-APPNEX) (ASN-APPNEX)
1	37.252.161.190 37.252.161.190	29990 (ASN-APPNEX) (ASN-APPNEX)
1	18.185.233.121 18.185.233.121	16509 (AMAZON-02) (AMAZON-02)
2	208.100.17.178 208.100.17.178	32748 (STEADFAST) (STEADFAST)
19	54.77.47.243 54.77.47.243	16509 (AMAZON-02) (AMAZON-02)
2 3	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
2	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	198.148.27.139 198.148.27.139	19189 (PULSEPOINT) (PULSEPOINT)
6 6	213.19.147.45 213.19.147.45	26120 (RHYTHMONE) (RHYTHMONE)
6 6	76.223.111.131 76.223.111.131	16509 (AMAZON-02) (AMAZON-02)
3 3	216.52.2.19 216.52.2.19	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1	178.162.133.149 178.162.133.149	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2 2	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
2 2	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
3 3	147.75.38.124 147.75.38.124	54825 (PACKET) (PACKET)
1 1	185.33.221.91 185.33.221.91	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	185.86.138.119 185.86.138.119	201081 (SMARTADSE...) (SMARTADSERVER)
1 1	8.2.110.134 8.2.110.134	46636 (NATCOWEB) (NATCOWEB)
1	51.89.9.252 51.89.9.252	16276 (OVH) (OVH)
1	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3 3	35.156.90.40 35.156.90.40	16509 (AMAZON-02) (AMAZON-02)
1 1	168.119.168.187 168.119.168.187	24940 (HETZNER-AS) (HETZNER-AS)
1 1	54.175.198.118 54.175.198.118	14618 (AMAZON-AES) (AMAZON-AES)
1 1	70.42.32.191 70.42.32.191	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1 1	64.202.112.191 64.202.112.191	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1 1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
1 1	52.203.60.58 52.203.60.58	14618 (AMAZON-AES) (AMAZON-AES)
1	150.136.26.45 150.136.26.45	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
1	169.197.150.7 169.197.150.7	398989 (DEEPINTENT) (DEEPINTENT)
2 2	3.123.215.135 3.123.215.135	16509 (AMAZON-02) (AMAZON-02)
1 3	23.37.42.132 23.37.42.132	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	185.29.132.245 185.29.132.245	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2 2	151.101.14.49 151.101.14.49	54113 (FASTLY) (FASTLY)
1 2	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1	18.195.155.181 18.195.155.181	16509 (AMAZON-02) (AMAZON-02)
1 1	124.146.215.46 124.146.215.46	2514 (INFOSPHER...) (INFOSPHERE NTT PC Communications)
1 1	193.0.160.129 193.0.160.129	54312 (ROCKETFUEL) (ROCKETFUEL)
2 2	185.184.8.65 185.184.8.65	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	199.212.255.130 199.212.255.130	25948 (FHMNET) (FHMNET)
53	18

15 199.212.255.113 (Canada)

ASN25948 (FHMNET, CA)

s.0cf.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.33.220.242 (Amsterdam, Netherlands) 5 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.161.190 (Bethnal Green, United Kingdom)

ASN29990 (ASN-APPNEX, US)
PTR: prebid.ams1.adnexus.net

prebid.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.185.233.121 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-233-121.eu-central-1.compute.amazonaws.com

prebid-server.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 208.100.17.178 (United States)

ASN32748 (STEADFAST, US)
PTR: ip178.208-100-17.static.steadfastdns.net

ssc-cms.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 54.77.47.243 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-47-243.eu-west-1.compute.amazonaws.com

rtb.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.18.234.21 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.253.211 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.148.27.139 (New York, United States) 2 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 213.19.147.45 (United Kingdom) 6 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 76.223.111.131 (United States) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.52.2.19 (United States) 3 redirects

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.162.133.149 (Madrid, Spain)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.18 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 147.75.38.124 (Amsterdam, Netherlands) 3 redirects

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.221.91 (Amsterdam, Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.138.119 (France) 2 redirects

ASN201081 (SMARTADSERVER, FR)

ssbsync-global.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.2.110.134 (United States) 1 redirects

ASN46636 (NATCOWEB, US)

cs.krushmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.252 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.156.90.40 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-90-40.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 168.119.168.187 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.187.168.119.168.clients.your-server.de

bidswitch-eu.splicky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.175.198.118 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-198-118.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 70.42.32.191 (United States) 1 redirects

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.202.112.191 (United States) 1 redirects

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:110:c305::8000 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.203.60.58 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-60-58.compute-1.amazonaws.com

sync.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 150.136.26.45 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)

sync.technoratimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com

match.deepintent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.123.215.135 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-215-135.eu-central-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.37.42.132 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.245 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.14.49 (Frankfurt am Main, Germany) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.194 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com

cs.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 124.146.215.46 (Minato-ku, Japan) 1 redirects

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)

tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.129 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.65 (Amsterdam, Netherlands) 2 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.212.255.130 (Canada)

ASN25948 (FHMNET, CA)

us.dblks.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	gumgum.com rtb.gumgum.com	6 KB
15	0cf.io s.0cf.io	62 KB
7	adnxs.com 6 redirects secure.adnxs.com prebid.adnxs.com ib.adnxs.com	6 KB
6	adsrvr.org 6 redirects match.adsrvr.org	3 KB
5	rubiconproject.com 1 redirects prebid-server.rubiconproject.com secure-assets.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com	11 KB
4	1rx.io 4 redirects sync.1rx.io	2 KB
3	bidswitch.net 3 redirects x.bidswitch.net	1 KB
3	a-mo.net 3 redirects prebid.a-mo.net	882 B
3	yahoo.com 2 redirects ups.analytics.yahoo.com pr-bh.ybp.yahoo.com	2 KB
3	lijit.com 3 redirects ap.lijit.com	2 KB
3	pubmatic.com ads.pubmatic.com image6.pubmatic.com	11 KB
3	openx.net 3 redirects rtb.openx.net us-u.openx.net	999 B
3	casalemedia.com 2 redirects ssum.casalemedia.com	2 KB
2	creativecdn.com 2 redirects creativecdn.com	695 B
2	doubleclick.net 1 redirects cm.g.doubleclick.net	890 B
2	everesttech.net 2 redirects sync-tm.everesttech.net	627 B
2	360yield.com 2 redirects ad.360yield.com	617 B
2	smartadserver.com 2 redirects ssbsync-global.smartadserver.com ssbsync.smartadserver.com	499 B
2	3lift.com 2 redirects eb2.3lift.com	777 B
2	unrulymedia.com 2 redirects sync.targeting.unrulymedia.com	938 B
2	contextweb.com 2 redirects bh.contextweb.com	798 B
2	33across.com ssc-cms.33across.com
1	dblks.net us.dblks.net	500 B
1	rfihub.com 1 redirects p.rfihub.com	751 B
1	socdm.com 1 redirects tg.socdm.com	687 B
1	emxdgt.com cs.emxdgt.com
1	mathtag.com 1 redirects sync.mathtag.com	611 B
1	deepintent.com match.deepintent.com	44 B
1	technoratimedia.com sync.technoratimedia.com	294 B
1	ipredictive.com 1 redirects sync.ipredictive.com	428 B
1	outbrain.com 1 redirects sync.outbrain.com	627 B
1	zemanta.com 1 redirects b1sync.zemanta.com	303 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com	608 B
1	splicky.com 1 redirects bidswitch-eu.splicky.com	221 B
1	onetag-sys.com onetag-sys.com	823 B
1	krushmedia.com 1 redirects cs.krushmedia.com	593 B
1	sonobi.com sync.go.sonobi.com	509 B
53	37

	Domain	Requested by
19	rtb.gumgum.com	s.0cf.io rtb.gumgum.com
15	s.0cf.io	s.0cf.io rtb.gumgum.com
6	match.adsrvr.org	6 redirects
5	secure.adnxs.com	5 redirects
4	sync.1rx.io	4 redirects
3	x.bidswitch.net	3 redirects
3	prebid.a-mo.net	3 redirects
3	ap.lijit.com	3 redirects
3	ssum.casalemedia.com	2 redirects s.0cf.io
2	creativecdn.com	2 redirects
2	cm.g.doubleclick.net	1 redirects rtb.gumgum.com
2	sync-tm.everesttech.net	2 redirects
2	eus.rubiconproject.com	rtb.gumgum.com eus.rubiconproject.com
2	ad.360yield.com	2 redirects
2	ups.analytics.yahoo.com	2 redirects
2	eb2.3lift.com	2 redirects
2	sync.targeting.unrulymedia.com	2 redirects
2	bh.contextweb.com	2 redirects
2	ads.pubmatic.com	s.0cf.io rtb.gumgum.com
2	rtb.openx.net	2 redirects
2	ssc-cms.33across.com	s.0cf.io rtb.gumgum.com
1	us.dblks.net	s.0cf.io
1	token.rubiconproject.com	eus.rubiconproject.com
1	p.rfihub.com	1 redirects
1	tg.socdm.com	1 redirects
1	cs.emxdgt.com	rtb.gumgum.com
1	sync.mathtag.com	1 redirects
1	secure-assets.rubiconproject.com	1 redirects
1	ssbsync.smartadserver.com	1 redirects
1	match.deepintent.com	rtb.gumgum.com
1	sync.technoratimedia.com	rtb.gumgum.com
1	sync.ipredictive.com	1 redirects
1	pr-bh.ybp.yahoo.com	rtb.gumgum.com
1	us-u.openx.net	1 redirects
1	sync.outbrain.com	1 redirects
1	b1sync.zemanta.com	1 redirects
1	sync.srv.stackadapt.com	1 redirects
1	bidswitch-eu.splicky.com	1 redirects
1	image6.pubmatic.com	ads.pubmatic.com
1	onetag-sys.com	s.0cf.io
1	cs.krushmedia.com	1 redirects
1	ssbsync-global.smartadserver.com	1 redirects
1	ib.adnxs.com	1 redirects
1	sync.go.sonobi.com	s.0cf.io
1	prebid-server.rubiconproject.com	s.0cf.io
1	prebid.adnxs.com
53	46

This site contains no links.

