s.0cf.io Open in urlscan Pro
2602:808:3:1:1:: Public Scan

URL:
http://s.0cf.io/
Submission: On August 09 via manual (August 9th 2021, 1:28:27 pm UTC) from US

Summary HTTP 57 Redirects Behaviour Indicators

Summary

This website contacted 24 IPs in 9 countries across 41 domains to perform 57 HTTP transactions. The main IP is 2602:808:3:1:1::, located in Canada and belongs to FHMNET, CA. The main domain is s.0cf.io.

This is the only time s.0cf.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16	2602:808:3:1:1:: 2602:808:3:1:1::	25948 (FHMNET) (FHMNET)
6 6	37.252.173.62 37.252.173.62	29990 (ASN-APPNEX) (ASN-APPNEX)
1	37.252.161.190 37.252.161.190	29990 (ASN-APPNEX) (ASN-APPNEX)
1	18.195.39.201 18.195.39.201	16509 (AMAZON-02) (AMAZON-02)
1 1	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3 4	76.223.111.131 76.223.111.131	16509 (AMAZON-02) (AMAZON-02)
1	51.89.20.86 51.89.20.86	16276 (OVH) (OVH)
1	35.82.71.229 35.82.71.229	16509 (AMAZON-02) (AMAZON-02)
2	208.100.17.180 208.100.17.180	32748 (STEADFAST) (STEADFAST)
1	2a02:fa8:8806... 2a02:fa8:8806:13::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 16	52.18.52.16 52.18.52.16	16509 (AMAZON-02) (AMAZON-02)
2 3	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
2	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	198.148.27.139 198.148.27.139	19189 (PULSEPOINT) (PULSEPOINT)
4 4	213.19.147.44 213.19.147.44	3356 (LEVEL3) (LEVEL3)
2 2	213.19.147.45 213.19.147.45	3356 (LEVEL3) (LEVEL3)
3 3	216.52.2.48 216.52.2.48	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
1	178.162.133.149 178.162.133.149	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::13	56396 (TURN) (TURN)
2 2	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
2 2	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
3 3	147.75.38.124 147.75.38.124	54825 (PACKET) (PACKET)
1 1	185.86.138.120 185.86.138.120	201081 (SMARTADSE...) (SMARTADSERVER)
1 1	8.2.110.134 8.2.110.134	46636 (NATCOWEB) (NATCOWEB)
1	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	52.29.176.117 52.29.176.117	16509 (AMAZON-02) (AMAZON-02)
1	2620:116:800d... 2620:116:800d:21:8c6e:cf2c:8d6:9fb5	16509 (AMAZON-02) (AMAZON-02)
1 1	54.209.16.83 54.209.16.83	14618 (AMAZON-AES) (AMAZON-AES)
1 1	64.202.112.95 64.202.112.95	23352 (SERVERCEN...) (SERVERCENTRAL)
3 3	64.202.112.31 64.202.112.31	23352 (SERVERCEN...) (SERVERCENTRAL)
2	18.195.155.181 18.195.155.181	16509 (AMAZON-02) (AMAZON-02)
1 1	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
1 1	52.21.104.248 52.21.104.248	14618 (AMAZON-AES) (AMAZON-AES)
1	129.159.70.95 129.159.70.95	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
1	169.197.150.8 169.197.150.8	398989 (DEEPINTENT) (DEEPINTENT)
2 2	18.157.193.56 18.157.193.56	16509 (AMAZON-02) (AMAZON-02)
1 1	185.86.137.121 185.86.137.121	201081 (SMARTADSE...) (SMARTADSERVER)
1 3	23.37.42.132 23.37.42.132	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	185.29.132.241 185.29.132.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2 2	151.101.14.49 151.101.14.49	54113 (FASTLY) (FASTLY)
1 2	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1 1	124.146.215.51 124.146.215.51	2514 (INFOSPHER...) (INFOSPHERE NTT PC Communications)
1 1	193.0.160.128 193.0.160.128	54312 (ROCKETFUEL) (ROCKETFUEL)
2 2	185.184.8.65 185.184.8.65	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	199.212.255.128 199.212.255.128	25948 (FHMNET