Subject Issuer	Validity	Valid
s.0cf.io R3	`2021-07-27` - `2021-10-25`	3 months	crt.sh
prebid.adnxs.com GeoTrust TLS RSA CA G1	`2020-03-29` - `2022-03-29`	2 years	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-01` - `2021-09-30`	a year	crt.sh
*.gumgum.com Amazon	`2021-06-05` - `2022-07-04`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2020-12-06` - `2022-01-07`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
onetag-sys.com R3	`2021-07-26` - `2021-10-24`	3 months	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-03-29` - `2021-09-22`	6 months	crt.sh
*.technoratimedia.com DigiCert SHA2 High Assurance Server CA	`2020-07-28` - `2021-10-01`	a year	crt.sh
*.deepintent.com Go Daddy Secure Certificate Authority - G2	`2020-04-09` - `2022-06-08`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.emxdgt.com Go Daddy Secure Certificate Authority - G2	`2021-05-18` - `2022-06-19`	a year	crt.sh
us.dblks.net R3	`2021-07-27` - `2021-10-25`	3 months	crt.sh

This page contains 30 frames:

Primary Page: https://s.0cf.io/
Frame ID: 8B3B8009A64B6F5071BA5AD24B287662
Requests: 7 HTTP requests in this frame

Frame: https://s.0cf.io/
Frame ID: E3F1CD08640F71AB3D27B7BAFF75DE4F
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?gdpr_58=&gdpr_consent=&ts=&ri=70&ru=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3DT247XWLDTlOMhdhNgpgxsg-6654355%26id%3D1%26uid%3D33XUSERID33X
Frame ID: 0C4CCCDBC002D2A3034F9327B76A1C57
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3DT247XWLDTlOMhdhNgpgxsg-6654355%26id%3D15%26uid%3D
Frame ID: 5D5CD2F0666765AB443C3EB335E55739
Requests: 15 HTTP requests in this frame

Frame: https://s.0cf.io/
Frame ID: 76A610C6A703CEB5F5705ED9866981BE
Requests: 1 HTTP requests in this frame

Frame: https://s.0cf.io/
Frame ID: 55F894E998074EF0D7AD3CC70F3BFF65
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=0&us_privacy=0&predirect=https%3A%2F%2Fs.0cf.io%2F%3Fps%3Dtrue%26dbid%3DT247XWLDTlOMhdhNgpgxsg-6654355%26id%3D20%26uid%3D
Frame ID: 56E69705ECA569238A35AFCD06380758
Requests: 2 HTTP requests in this frame

Frame: https://s.0cf.io/
Frame ID: 6C1D27770509B675245B657F119D45D7
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=rhy&i=RX-eb4461ef-e509-4bcd-8972-4a29664caa1c-003
Frame ID: 2C1DAC8C6F198B47FC902E92B1B89679
Requests: 1 HTTP requests in this frame

Frame: https://s.0cf.io/
Frame ID: 9946FA7E6D61FF8F582EC323EDF6A107
Requests: 1 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3DT247XWLDTlOMhdhNgpgxsg-6654355%26id%3D26%26uid%3D%5BUID%5D
Frame ID: 0E84B39C75C795CD9ABED977759F3FEC
Requests: 1 HTTP requests in this frame

Frame: https://s.0cf.io/
Frame ID: 74878845DE1091F35853E27B7B933801
Requests: 1 HTTP requests in this frame

Frame: https://s.0cf.io/
Frame ID: 9091C7F4A4CFFE8827B27EC76CCC02CC
Requests: 1 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%3FA%3D1aac0b96-fe41-4ab3-899c-74e04f2b9524%26bidder%3Dindex_rtb%26cbx%3DaHR0cHM6Ly9zLjBjZi5pby8jcHM9dHJ1ZSZkYmlkPVQyNDdYV0xEVGxPTWhkaE5ncGd4c2ctNjY1NDM1NSZpZD04MSZ1aWQ9%26gdpr%3D0%26gdpr_consent%3D0%26uid%3D&gdpr=0&gdpr_consent=0
Frame ID: F02AD58886E4F527BF67EFD7578653DC
Requests: 1 HTTP requests in this frame

Frame: https://s.0cf.io/
Frame ID: D958DA03DC3C6DDD0739F73CF7296355
Requests: 1 HTTP requests in this frame

Frame: https://s.0cf.io/
Frame ID: 7990D7DFE1233312E2683F2019001D12
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=74c8f583aa2ba05
Frame ID: 9846830E723B10F15157C1319C57B740
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=0
Frame ID: 73414F01E0F6F4F26B669C26C1878B5D
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=ttd&i=2d74a5cf-8693-43ec-a4c2-44cf10c60c5b&t=1632508837
Frame ID: AE7E4E30C7611F101A047272C425CA83
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 6B93B699B73E166AE9D18DC50FB0FA1B
Requests: 3 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=mmh&i=0d176126-8ea7-4300-a6d5-19995e8b7cab&gdpr=0&gdpr_consent=0
Frame ID: 5585BC21783DDB6F29262ECA0910C8ED
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=atm&i=YSaOqAAD5i-g9gAC&gdpr=0&gdpr_consent=0&_test=YSaOqAAD5i-g9gAC
Frame ID: 38C50AC8DDC01355C79C715D726B0552
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8zZGNmMzQ2YS03ZjAzLTQzNmMtODg0Yy0xNjQ0YTc4N2I2MDc=&gdpr=0&gdpr_consent=0&google_tc=
Frame ID: 8E6FE66AA0733306AA187936D19727BD
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
Frame ID: 3B6D6BCFF739B819F80FE4D839E4E2ED
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Frame ID: CB1A14305FC7FD697B3C7ADA6523ACBA
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=sus&i=YSaOpsCo8XsAAAVLISAAAAAA
Frame ID: EFFC353192B156A64AA4569C890806AB
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=zet&i=1871597497717842397
Frame ID: E2D187E7D30D7DBA1BEE0E6CAF2FC449
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=rth&i=HUuOE1XrrKeaxxkAjzWE&pi=gumgum&tc=1
Frame ID: DC2DA0E73982B59ADCA0B75B59A1D223
Requests: 1 HTTP requests in this frame

Frame: https://s.0cf.io/
Frame ID: 7F4722EBECE3A0856C9303E859A57D76
Requests: 1 HTTP requests in this frame

Frame: https://us.dblks.net/set_uid?uid=T247XWLDTlOMhdhNgpgxsg-6654355
Frame ID: 580335B26BF7E2DC08E2401CEA915CE1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

53
Requests

100 %
HTTPS

2 %
IPv6

37
Domains

46
Subdomains

18
IPs

9
Countries

93 kB
Transfer

232 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://secure.adnxs.com/getuid?https%3A%2F%2Fprebid.adnxs.com%2Fpbs%2Fv1%2Fgetuids HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fprebid.adnxs.com%252Fpbs%252Fv1%252Fgetuids HTTP 302
https://prebid.adnxs.com/pbs/v1/getuids

Request Chain 2

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3DT247XWLDTlOMhdhNgpgxsg-6654355%26id%3D0%26uid%3D%24UID HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.0cf.io%252F%2523ps%253Dtrue%2526dbid%253DT247XWLDTlOMhdhNgpgxsg-6654355%2526id%253D0%2526uid%253D%2524UID HTTP 302
https://s.0cf.io/

Request Chain 6

https://ssum.casalemedia.com/usermatchredir?s=184932&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3DT247XWLDTlOMhdhNgpgxsg-6654355%26id%3D74%26uid%3D HTTP 302
https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3DT247XWLDTlOMhdhNgpgxsg-6654355%26id%3D74%26uid%3D&s=184932&C=1 HTTP 302
https://s.0cf.io/

Request Chain 7

https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3DT247XWLDTlOMhdhNgpgxsg-6654355%26id%3D19%26uid%3D%24%7BUID%7D HTTP 302
https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3DT247XWLDTlOMhdhNgpgxsg-6654355%26id%3D19%26uid%3D%24%7BUID%7D&ox_sc=1 HTTP 302
https://s.0cf.io/

Request Chain 9

https://bh.contextweb.com/rtset?pid=561205&ev=1&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3DT247XWLDTlOMhdhNgpgxsg-6654355%26id%3D21%26uid%3D%25%25VGUID%25%25 HTTP 302
https://s.0cf.io/

Request Chain 10

https://sync.1rx.io/usersync2/rmphb?gdpr=0&gdpr_consent=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3DT247XWLDTlOMhdhNgpgxsg-6654355%26id%3D22%26uid%3D%5BRX_UUID%5D HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2345770911 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2345770911 HTTP 302
https://sync.1rx.io/usersync/tradedesk/2d74a5cf-8693-43ec-a4c2-44cf10c60c5b HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-eb4461ef-e509-4bcd-8972-4a29664caa1c-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-eb4461ef-e509-4bcd-8972-4a29664caa1c-003 HTTP 302
https://rtb.gumgum.com/usersync?b=rhy&i=RX-eb4461ef-e509-4bcd-8972-4a29664caa1c-003

Request Chain 11

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3DT247XWLDTlOMhdhNgpgxsg-6654355%26id%3D25%26uid%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3DT247XWLDTlOMhdhNgpgxsg-6654355%26id%3D25%26uid%3D%24UID&sovrn_retry=true HTTP 307
https://s.0cf.io/

Request Chain 13

https://eb2.3lift.com/getuid?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3DT247XWLDTlOMhdhNgpgxsg-6654355%26id%3D76%26uid%3D%24UID HTTP 302
https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3DT247XWLDTlOMhdhNgpgxsg-6654355%26id%3D76%26uid%3D%24UID HTTP 302
https://s.0cf.io/

Request Chain 14

https://ups.analytics.yahoo.com/ups/58448/occ?uid=T247XWLDTlOMhdhNgpgxsg-665435577%26uid%3D HTTP 302
https://ups.analytics.yahoo.com/ups/58448/occ?uid=T247XWLDTlOMhdhNgpgxsg-665435577%26uid%3D&verify=true HTTP 302
https://s.0cf.io/

Request Chain 15

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=0&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3DT247XWLDTlOMhdhNgpgxsg-6654355%26id%3D81%26uid%3D HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%3FA%3D1aac0b96-fe41-4ab3-899c-74e04f2b9524%26bidder%3Dappnexus%26cbx%3DaHR0cHM6Ly9zLjBjZi5pby8jcHM9dHJ1ZSZkYmlkPVQyNDdYV0xEVGxPTWhkaE5ncGd4c2ctNjY1NDM1NSZpZD04MSZ1aWQ9%26gdpr%3D0%26gdpr_consent%3D0%26uid%3D$UID&gdpr=0&gdpr_consent=0 HTTP 302
https://prebid.a-mo.net/cchain/0?A=1aac0b96-fe41-4ab3-899c-74e04f2b9524&bidder=appnexus&cbx=aHR0cHM6Ly9zLjBjZi5pby8jcHM9dHJ1ZSZkYmlkPVQyNDdYV0xEVGxPTWhkaE5ncGd4c2ctNjY1NDM1NSZpZD04MSZ1aWQ9&gdpr=0&gdpr_consent=0&uid=1119831913678384894&gdpr=0&gdpr_consent=0 HTTP 302
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%3FA%3D1aac0b96-fe41-4ab3-899c-74e04f2b9524%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9zLjBjZi5pby8jcHM9dHJ1ZSZkYmlkPVQyNDdYV0xEVGxPTWhkaE5ncGd4c2ctNjY1NDM1NSZpZD04MSZ1aWQ9%26gdpr%3D0%26gdpr_consent%3D0%26uid%3D$UID&gdpr=0&gdpr_consent=0 HTTP 307
https://prebid.a-mo.net/cchain/1?A=1aac0b96-fe41-4ab3-899c-74e04f2b9524&bidder=sovrn&cbx=aHR0cHM6Ly9zLjBjZi5pby8jcHM9dHJ1ZSZkYmlkPVQyNDdYV0xEVGxPTWhkaE5ncGd4c2ctNjY1NDM1NSZpZD04MSZ1aWQ9&gdpr=0&gdpr_consent=0&uid=4ca0400c149f9b6d8189f2df HTTP 302
https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%3FA%3D1aac0b96-fe41-4ab3-899c-74e04f2b9524%26bidder%3Dindex_rtb%26cbx%3DaHR0cHM6Ly9zLjBjZi5pby8jcHM9dHJ1ZSZkYmlkPVQyNDdYV0xEVGxPTWhkaE5ncGd4c2ctNjY1NDM1NSZpZD04MSZ1aWQ9%26gdpr%3D0%26gdpr_consent%3D0%26uid%3D&gdpr=0&gdpr_consent=0

Request Chain 16

https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=0&us_privacy=0&redirectUri=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3DT247XWLDTlOMhdhNgpgxsg-6654355%26id%3D82%26uid%3D%5Bssb_sync_pid%5D HTTP 302
https://s.0cf.io/

Request Chain 17

https://cs.krushmedia.com/4e4abdd5ecc661643458a730b1aa927d.gif?gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3DT247XWLDTlOMhdhNgpgxsg-6654355%26id%3D83%26uid%3D%5BUID%5D HTTP 302
https://s.0cf.io/

Request Chain 20

https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID HTTP 302
https://rtb.gumgum.com/usersync?b=apn&i=1119831913678384894

Request Chain 21

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_3dcf346a-7f03-436c-884c-1644a787b607&gdpr=0&gdpr_consent=0&us_privacy= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_3dcf346a-7f03-436c-884c-1644a787b607&gdpr=0&gdpr_consent=0&us_privacy= HTTP 302
https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=77ed7a95-b392-4545-85e6-b576902e9a07 HTTP 302
https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=gumgum2&expires=10&bsw_param=77ed7a95-b392-4545-85e6-b576902e9a07 HTTP 302
https://rtb.gumgum.com/usersync?b=bsw&i=77ed7a95-b392-4545-85e6-b576902e9a07

Request Chain 22

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=0 HTTP 302
https://rtb.gumgum.com/usersync?b=sta&i=0-562e7092-ec43-4380-655f-39b7137ba495$ip$159.48.55.7

Request Chain 23

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_3dcf346a-7f03-436c-884c-1644a787b607&gdpr=0&gdpr_consent=0&us_privacy= HTTP 302
https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=0&gdpr_consent=0

Request Chain 24

https://sync.1rx.io/usersync2/floor6&gdpr=0&gdpr_consent=0 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2470820716 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2470820716 HTTP 302
https://sync.1rx.io/usersync/tradedesk/2d74a5cf-8693-43ec-a4c2-44cf10c60c5b HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-eb4461ef-e509-4bcd-8972-4a29664caa1c-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-eb4461ef-e509-4bcd-8972-4a29664caa1c-003 HTTP 302
https://rtb.gumgum.com/usersync?b=rhy&i=RX-eb4461ef-e509-4bcd-8972-4a29664caa1c-003

Request Chain 25

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
https://rtb.gumgum.com/usersync?b=pln&i=4pokgNqDoO98&ev=1&pid=558355

Request Chain 26

https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=0&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
https://rtb.gumgum.com/usersync?b=obn&i=ENC%28RNDsHeqXScVDWOBOvb0o-bSp__AGjVLc5Cz0aKM0jzoJ7wuKjj8sh82UkbTC09FC%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28RNDsHeqXScVDWOBOvb0o-bSp__AGjVLc5Cz0aKM0jzoJ7wuKjj8sh82UkbTC09FC%29

Request Chain 27

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=0&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
https://rtb.gumgum.com/usersync?b=opx&i=87046eeb-3b8c-4a67-aa03-948146efdb2f&gdpr=0&gdpr_consent=0&gdpr=0&gdpr_consent=0

Request Chain 29

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=0&us_privacy=&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
https://rtb.gumgum.com/usersync?b=vnt&i=f0b429a4-05d3-11ec-865a-e3661c1cb574

Request Chain 32

https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
https://rtb.gumgum.com/usersync?b=idi&i=ea3c8270-86d9-400f-b163-992790d676ef

Request Chain 33

https://ssbsync.smartadserver.com/api/sync?callerId=15 HTTP 302
https://rtb.gumgum.com/usersync?b=sad&i=6129765715776807093&gdpr=1&gdpr_consent=

Request Chain 35

https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=0 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=0 HTTP 302
https://rtb.gumgum.com/usersync?b=ttd&i=2d74a5cf-8693-43ec-a4c2-44cf10c60c5b&t=1632508837

Request Chain 36

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
https://eus.rubiconproject.com/usync.html?p=gumgum

Request Chain 37

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=0&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
https://rtb.gumgum.com/usersync?b=mmh&i=0d176126-8ea7-4300-a6d5-19995e8b7cab&gdpr=0&gdpr_consent=0

Request Chain 38

https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=0 HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=0&_test=YSaOqAAD5i-g9gAC HTTP 302
https://rtb.gumgum.com/usersync?b=atm&i=YSaOqAAD5i-g9gAC&gdpr=0&gdpr_consent=0&_test=YSaOqAAD5i-g9gAC

Request Chain 39

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8zZGNmMzQ2YS03ZjAzLTQzNmMtODg0Yy0xNjQ0YTc4N2I2MDc=&gdpr=0&gdpr_consent=0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8zZGNmMzQ2YS03ZjAzLTQzNmMtODg0Yy0xNjQ0YTc4N2I2MDc=&gdpr=0&gdpr_consent=0&google_tc=

Request Chain 42

https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
https://rtb.gumgum.com/usersync?b=sus&i=YSaOpsCo8XsAAAVLISAAAAAA

Request Chain 43

https://p.rfihub.com/cm?pub=42796&in=1 HTTP 302
https://rtb.gumgum.com/usersync?b=zet&i=1871597497717842397

Request Chain 44

https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
https://rtb.gumgum.com/usersync?b=rth&i=HUuOE1XrrKeaxxkAjzWE&pi=gumgum&tc=1

53 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
s.0cf.io/ 15 KB
6 KB 328ms
107ms Document
text/html 199.212.255.113
FHMNET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.0cf.io/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.212.255.113 , Canada, ASN25948 (FHMNET, CA),

Reverse DNS

Software

nginx/1.16.1 / Express

Resource Hash

2aed30da1eb4d2e339566617a2342a330ee433cfdc1a1f34b347a1bd1dbf96c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Host: s.0cf.io
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Server: nginx/1.16.1
Date: Wed, 25 Aug 2021 18:40:36 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
cache-control: max-age=2628000, immutable, public
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Last-Modified: Tue, 17 Aug 2021 22:15:03 GMT
ETag: W/"3bbb-17b562ea6f9"
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip

POST
H/1.1 200
OK get_id Show response
s.0cf.io/ 40 B
502 B 105ms
104ms Fetch
text/html 199.212.255.113
FHMNET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.0cf.io/get_id

Requested by

Host: s.0cf.io
URL: https://s.0cf.io/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.212.255.113 , Canada, ASN25948 (FHMNET, CA),

Reverse DNS

Software

nginx/1.16.1 / Express

Resource Hash

772ddf02edb3a3a13b293f49bf8f924060b95b512870756ec1c56a476be455a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://s.0cf.io
Accept-Encoding: gzip, deflate, br
Host: s.0cf.io
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors
content-type: text/plain
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: empty
Referer: https://s.0cf.io/
Connection: keep-alive
Content-Length: 2
Referer: https://s.0cf.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type: text/plain

Response headers

Date: Wed, 25 Aug 2021 18:40:37 GMT
Content-Encoding: gzip
Server: nginx/1.16.1
X-Powered-By: Express
ETag: W/"28-cjRR6O1zDp7CEarTJs30zsTUtAI"
Strict-Transport-Security: max-age=31536000
Content-Type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store, private
Transfer-Encoding: chunked
Connection: keep-alive
access-control-allow-credentials: true

GET
H/1.1

200
OK

getuids Show response
prebid.adnxs.com/pbs/v1/
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fprebid.adnxs.com%2Fpbs%2Fv1%2Fgetuids
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fprebid.adnxs.com%252Fpbs%252Fv1%252Fgetuids
https://prebid.adnxs.com/pbs/v1/getuids

46 B
380 B

77ms
23ms

Fetch
text/plain

37.252.161.190
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.adnxs.com/pbs/v1/getuids
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.252.161.190 Bethnal Green, United Kingdom, ASN29990 (ASN-APPNEX, US),
Reverse DNS: prebid.ams1.adnexus.net
Software: nginx/1.19.0 /
Resource Hash: f455cb24d196f61e3e6395c369efb3fe7dad60b27462a32ef97d5ad6ec097730

Request headers

Referer: https://s.0cf.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 25 Aug 2021 18:40:37 GMT
Server: nginx/1.19.0
Vary: Origin
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: null
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 46
Expires: 0

Redirect headers

Pragma: no-cache
Date: Wed, 25 Aug 2021 18:40:37 GMT
X-Proxy-Origin: 159.48.55.7; 159.48.55.7; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: a55364c8-8829-4736-8c55-4748511d8c00
Server: nginx/1.17.9
Access-Control-Allow-Origin: https://s.0cf.io
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://prebid.adnxs.com/pbs/v1/getuids
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

/ Show response
s.0cf.io/ Frame E3F1
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3DT247XWLDTlOMhdhNgpgxsg-6654355%26id%3D0%26uid%3D%24UID
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.0cf.io%252F%2523ps%253Dtrue%2526dbid%253DT247XWLDTlOMhdhNgpgxsg-6654355%2526id%253D0%2526uid%253D%2524UID
https://s.0cf.io/

15 KB
6 KB

348ms
145ms

Document
text/html

199.212.255.113
FHMNET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.0cf.io/

Requested by

Host: s.0cf.io
URL: https://s.0cf.io/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.212.255.113 , Canada, ASN25948 (FHMNET, CA),

Reverse DNS

Software

nginx/1.16.1 / Express

Resource Hash

2aed30da1eb4d2e339566617a2342a330ee433cfdc1a1f34b347a1bd1dbf96c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Host: s.0cf.io
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://s.0cf.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://s.0cf.io/

Response headers

Server: nginx/1.16.1
Date: Wed, 25 Aug 2021 18:40:37 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
cache-control: max-age=2628000, immutable, public
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Last-Modified: Tue, 17 Aug 2021 22:15:03 GMT
ETag: W/"3bbb-17b562ea6f9"
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip

Redirect headers

Server: nginx/1.17.9
Date: Wed, 25 Aug 2021 18:40:37 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://s.0cf.io/#ps=true&dbid=T247XWLDTlOMhdhNgpgxsg-6654355&id=0&uid=3573031207422298165
AN-X-Request-Uuid: fc053b5c-9547-4d52-a2c3-19535b8b358f
Set-Cookie: uuid2=3573031207422298165; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 23-Nov-2021 18:40:37 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 159.48.55.7; 159.48.55.7; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com

GET
H2 200 getuids Show response
prebid-server.rubiconproject.com/ 2 B
247 B 127ms
32ms Fetch
application/json 18.185.233.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/getuids
Requested by: Host: s.0cf.io
URL: https://s.0cf.io/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.233.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-233-121.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://s.0cf.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 25 Aug 2021 18:40:37 GMT
content-encoding: gzip
content-type: application/json;charset=utf-8
access-control-allow-origin: https://s.0cf.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 28
expires: 0

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame 0C4C 0
0 371ms
120ms Document
text/plain 208.100.17.178
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?gdpr_58=&gdpr_consent=&ts=&ri=70&ru=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3DT247XWLDTlOMhdhNgpgxsg-6654355%26id%3D1%26uid%3D33XUSERID33X
Requested by: Host: s.0cf.io
URL: https://s.0cf.io/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.178 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip178.208-100-17.static.steadfastdns.net
Software: 33XP001 /
Resource Hash

Request headers

:method: GET
:authority: ssc-cms.33across.com
:scheme: https
:path: /ps/?gdpr_58=&gdpr_consent=&ts=&ri=70&ru=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3DT247XWLDTlOMhdhNgpgxsg-6654355%26id%3D1%26uid%3D33XUSERID33X
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://s.0cf.io/

Response headers

x-33x-status: 2000208
server: 33XP001
date: Wed, 25 Aug 2021 18:40:36 GMT

GET
H2 200 prbds2s Show response
rtb.gumgum.com/usync/ Frame 5D5C 4 KB
2 KB 118ms
39ms Document
text/html 54.77.47.243
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3DT247XWLDTlOMhdhNgpgxsg-6654355%26id%3D15%26uid%3D
Requested by: Host: s.0cf.io
URL: https://s.0cf.io/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: ffe3f3a84ea70813b44a7c66ee55f9305ea2682bc1d25d10b8be3fbe19d950cd

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3DT247XWLDTlOMhdhNgpgxsg-6654355%26id%3D15%26uid%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://s.0cf.io/

Response headers

date: Wed, 25 Aug 2021 18:40:37 GMT
content-type: text/html;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
set-cookie: vst=e_3dcf346a-7f03-436c-884c-1644a787b607; Domain=.gumgum.com; Expires=Thu, 25-Aug-2022 18:40:37 GMT; Path=/; Secure; SameSite=None
etag: W/"0dcf07b047f756034eb8705f1a8181bcf"
timing-allow-origin: *
content-encoding: gzip

GET
H/1.1

200
OK

/ Show response
s.0cf.io/ Frame 76A6
Redirect Chain

https://ssum.casalemedia.com/usermatchredir?s=184932&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3DT247XWLDTlOMhdhNgpgxsg-6654355%26id%3D74%26uid%3D
https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3DT247XWLDTlOMhdhNgpgxsg-6654355%26id%3D74%26uid%3D&s=184932&C=1
https://s.0cf.io/

15 KB
6 KB

400ms
104ms

Document
text/html

199.212.255.113
FHMNET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.0cf.io/

Requested by

Host: s.0cf.io
URL: https://s.0cf.io/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.212.255.113 , Canada, ASN25948 (FHMNET, CA),

Reverse DNS

Software

nginx/1.16.1 / Express

Resource Hash

2aed30da1eb4d2e339566617a2342a330ee433cfdc1a1f34b347a1bd1dbf96c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Host: s.0cf.io
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://s.0cf.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://s.0cf.io/

Response headers

Server: nginx/1.16.1
Date: Wed, 25 Aug 2021 18:40:37 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
cache-control: max-age=2628000, immutable, public
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Last-Modified: Tue, 17 Aug 2021 22:15:03 GMT
ETag: W/"3bbb-17b562ea6f9"
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip

Redirect headers

Server: Apache
Content-Length: 299
Content-Type: text/html; charset=iso-8859-1
Location: https://s.0cf.io/#ps=true&dbid=T247XWLDTlOMhdhNgpgxsg-6654355&id=74&uid=YSaOpSzBDYoPdJgd5Aw--wAA%261128
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Wed, 25 Aug 2021 18:40:37 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 25 Aug 2021 18:40:37 GMT
Connection: keep-alive
Set-Cookie: CMID=YSaOpSzBDYoPdJgd5Aw--wAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 25 Aug 2022 18:40:37 GMT CMPS=5191;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 23 Nov 2021 18:40:37 GMT CMPRO=1128;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 23 Nov 2021 18:40:37 GMT CMST=YSaOpWEmjqUA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 26 Aug 2021 18:40:37 GMT

GET
H/1.1

200
OK

/ Show response
s.0cf.io/ Frame 55F8
Redirect Chain

https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3DT247XWLDTlOMhdhNgpgxsg-6654355%26id%3D19%26uid%3D%24%7BUID%7D
https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3DT247XWLDTlOMhdhNgpgxsg-6654355%26id%3D19%26uid%3D%24%7BUID%7D&ox_sc=1
https://s.0cf.io/

15 KB
6 KB

353ms
146ms

Document
text/html

199.212.255.113
FHMNET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.0cf.io/

Requested by

Host: s.0cf.io
URL: https://s.0cf.io/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.212.255.113 , Canada, ASN25948 (FHMNET, CA),

Reverse DNS

Software

nginx/1.16.1 / Express

Resource Hash

2aed30da1eb4d2e339566617a2342a330ee433cfdc1a1f34b347a1bd1dbf96c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Host: s.0cf.io
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://s.0cf.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://s.0cf.io/

Response headers

Server: nginx/1.16.1
Date: Wed, 25 Aug 2021 18:40:37 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
cache-control: max-age=2628000, immutable, public
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Last-Modified: Tue, 17 Aug 2021 22:15:03 GMT
ETag: W/"3bbb-17b562ea6f9"
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip

Redirect headers

server: Cowboy
date: Wed, 25 Aug 2021 18:40:36 GMT
content-length: 0
cache-control: private, max-age=0, no-cache, must-revalidate
x-request-id: 1uh5u9ravs7fuoprbgmcqks6l2hvkjhs
vary: Origin
access-control-allow-origin: null
access-control-expose-headers
access-control-allow-credentials: true
location: https://s.0cf.io/#ps=true&dbid=T247XWLDTlOMhdhNgpgxsg-6654355&id=19&uid=49e74554-aa06-41d8-a6f4-44790fe418e4
pragma: no-cache
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
alt-svc: clear

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 56E6 14 KB
5 KB 95ms
32ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=0&us_privacy=0&predirect=https%3A%2F%2Fs.0cf.io%2F%3Fps%3Dtrue%26dbid%3DT247XWLDTlOMhdhNgpgxsg-6654355%26id%3D20%26uid%3D
Requested by: Host: s.0cf.io
URL: https://s.0cf.io/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/user_sync.html?gdpr=0&gdpr_consent=0&us_privacy=0&predirect=https%3A%2F%2Fs.0cf.io%2F%3Fps%3Dtrue%26dbid%3DT247XWLDTlOMhdhNgpgxsg-6654355%26id%3D20%26uid%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://s.0cf.io/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=98043
expires: Thu, 26 Aug 2021 21:54:40 GMT
date: Wed, 25 Aug 2021 18:40:37 GMT
vary: Accept-Encoding

GET
H/1.1

200
OK

/ Show response
s.0cf.io/ Frame 6C1D
Redirect Chain

https://bh.contextweb.com/rtset?pid=561205&ev=1&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3DT247XWLDTlOMhdhNgpgxsg-6654355%26id%3D21%26uid%3D%25%25VGUID%25%25
https://s.0cf.io/

15 KB
6 KB

332ms
106ms

Document
text/html

199.212.255.113
FHMNET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.0cf.io/

Requested by

Host: s.0cf.io
URL: https://s.0cf.io/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.212.255.113 , Canada, ASN25948 (FHMNET, CA),

Reverse DNS

Software

nginx/1.16.1 / Express

Resource Hash

2aed30da1eb4d2e339566617a2342a330ee433cfdc1a1f34b347a1bd1dbf96c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Host: s.0cf.io
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://s.0cf.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://s.0cf.io/

Response headers

Server: nginx/1.16.1
Date: Wed, 25 Aug 2021 18:40:37 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
cache-control: max-age=2628000, immutable, public
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Last-Modified: Tue, 17 Aug 2021 22:15:03 GMT
ETag: W/"3bbb-17b562ea6f9"
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip

Redirect headers

p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cw-server: bh-deployment-7f97bf85b7-vjv6f
cache-control: private, max-age=0, no-cache, no-store
expires: -1
content-language: en-US
location: https://s.0cf.io/#ps=true&dbid=T247XWLDTlOMhdhNgpgxsg-6654355&id=21&uid=NjSEaIxjhvcZ&ev=1&pid=561205
server: Jetty(9.4.14.v20181114)
strict-transport-security: max-age=15768000
set-cookie: INGRESSCOOKIE=c0f539852dda327a; path=/; HttpOnly; Secure; SameSite=None

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 2C1D
Redirect Chain

https://sync.1rx.io/usersync2/rmphb?gdpr=0&gdpr_consent=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3DT247XWLDTlOMhdhNgpgxsg-6654355%26id%3D22%26uid%3D%5BRX_UUID%5D
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2345770911
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2345770911
https://sync.1rx.io/usersync/tradedesk/2d74a5cf-8693-43ec-a4c2-44cf10c60c5b
https://sync.targeting.unrulymedia.com/csync/RX-eb4461ef-e509-4bcd-8972-4a29664caa1c-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-eb4461ef-e509-4bcd-8972-4a29664caa1c-003
https://rtb.gumgum.com/usersync?b=rhy&i=RX-eb4461ef-e509-4bcd-8972-4a29664caa1c-003

35 B
237 B

45ms
45ms

Document
image/gif

54.77.47.243
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=rhy&i=RX-eb4461ef-e509-4bcd-8972-4a29664caa1c-003
Requested by: Host: s.0cf.io
URL: https://s.0cf.io/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=rhy&i=RX-eb4461ef-e509-4bcd-8972-4a29664caa1c-003
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_3dcf346a-7f03-436c-884c-1644a787b607
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://s.0cf.io/

Response headers

date: Wed, 25 Aug 2021 18:40:38 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

server: Tengine
date: Wed, 25 Aug 2021 18:40:38 GMT
content-type: text/html
set-cookie: _rxuuid=%7B%22rx_uuid%22%3A%22RX-eb4461ef-e509-4bcd-8972-4a29664caa1c-003%22%7D; path=/; expires=Thu, 25 Aug 2022 18:40:38 GMT; domain=.targeting.unrulymedia.com; samesite=none; secure; httponly
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location: https://rtb.gumgum.com/usersync?b=rhy&i=RX-eb4461ef-e509-4bcd-8972-4a29664caa1c-003
etag: RXeb4461efe5094bcd89724a29664caa1c003

GET
H/1.1

200
OK

/ Show response
s.0cf.io/ Frame 9946
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3DT247XWLDTlOMhdhNgpgxsg-6654355%26id%3D25%26uid%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3DT247XWLDTlOMhdhNgpgxsg-6654355%26id%3D25%26uid%3D%24UID&sovrn_retry=true
https://s.0cf.io/

15 KB
6 KB

226ms
105ms

Document
text/html

199.212.255.113
FHMNET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.0cf.io/

Requested by

Host: s.0cf.io
URL: https://s.0cf.io/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.212.255.113 , Canada, ASN25948 (FHMNET, CA),

Reverse DNS

Software

nginx/1.16.1 / Express

Resource Hash

2aed30da1eb4d2e339566617a2342a330ee433cfdc1a1f34b347a1bd1dbf96c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Host: s.0cf.io
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://s.0cf.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://s.0cf.io/

Response headers

Server: nginx/1.16.1
Date: Wed, 25 Aug 2021 18:40:37 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
cache-control: max-age=2628000, immutable, public
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Last-Modified: Tue, 17 Aug 2021 22:15:03 GMT
ETag: W/"3bbb-17b562ea6f9"
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip

Redirect headers

Server: nginx
Date: Wed, 25 Aug 2021 18:40:37 GMT
Content-Length: 0
Location: https://s.0cf.io/#ps=true&dbid=T247XWLDTlOMhdhNgpgxsg-6654355&id=25&uid=4ca0400c149f9b6d8189f2df
Set-Cookie: ljt_reader=4ca0400c149f9b6d8189f2df;Version=1;Domain=.lijit.com;Path=/;Max-Age=31536000;Secure; SameSite=None;
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type
X-Sovrn-Pod: ad_ap4ams1

GET
H/1.1 200
OK Cookie set us.gif Show response
sync.go.sonobi.com/ Frame 0E84 49 B
509 B 92ms
22ms Document
image/gif 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3DT247XWLDTlOMhdhNgpgxsg-6654355%26id%3D26%26uid%3D%5BUID%5D

Requested by

Host: s.0cf.io
URL: https://s.0cf.io/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 Madrid, Spain, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Host: sync.go.sonobi.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://s.0cf.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://s.0cf.io/

Response headers

Date: Wed, 25 Aug 2021 18:40:37 GMT
Content-Type: image/gif
Content-Length: 49
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, no-store, private
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma: no-cache
Tcn: Choice
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
X-Xss-Protection: 0
Server: sonobi-go
Set-Cookie: HAPLB5S=s579|YSaOq; path=/; domain=.go.sonobi.com

GET
H/1.1

200
OK

/ Show response
s.0cf.io/ Frame 7487
Redirect Chain

https://eb2.3lift.com/getuid?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3DT247XWLDTlOMhdhNgpgxsg-6654355%26id%3D76%26uid%3D%24UID
https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3DT247XWLDTlOMhdhNgpgxsg-6654355%26id%3D76%26uid%3D%24UID
https://s.0cf.io/

15 KB
6 KB

287ms
105ms

Document
text/html

199.212.255.113
FHMNET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.0cf.io/

Requested by

Host: s.0cf.io
URL: https://s.0cf.io/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.212.255.113 , Canada, ASN25948 (FHMNET, CA),

Reverse DNS

Software

nginx/1.16.1 / Express

Resource Hash

2aed30da1eb4d2e339566617a2342a330ee433cfdc1a1f34b347a1bd1dbf96c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Host: s.0cf.io
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://s.0cf.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://s.0cf.io/

Response headers

Server: nginx/1.16.1
Date: Wed, 25 Aug 2021 18:40:37 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
cache-control: max-age=2628000, immutable, public
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Last-Modified: Tue, 17 Aug 2021 22:15:03 GMT
ETag: W/"3bbb-17b562ea6f9"
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip

Redirect headers

date: Wed, 25 Aug 2021 18:40:37 GMT
content-length: 0
location: https://s.0cf.io/#ps=true&dbid=T247XWLDTlOMhdhNgpgxsg-6654355&id=76&uid=11349775591857077428
set-cookie: tluid=11349775591857077428; Max-Age=7776000; Expires=Tue, 23 Nov 2021 18:40:37 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
cache-control: no-cache, no-store, must-revalidate
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1

200
OK

/ Show response
s.0cf.io/ Frame 9091
Redirect Chain

https://ups.analytics.yahoo.com/ups/58448/occ?uid=T247XWLDTlOMhdhNgpgxsg-665435577%26uid%3D
https://ups.analytics.yahoo.com/ups/58448/occ?uid=T247XWLDTlOMhdhNgpgxsg-665435577%26uid%3D&verify=true
https://s.0cf.io/

15 KB
6 KB

394ms
106ms

Document
text/html

199.212.255.113
FHMNET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.0cf.io/

Requested by

Host: s.0cf.io
URL: https://s.0cf.io/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.212.255.113 , Canada, ASN25948 (FHMNET, CA),

Reverse DNS

Software

nginx/1.16.1 / Express

Resource Hash

2aed30da1eb4d2e339566617a2342a330ee433cfdc1a1f34b347a1bd1dbf96c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Host: s.0cf.io
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://s.0cf.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://s.0cf.io/

Response headers

Server: nginx/1.16.1
Date: Wed, 25 Aug 2021 18:40:37 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
cache-control: max-age=2628000, immutable, public
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Last-Modified: Tue, 17 Aug 2021 22:15:03 GMT
ETag: W/"3bbb-17b562ea6f9"
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip

Redirect headers

Date: Wed, 25 Aug 2021 18:40:37 GMT
Content-Length: 0
Strict-Transport-Security: max-age=31536000
Set-Cookie: IDSYNC=193k~2016;Version=1;Domain=.analytics.yahoo.com;Path=/;Max-Age=31622400;Expires=Fri, 26-Aug-2022 18:40:37 GMT;Secure;SameSite=None A3=d=AQABBKWOJmECEABhlWr99xoVW-_qNzLBcVcFEgEBAQHgJ2EwYQAAAAAA_eMAAA&S=AQAAAqNmhFt5gJSI77AVM_pBSLA; Expires=Fri, 26 Aug 2022 00:40:37 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly B=5ese169gid3l5&b=3&s=nt; Expires=Fri, 26 Aug 2022 00:40:37 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://s.0cf.io/#ps=true&dbid=T247XWLDTlOMhdhNgpgxsg-665435577&uid=&id=77&uid=y-sJB4cblE2uH5lnqg_e7jVuw7gL9tnRDmdc2gcFY-~A
Age: 0
Connection: keep-alive
Server: ATS/7.1.2.138

GET
H/1.1

200
OK

usermatchredir Show response
ssum.casalemedia.com/ Frame F02A
Redirect Chain

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=0&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3DT247XWLDTlOMhdhNgpgxsg-6654355%26id%3D81%26uid%3D
https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%3FA%3D1aac0b96-fe41-4ab3-899c-74e04f2b9524%26bidder%3Dappnexus%26cbx%3DaHR0cHM6Ly9zLjBjZi5pby8jcHM9dHJ1ZSZkYmlkPVQyNDdYV0xEVGx...
https://prebid.a-mo.net/cchain/0?A=1aac0b96-fe41-4ab3-899c-74e04f2b9524&bidder=appnexus&cbx=aHR0cHM6Ly9zLjBjZi5pby8jcHM9dHJ1ZSZkYmlkPVQyNDdYV0xEVGxPTWhkaE5ncGd4c2ctNjY1NDM1NSZpZD04MSZ1aWQ9&gdpr=0&g...
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%3FA%3D1aac0b96-fe41-4ab3-899c-74e04f2b9524%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9zLjBjZi5pby8jcHM9dHJ1ZSZkYmlkPVQyNDdYV0xEV...
https://prebid.a-mo.net/cchain/1?A=1aac0b96-fe41-4ab3-899c-74e04f2b9524&bidder=sovrn&cbx=aHR0cHM6Ly9zLjBjZi5pby8jcHM9dHJ1ZSZkYmlkPVQyNDdYV0xEVGxPTWhkaE5ncGd4c2ctNjY1NDM1NSZpZD04MSZ1aWQ9&gdpr=0&gdpr...
https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%3FA%3D1aac0b96-fe41-4ab3-899c-74e04f2b9524%26bidder%3Dindex_rtb%26cbx%3DaHR0cHM6Ly9zLjBjZi5pby8jcH...

43 B
315 B

79ms
76ms

Document
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%3FA%3D1aac0b96-fe41-4ab3-899c-74e04f2b9524%26bidder%3Dindex_rtb%26cbx%3DaHR0cHM6Ly9zLjBjZi5pby8jcHM9dHJ1ZSZkYmlkPVQyNDdYV0xEVGxPTWhkaE5ncGd4c2ctNjY1NDM1NSZpZD04MSZ1aWQ9%26gdpr%3D0%26gdpr_consent%3D0%26uid%3D&gdpr=0&gdpr_consent=0
Requested by: Host: s.0cf.io
URL: https://s.0cf.io/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Host: ssum.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://s.0cf.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMID=YSaOpSzBDYoPdJgd5Aw--wAA; CMPS=5191; CMPRO=1128; CMST=YSaOpWEmjqUA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://s.0cf.io/

Response headers

Server: Apache
Content-Type: image/gif
Vary: Is-Traffic-Usersync
Content-Length: 43
Expires: Wed, 25 Aug 2021 18:40:38 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 25 Aug 2021 18:40:38 GMT
Connection: keep-alive

Redirect headers

cache-control: max-age=0, private, must-revalidate
content-length: 0
date: Wed, 25 Aug 2021 18:40:37 GMT
location: https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%3FA%3D1aac0b96-fe41-4ab3-899c-74e04f2b9524%26bidder%3Dindex_rtb%26cbx%3DaHR0cHM6Ly9zLjBjZi5pby8jcHM9dHJ1ZSZkYmlkPVQyNDdYV0xEVGxPTWhkaE5ncGd4c2ctNjY1NDM1NSZpZD04MSZ1aWQ9%26gdpr%3D0%26gdpr_consent%3D0%26uid%3D&gdpr=0&gdpr_consent=0
server: envoy
x-envoy-upstream-service-time: 1

GET
H/1.1

200
OK

/ Show response
s.0cf.io/ Frame D958
Redirect Chain

https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=0&us_privacy=0&redirectUri=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3DT247XWLDTlOMhdhNgpgxsg-6654355%26id%3D82%2...
https://s.0cf.io/

15 KB
6 KB

460ms
146ms

Document
text/html

199.212.255.113
FHMNET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.0cf.io/

Requested by

Host: s.0cf.io
URL: https://s.0cf.io/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.212.255.113 , Canada, ASN25948 (FHMNET, CA),

Reverse DNS

Software

nginx/1.16.1 / Express

Resource Hash

2aed30da1eb4d2e339566617a2342a330ee433cfdc1a1f34b347a1bd1dbf96c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Host: s.0cf.io
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://s.0cf.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://s.0cf.io/

Response headers

Server: nginx/1.16.1
Date: Wed, 25 Aug 2021 18:40:37 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
cache-control: max-age=2628000, immutable, public
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Last-Modified: Tue, 17 Aug 2021 22:15:03 GMT
ETag: W/"3bbb-17b562ea6f9"
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip

Redirect headers

date: Wed, 25 Aug 2021 18:40:37 GMT
content-length: 0
location: https://s.0cf.io/#ps=true&dbid=T247XWLDTlOMhdhNgpgxsg-6654355&id=82&uid=6129765715776807093
set-cookie: pid=6129765715776807093; expires=Sun, 25 Sep 2022 18:39:37 GMT; domain=smartadserver.com; path=/; samesite=None; secure; samesite=none

GET
H/1.1

200
OK

/ Show response
s.0cf.io/ Frame 7990
Redirect Chain

https://cs.krushmedia.com/4e4abdd5ecc661643458a730b1aa927d.gif?gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3DT247XWLDTlOMhdhNgpgxsg-6654355%26id%3D83%26uid...
https://s.0cf.io/

15 KB
6 KB

269ms
107ms

Document
text/html

199.212.255.113
FHMNET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.0cf.io/

Requested by

Host: s.0cf.io
URL: https://s.0cf.io/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.212.255.113 , Canada, ASN25948 (FHMNET, CA),

Reverse DNS

Software

nginx/1.16.1 / Express

Resource Hash

2aed30da1eb4d2e339566617a2342a330ee433cfdc1a1f34b347a1bd1dbf96c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Host: s.0cf.io
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://s.0cf.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://s.0cf.io/

Response headers

Server: nginx/1.16.1
Date: Wed, 25 Aug 2021 18:40:37 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
cache-control: max-age=2628000, immutable, public
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Last-Modified: Tue, 17 Aug 2021 22:15:03 GMT
ETag: W/"3bbb-17b562ea6f9"
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip

Redirect headers

Server: nginx
Date: Wed, 25 Aug 2021 18:40:37 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: krm_usr=05b9d44f-f41e-4f9c-af3b-a24270882352; path=/; domain=.krushmedia.com; expires=Fri, 24 Sep 2021 18:40:37 GMT;SameSite=None;Secure krm_r=137; path=/; domain=.krushmedia.com; expires=Fri, 24 Sep 2021 18:40:37 GMT;SameSite=None;Secure
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Location: https://s.0cf.io/#ps=true&dbid=T247XWLDTlOMhdhNgpgxsg-6654355&id=83&uid=05b9d44f-f41e-4f9c-af3b-a24270882352

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 9846 2 KB
823 B 95ms
32ms Document
text/html 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=74c8f583aa2ba05

Requested by

Host: s.0cf.io
URL: https://s.0cf.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?pubId=74c8f583aa2ba05
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://s.0cf.io/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
strict-transport-security: max-age=15552000

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 56E6 0
42 B 99ms
30ms Script
text/plain 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=45954907&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=0&us_privacy=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=0&us_privacy=0&predirect=https%3A%2F%2Fs.0cf.io%2F%3Fps%3Dtrue%26dbid%3DT247XWLDTlOMhdhNgpgxsg-6654355%26id%3D20%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 18:40:35 GMT
content-length: 0

GET
H2

200

usersync
rtb.gumgum.com/ Frame 5D5C
Redirect Chain

https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID
https://rtb.gumgum.com/usersync?b=apn&i=1119831913678384894

35 B
237 B

589ms
46ms

Image
image/gif

54.77.47.243
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=apn&i=1119831913678384894
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3DT247XWLDTlOMhdhNgpgxsg-6654355%26id%3D15%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Aug 2021 18:40:37 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Pragma: no-cache
Date: Wed, 25 Aug 2021 18:40:37 GMT
X-Proxy-Origin: 159.48.55.7; 159.48.55.7; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 3d89f2c6-099e-4b7b-a011-73a6c61752dc
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://rtb.gumgum.com/usersync?b=apn&i=1119831913678384894
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

usersync
rtb.gumgum.com/ Frame 5D5C
Redirect Chain

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_3dcf346a-7f03-436c-884c-1644a787b607&gdpr=0&gdpr_consent=0&us_privacy=
https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_3dcf346a-7f03-436c-884c-1644a787b607&gdpr=0&gdpr_consent=0&us_privacy=
https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=77ed7a95-b392-4545-85e6-b576902e9a07
https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=gumgum2&expires=10&bsw_param=77ed7a95-b392-4545-85e6-b576902e9a07
https://rtb.gumgum.com/usersync?b=bsw&i=77ed7a95-b392-4545-85e6-b576902e9a07

35 B
237 B

341ms
46ms

Image
image/gif

54.77.47.243
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=bsw&i=77ed7a95-b392-4545-85e6-b576902e9a07
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3DT247XWLDTlOMhdhNgpgxsg-6654355%26id%3D15%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Aug 2021 18:40:37 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

location: //rtb.gumgum.com/usersync?b=bsw&i=77ed7a95-b392-4545-85e6-b576902e9a07
date: Wed, 25 Aug 2021 18:40:37 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

usersync
rtb.gumgum.com/ Frame 5D5C
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=0
https://rtb.gumgum.com/usersync?b=sta&i=0-562e7092-ec43-4380-655f-39b7137ba495$ip$159.48.55.7

35 B
237 B

42ms
42ms

Image
image/gif

54.77.47.243
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=sta&i=0-562e7092-ec43-4380-655f-39b7137ba495$ip$159.48.55.7
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3DT247XWLDTlOMhdhNgpgxsg-6654355%26id%3D15%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Aug 2021 18:40:40 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Location: https://rtb.gumgum.com/usersync?b=sta&i=0-562e7092-ec43-4380-655f-39b7137ba495$ip$159.48.55.7
Date: Wed, 25 Aug 2021 18:40:40 GMT
Connection: keep-alive
Content-Length: 120
Content-Type: text/html; charset=utf-8

GET
H2

200

usersync
rtb.gumgum.com/ Frame 5D5C
Redirect Chain

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_3dcf346a-7f03-436c-884c-1644a787b607&gdpr=0&gdpr_consent=0&us_privacy=
https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=0&gdpr_consent=0

35 B
238 B

233ms
41ms

Image
image/gif

54.77.47.243
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=0&gdpr_consent=0
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3DT247XWLDTlOMhdhNgpgxsg-6654355%26id%3D15%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Aug 2021 18:40:37 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Location: https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=0&gdpr_consent=0
Pragma: no-cache
Date: Wed, 25 Aug 2021 18:40:37 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 97
Content-Type: text/html; charset=utf-8

GET
H2

200

usersync
rtb.gumgum.com/ Frame 5D5C
Redirect Chain

https://sync.1rx.io/usersync2/floor6&gdpr=0&gdpr_consent=0
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2470820716
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2470820716
https://sync.1rx.io/usersync/tradedesk/2d74a5cf-8693-43ec-a4c2-44cf10c60c5b
https://sync.targeting.unrulymedia.com/csync/RX-eb4461ef-e509-4bcd-8972-4a29664caa1c-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-eb4461ef-e509-4bcd-8972-4a29664caa1c-003
https://rtb.gumgum.com/usersync?b=rhy&i=RX-eb4461ef-e509-4bcd-8972-4a29664caa1c-003

35 B
237 B

46ms
46ms

Image
image/gif

54.77.47.243
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=rhy&i=RX-eb4461ef-e509-4bcd-8972-4a29664caa1c-003
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3DT247XWLDTlOMhdhNgpgxsg-6654355%26id%3D15%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Aug 2021 18:40:38 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

location: https://rtb.gumgum.com/usersync?b=rhy&i=RX-eb4461ef-e509-4bcd-8972-4a29664caa1c-003
date: Wed, 25 Aug 2021 18:40:38 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RXeb4461efe5094bcd89724a29664caa1c003
content-type: text/html

GET
H2

200

usersync
rtb.gumgum.com/ Frame 5D5C
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
https://rtb.gumgum.com/usersync?b=pln&i=4pokgNqDoO98&ev=1&pid=558355

35 B
237 B

425ms
45ms

Image
image/gif

54.77.47.243
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=pln&i=4pokgNqDoO98&ev=1&pid=558355
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3DT247XWLDTlOMhdhNgpgxsg-6654355%26id%3D15%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Aug 2021 18:40:37 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: en-US
location: https://rtb.gumgum.com/usersync?b=pln&i=4pokgNqDoO98&ev=1&pid=558355
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-7f97bf85b7-fwl4m
expires: -1

GET
H2

200

usersync
rtb.gumgum.com/ Frame 5D5C
Redirect Chain

https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=0&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D
https://rtb.gumgum.com/usersync?b=obn&i=ENC%28RNDsHeqXScVDWOBOvb0o-bSp__AGjVLc5Cz0aKM0jzoJ7wuKjj8sh82UkbTC09FC%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26pla...

35 B
237 B

42ms
42ms

Image
image/gif

54.77.47.243
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=obn&i=ENC%28RNDsHeqXScVDWOBOvb0o-bSp__AGjVLc5Cz0aKM0jzoJ7wuKjj8sh82UkbTC09FC%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28RNDsHeqXScVDWOBOvb0o-bSp__AGjVLc5Cz0aKM0jzoJ7wuKjj8sh82UkbTC09FC%29
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3DT247XWLDTlOMhdhNgpgxsg-6654355%26id%3D15%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Aug 2021 18:40:40 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

location: https://rtb.gumgum.com/usersync?b=obn&i=ENC%28RNDsHeqXScVDWOBOvb0o-bSp__AGjVLc5Cz0aKM0jzoJ7wuKjj8sh82UkbTC09FC%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28RNDsHeqXScVDWOBOvb0o-bSp__AGjVLc5Cz0aKM0jzoJ7wuKjj8sh82UkbTC09FC%29
Date: Wed, 25 Aug 2021 18:40:40 GMT
Connection: close
X-TraceId: 7bb9363da51aea509733f502aa255b7a
Content-Length: 0

GET
H2

200

usersync
rtb.gumgum.com/ Frame 5D5C
Redirect Chain

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=0&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
https://rtb.gumgum.com/usersync?b=opx&i=87046eeb-3b8c-4a67-aa03-948146efdb2f&gdpr=0&gdpr_consent=0&gdpr=0&gdpr_consent=0

35 B
237 B

547ms
57ms

Image
image/gif

54.77.47.243
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=opx&i=87046eeb-3b8c-4a67-aa03-948146efdb2f&gdpr=0&gdpr_consent=0&gdpr=0&gdpr_consent=0
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3DT247XWLDTlOMhdhNgpgxsg-6654355%26id%3D15%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Aug 2021 18:40:37 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

date: Wed, 25 Aug 2021 18:40:37 GMT
content-encoding: gzip
server: OXGW/16.214.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://rtb.gumgum.com/usersync?b=opx&i=87046eeb-3b8c-4a67-aa03-948146efdb2f&gdpr=0&gdpr_consent=0&gdpr=0&gdpr_consent=0
content-type: image/gif
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H2 200 gumgum
pr-bh.ybp.yahoo.com/sync/ Frame 5D5C 43 B
299 B 106ms
34ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=0

Requested by

Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3DT247XWLDTlOMhdhNgpgxsg-6654355%26id%3D15%26uid%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 18:40:37 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff

GET
H2

200

usersync
rtb.gumgum.com/ Frame 5D5C
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=0&us_privacy=&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb...
https://rtb.gumgum.com/usersync?b=vnt&i=f0b429a4-05d3-11ec-865a-e3661c1cb574

35 B
237 B

171ms
56ms

Image
image/gif

54.77.47.243
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=vnt&i=f0b429a4-05d3-11ec-865a-e3661c1cb574
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3DT247XWLDTlOMhdhNgpgxsg-6654355%26id%3D15%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Aug 2021 18:40:37 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Location: https://rtb.gumgum.com/usersync?b=vnt&i=f0b429a4-05d3-11ec-865a-e3661c1cb574
Date: Wed, 25 Aug 2021 18:40:37 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
Content-Length: 0
X-CI-RTID: f0b429a5-05d3-11ec-865a-e3661c1cb574

GET
H2 204 services
sync.technoratimedia.com/ Frame 5D5C 0
294 B 1613ms
109ms Image
text/plain 150.136.26.45
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3DT247XWLDTlOMhdhNgpgxsg-6654355%26id%3D15%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 150.136.26.45 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 18:40:38 GMT
via: 1.1 varnish
server: nginx
age: 0
access-control-allow-methods: POST,GET,HEAD,OPTIONS
x-varnish: 435044484
access-control-allow-origin: https://rtb.gumgum.com/
access-control-allow-credentials: true

GET
H2 200 142
match.deepintent.com/usersync/ Frame 5D5C 0
44 B 1367ms
114ms Image
text/plain 169.197.150.7
DEEPINTENT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.deepintent.com/usersync/142
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3DT247XWLDTlOMhdhNgpgxsg-6654355%26id%3D15%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS: g.deepintent.com
Software: b /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 18:40:38 GMT
content-length: 0
server: b

GET
H2

200

usersync
rtb.gumgum.com/ Frame 5D5C
Redirect Chain

https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
https://rtb.gumgum.com/usersync?b=idi&i=ea3c8270-86d9-400f-b163-992790d676ef

35 B
237 B

45ms
45ms

Image
image/gif

54.77.47.243
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=idi&i=ea3c8270-86d9-400f-b163-992790d676ef
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3DT247XWLDTlOMhdhNgpgxsg-6654355%26id%3D15%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Aug 2021 18:40:38 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

location: https://rtb.gumgum.com/usersync?b=idi&i=ea3c8270-86d9-400f-b163-992790d676ef
date: Wed, 25 Aug 2021 18:40:37 GMT
access-control-allow-origin: *
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

usersync
rtb.gumgum.com/ Frame 5D5C
Redirect Chain

https://ssbsync.smartadserver.com/api/sync?callerId=15
https://rtb.gumgum.com/usersync?b=sad&i=6129765715776807093&gdpr=1&gdpr_consent=

35 B
237 B

45ms
45ms

Image
image/gif

54.77.47.243
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=sad&i=6129765715776807093&gdpr=1&gdpr_consent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3DT247XWLDTlOMhdhNgpgxsg-6654355%26id%3D15%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Aug 2021 18:40:38 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

location: https://rtb.gumgum.com/usersync?b=sad&i=6129765715776807093&gdpr=1&gdpr_consent=
date: Wed, 25 Aug 2021 18:40:37 GMT
content-length: 0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 7341 14 KB
5 KB 36ms
32ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=0
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3DT247XWLDTlOMhdhNgpgxsg-6654355%26id%3D15%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: KCCH=YES
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=98043
expires: Thu, 26 Aug 2021 21:54:40 GMT
date: Wed, 25 Aug 2021 18:40:37 GMT
vary: Accept-Encoding

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame AE7E
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=0
https://match.adsrvr.org/track/cmb/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=0
https://rtb.gumgum.com/usersync?b=ttd&i=2d74a5cf-8693-43ec-a4c2-44cf10c60c5b&t=1632508837

35 B
237 B

474ms
57ms

Document
image/gif

54.77.47.243
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=ttd&i=2d74a5cf-8693-43ec-a4c2-44cf10c60c5b&t=1632508837
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3DT247XWLDTlOMhdhNgpgxsg-6654355%26id%3D15%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=ttd&i=2d74a5cf-8693-43ec-a4c2-44cf10c60c5b&t=1632508837
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_3dcf346a-7f03-436c-884c-1644a787b607
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

date: Wed, 25 Aug 2021 18:40:37 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

date: Wed, 25 Aug 2021 18:40:37 GMT
content-type: text/html
content-length: 209
location: https://rtb.gumgum.com/usersync?b=ttd&i=2d74a5cf-8693-43ec-a4c2-44cf10c60c5b&t=1632508837
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
set-cookie: TDID=2d74a5cf-8693-43ec-a4c2-44cf10c60c5b; domain=.adsrvr.org; expires=Thu, 25-Aug-2022 18:40:37 GMT; path=/; secure; SameSite=None TDCPM=CAEYBSABKAIyCwiw3-n90YD0ORAFOAE.; domain=.adsrvr.org; expires=Thu, 25-Aug-2022 18:40:37 GMT; path=/; secure; SameSite=None
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 6B93
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
https://eus.rubiconproject.com/usync.html?p=gumgum

281 B
554 B

87ms
29ms

Document
text/html

23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3DT247XWLDTlOMhdhNgpgxsg-6654355%26id%3D15%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 25 Aug 2021 18:40:37 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=gumgum
Date: Wed, 25 Aug 2021 18:40:37 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 5585
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=0&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
https://rtb.gumgum.com/usersync?b=mmh&i=0d176126-8ea7-4300-a6d5-19995e8b7cab&gdpr=0&gdpr_consent=0

35 B
237 B

42ms
41ms

Document
image/gif

54.77.47.243
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=mmh&i=0d176126-8ea7-4300-a6d5-19995e8b7cab&gdpr=0&gdpr_consent=0
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3DT247XWLDTlOMhdhNgpgxsg-6654355%26id%3D15%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=mmh&i=0d176126-8ea7-4300-a6d5-19995e8b7cab&gdpr=0&gdpr_consent=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

date: Wed, 25 Aug 2021 18:40:40 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

Date: Wed, 25 Aug 2021 18:40:40 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=360
Server: MT3 3865 cc0e612 master zrh-pixel-x5
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: uuid=0d176126-8ea7-4300-a6d5-19995e8b7cab; domain=.mathtag.com; path=/; expires=Thu, 22-Sep-2022 18:40:39 GMT; SameSite=None; Secure
location: https://rtb.gumgum.com/usersync?b=mmh&i=0d176126-8ea7-4300-a6d5-19995e8b7cab&gdpr=0&gdpr_consent=0
Expires: Wed, 25 Aug 2021 18:40:39 GMT

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 38C5
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=0
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=0&_test=YSaOqAAD5i-g9gAC
https://rtb.gumgum.com/usersync?b=atm&i=YSaOqAAD5i-g9gAC&gdpr=0&gdpr_consent=0&_test=YSaOqAAD5i-g9gAC

35 B
237 B

42ms
41ms

Document
image/gif

54.77.47.243
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=atm&i=YSaOqAAD5i-g9gAC&gdpr=0&gdpr_consent=0&_test=YSaOqAAD5i-g9gAC
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3DT247XWLDTlOMhdhNgpgxsg-6654355%26id%3D15%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=atm&i=YSaOqAAD5i-g9gAC&gdpr=0&gdpr_consent=0&_test=YSaOqAAD5i-g9gAC
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

date: Wed, 25 Aug 2021 18:40:40 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

server: Varnish
retry-after: 0
location: https://rtb.gumgum.com/usersync?b=atm&i=YSaOqAAD5i-g9gAC&gdpr=0&gdpr_consent=0&_test=YSaOqAAD5i-g9gAC
accept-ranges: bytes
date: Wed, 25 Aug 2021 18:40:40 GMT
via: 1.1 varnish
x-served-by: cache-fra19178-FRA
x-cache: HIT
x-cache-hits: 0
x-timer: S1629916840.489612,VS0,VE0
cache-control: no-cache
pragma: no-cache
content-length: 0

GET
H3-29

200

pixel Show response
cm.g.doubleclick.net/ Frame 8E6F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8zZGNmMzQ2YS03ZjAzLTQzNmMtODg0Yy0xNjQ0YTc4N2I2MDc=&gdpr=0&gdpr_consent=0
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8zZGNmMzQ2YS03ZjAzLTQzNmMtODg0Yy0xNjQ0YTc4N2I2MDc=&gdpr=0&gdpr_consent=0&google_tc=

170 B
188 B

54ms
53ms

Document
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8zZGNmMzQ2YS03ZjAzLTQzNmMtODg0Yy0xNjQ0YTc4N2I2MDc=&gdpr=0&gdpr_consent=0&google_tc=

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

:method: GET
:authority: cm.g.doubleclick.net
:scheme: https
:path: /pixel?google_nid=gumgum_dbm&google_hm=ZV8zZGNmMzQ2YS03ZjAzLTQzNmMtODg0Yy0xNjQ0YTc4N2I2MDc=&gdpr=0&gdpr_consent=0&google_tc=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

content-type: image/png
date: Wed, 25 Aug 2021 18:40:40 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
server: HTTP server (unknown)
content-length: 170
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8zZGNmMzQ2YS03ZjAzLTQzNmMtODg0Yy0xNjQ0YTc4N2I2MDc=&gdpr=0&gdpr_consent=0&google_tc=
date: Wed, 25 Aug 2021 18:40:40 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 365
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 25-Aug-2021 18:55:40 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame 3B6D 0
0 228ms
120ms Document
text/plain 208.100.17.178
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3DT247XWLDTlOMhdhNgpgxsg-6654355%26id%3D15%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.178 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip178.208-100-17.static.steadfastdns.net
Software: 33XP002 /
Resource Hash

Request headers

:method: GET
:authority: ssc-cms.33across.com
:scheme: https
:path: /ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

x-33x-status: 2000208
server: 33XP002
date: Wed, 25 Aug 2021 18:40:36 GMT

GET
H2 204 um
cs.emxdgt.com/ Frame CB1A 0
0 418ms
29ms Document
text/html 18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3DT247XWLDTlOMhdhNgpgxsg-6654355%26id%3D15%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

:method: GET
:authority: cs.emxdgt.com
:scheme: https
:path: /um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

content-type: text/html
date: Wed, 25 Aug 2021 18:40:36 GMT
content-length: 0

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame EFFC
Redirect Chain

https://tg.socdm.com/aux/idsync?proto=gumgum
https://rtb.gumgum.com/usersync?b=sus&i=YSaOpsCo8XsAAAVLISAAAAAA

35 B
237 B

41ms
41ms

Document
image/gif

54.77.47.243
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=sus&i=YSaOpsCo8XsAAAVLISAAAAAA
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3DT247XWLDTlOMhdhNgpgxsg-6654355%26id%3D15%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=sus&i=YSaOpsCo8XsAAAVLISAAAAAA
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

date: Wed, 25 Aug 2021 18:40:39 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

Server: nginx
Date: Wed, 25 Aug 2021 18:40:38 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: private
Location: https://rtb.gumgum.com/usersync?b=sus&i=YSaOpsCo8XsAAAVLISAAAAAA
P3P: CP="See also http://www.scaleout.jp/privacy/"
X-SO-Ads-Time: 3
X-SO-HostName: m-ad202.dc4p.scaleout.jp
X-SO-LB-Hostname: m-tgng23.dc4p.scaleout.jp
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":10,"gdpr":true,"ipv4":"0.0.0.0","key":"YSaOpsCo8XsAAAVLISAAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad202"}
X-SO-Key: YSaOpsCo8XsAAAVLISAAAAAA
X-SO-IP: 159.48.55.7
X-SO-Cluster-ID: 10
X-SO-Upstream-ID: m-ad202

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame E2D1
Redirect Chain

https://p.rfihub.com/cm?pub=42796&in=1
https://rtb.gumgum.com/usersync?b=zet&i=1871597497717842397

35 B
237 B

46ms
45ms

Document
image/gif

54.77.47.243
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=zet&i=1871597497717842397
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3DT247XWLDTlOMhdhNgpgxsg-6654355%26id%3D15%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=zet&i=1871597497717842397
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_3dcf346a-7f03-436c-884c-1644a787b607
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

date: Wed, 25 Aug 2021 18:40:38 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

Date: Wed, 25 Aug 2021 18:40:38 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: eud=H4sIAAAAAAAAAFslxmtoZmRpaWhmYWxhYmkJAFPKIQ4QAAAA; Path=/; Domain=.rfihub.com; Expires=Mon, 19 Sep 2022 18:40:38 GMT; Secure; SameSite=None rud=H4sIAAAAAAAAAOMSNrQwNzS1NDexNDc3NLcwMTK2NBfiM9SNSvPJzcooKHZxywqW4jU0M7K0NDSzMLYwsbQEALywoWg0AAAA; Path=/; Domain=.rfihub.com; Expires=Mon, 19 Sep 2022 18:40:38 GMT; Secure; SameSite=None ruds=H4sIAAAAAAAAAOMSNrQwNzS1NDexNDc3NLcwMTK2NBfiM9SNSvPJzcooKHZxywoGAJGzoMQlAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
Location: https://rtb.gumgum.com/usersync?b=zet&i=1871597497717842397
Content-Length: 0
Server: Jetty(9.3.29.v20201019)

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame DC2D
Redirect Chain

https://creativecdn.com/cm-notify?pi=gumgum
https://creativecdn.com/cm-notify?pi=gumgum&tc=1
https://rtb.gumgum.com/usersync?b=rth&i=HUuOE1XrrKeaxxkAjzWE&pi=gumgum&tc=1

35 B
237 B

45ms
45ms

Document
image/gif

54.77.47.243
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=rth&i=HUuOE1XrrKeaxxkAjzWE&pi=gumgum&tc=1
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3DT247XWLDTlOMhdhNgpgxsg-6654355%26id%3D15%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=rth&i=HUuOE1XrrKeaxxkAjzWE&pi=gumgum&tc=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_3dcf346a-7f03-436c-884c-1644a787b607
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

date: Wed, 25 Aug 2021 18:40:38 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

date: Wed, 25 Aug 2021 18:40:38 GMT Wed, 25 Aug 2021 18:40:38 GMT
location: https://rtb.gumgum.com/usersync?b=rth&i=HUuOE1XrrKeaxxkAjzWE&pi=gumgum&tc=1
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-length: 0

GET
H/1.1 200
OK / Show response
s.0cf.io/ Frame 7F47 15 KB
6 KB 326ms
148ms Document
text/html 199.212.255.113
FHMNET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.0cf.io/

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.212.255.113 , Canada, ASN25948 (FHMNET, CA),

Reverse DNS

Software

nginx/1.16.1 / Express

Resource Hash

2aed30da1eb4d2e339566617a2342a330ee433cfdc1a1f34b347a1bd1dbf96c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Host: s.0cf.io
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

Server: nginx/1.16.1
Date: Wed, 25 Aug 2021 18:40:37 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
cache-control: max-age=2628000, immutable, public
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Last-Modified: Tue, 17 Aug 2021 22:15:03 GMT
ETag: W/"3bbb-17b562ea6f9"
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 6B93 31 KB
10 KB 30ms
29ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 6b056c435cdb6bfe2ee820b9d515bb8df82aacb8efc274168d7a10ba76b4173b

Request headers

Referer: https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 25 Aug 2021 18:40:37 GMT
Content-Encoding: gzip
Last-Modified: Tue, 24 Aug 2021 22:28:41 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=43733
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9355
Expires: Thu, 26 Aug 2021 06:49:30 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 6B93 284 B
536 B 117ms
29ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Content-Type: image/jpg

GET
H/1.1 200
OK / Show response
s.0cf.io/get_syncs/ 2 B
412 B 106ms
105ms Fetch
application/javascript 199.212.255.113
FHMNET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.0cf.io/get_syncs/?id=T247XWLDTlOMhdhNgpgxsg-6654355

Requested by

Host: s.0cf.io
URL: https://s.0cf.io/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.212.255.113 , Canada, ASN25948 (FHMNET, CA),

Reverse DNS

Software

nginx/1.16.1 / Express

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: s.0cf.io
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors
content-type: text/plain
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: empty
Referer: https://s.0cf.io/
Connection: keep-alive
Referer: https://s.0cf.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type: text/plain

Response headers

Date: Wed, 25 Aug 2021 18:40:38 GMT
Server: nginx/1.16.1
X-Powered-By: Express
ETag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
Strict-Transport-Security: max-age=31536000
Content-Type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store, private
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 2

GET
H/1.1 200
OK set_uid Show response
us.dblks.net/ Frame 5803 0
500 B 1360ms
107ms Document
text/html 199.212.255.130
FHMNET

General

Check archive.org

Show headers Download Go to

Full URL: https://us.dblks.net/set_uid?uid=T247XWLDTlOMhdhNgpgxsg-6654355
Requested by: Host: s.0cf.io
URL: https://s.0cf.io/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.212.255.130 , Canada, ASN25948 (FHMNET, CA),
Reverse DNS
Software: nginx/1.16.1 / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host: us.dblks.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://s.0cf.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://s.0cf.io/

Response headers

Server: nginx/1.16.1
Date: Wed, 25 Aug 2021 18:40:39 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
X-Powered-By: Express
cache-control: max-age=0, no-cache, no-store, private
access-control-allow-origin: *
access-control-allow-credentials: true
set-cookie: _dbid=T247XWLDTlOMhdhNgpgxsg-6654355;path=/;SameSite=None;Secure;expires=Fri, 25 Aug 2023 18:40:39 GMT;domain=.dblks.net;priority=high
ETag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"

POST
H/1.1 200
OK / Show response
s.0cf.io/update_ids/ 2 B
399 B 104ms
104ms XHR
text/html 199.212.255.113
FHMNET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.0cf.io/update_ids/?id=T247XWLDTlOMhdhNgpgxsg-6654355

Requested by

Host: s.0cf.io
URL: https://s.0cf.io/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.212.255.113 , Canada, ASN25948 (FHMNET, CA),

Reverse DNS

Software

nginx/1.16.1 / Express

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://s.0cf.io
Accept-Encoding: gzip, deflate, br
Host: s.0cf.io
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors
content-type: application/json
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: empty
Referer: https://s.0cf.io/
Connection: keep-alive
Content-Length: 417
Referer: https://s.0cf.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type: application/json

Response headers

Date: Wed, 25 Aug 2021 18:40:38 GMT
Server: nginx/1.16.1
X-Powered-By: Express
ETag: W/"2-eoX0dku9ba8cNUXvu/DyeabcC+s"
Strict-Transport-Security: max-age=31536000
Content-Type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store, private
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 2

POST
H/1.1 200
OK / Show response
s.0cf.io/metrics/ 0
397 B 105ms
105ms XHR
text/html 199.212.255.113
FHMNET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.0cf.io/metrics/?id=T247XWLDTlOMhdhNgpgxsg-6654355

Requested by

Host: s.0cf.io
URL: https://s.0cf.io/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.212.255.113 , Canada, ASN25948 (FHMNET, CA),

Reverse DNS

Software

nginx/1.16.1 / Express

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Sec-Fetch-Mode: cors
Origin: https://s.0cf.io
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Sec-Fetch-Dest: empty
Cookie: _dbid=T247XWLDTlOMhdhNgpgxsg-6654355
Connection: keep-alive
Content-Length: 60
Pragma: no-cache
Host: s.0cf.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type: application/json
Accept: */*
Cache-Control: no-cache
Referer: https://s.0cf.io/
Sec-Fetch-Site: same-origin
Referer: https://s.0cf.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type: application/json

Response headers

Date: Wed, 25 Aug 2021 18:40:38 GMT
Server: nginx/1.16.1
X-Powered-By: Express
ETag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
Strict-Transport-Security: max-age=31536000
Content-Type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store, private
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 0

Verdicts & Comments Add Verdict or Comment

60 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.360yield.com
ads.pubmatic.com
ap.lijit.com
b1sync.zemanta.com
bh.contextweb.com
bidswitch-eu.splicky.com
cm.g.doubleclick.net
creativecdn.com
cs.emxdgt.com
cs.krushmedia.com
eb2.3lift.com
eus.rubiconproject.com
ib.adnxs.com
image6.pubmatic.com
match.adsrvr.org
match.deepintent.com
onetag-sys.com
p.rfihub.com
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.adnxs.com
rtb.gumgum.com
rtb.openx.net
s.0cf.io
secure-assets.rubiconproject.com
secure.adnxs.com
ssbsync-global.smartadserver.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssum.casalemedia.com
sync-tm.everesttech.net
sync.1rx.io
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
tg.socdm.com
token.rubiconproject.com
ups.analytics.yahoo.com
us-u.openx.net
us.dblks.net
x.bidswitch.net
124.146.215.46
142.250.184.194
147.75.38.124
150.136.26.45
151.101.14.49
168.119.168.187
169.197.150.7
178.162.133.149
18.185.233.121
18.195.155.181
185.184.8.65
185.29.132.245
185.33.220.242
185.33.221.91
185.64.190.78
185.86.138.119
193.0.160.129
198.148.27.139
199.212.255.113
199.212.255.130
2.18.233.180
2.18.234.21
208.100.17.178
213.19.147.45
216.52.2.19
23.37.42.132
2a00:1288:110:c305::8000
3.123.215.135
3.126.56.137
35.156.90.40
35.186.253.211
35.244.159.8
37.252.161.190
51.89.9.252
52.203.60.58
54.175.198.118
54.77.47.243
64.202.112.191
69.173.144.139
70.42.32.191
76.223.111.131
76.223.111.18
8.2.110.134
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2aed30da1eb4d2e339566617a2342a330ee433cfdc1a1f34b347a1bd1dbf96c5
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b056c435cdb6bfe2ee820b9d515bb8df82aacb8efc274168d7a10ba76b4173b
772ddf02edb3a3a13b293f49bf8f924060b95b512870756ec1c56a476be455a6
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f455cb24d196f61e3e6395c369efb3fe7dad60b27462a32ef97d5ad6ec097730
ffe3f3a84ea70813b44a7c66ee55f9305ea2682bc1d25d10b8be3fbe19d950cd

s.0cf.io Open in urlscan Pro 199.212.255.113 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

53 Requests

100 %HTTPS

2 %IPv6

37 Domains

46 Subdomains

18 IPs

9 Countries

93 kBTransfer

232 kBSize

0 Cookies

0 Outgoing links

Redirected requests

53 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

s.0cf.io Open in urlscan Pro
199.212.255.113 Public Scan

Screenshot
Live screenshot

Full Image

53
Requests

100 %
HTTPS

2 %
IPv6

37
Domains

46
Subdomains

18
IPs

9
Countries

93 kB
Transfer

232 kB
Size

0
Cookies

53 HTTP transactions
0 data transactions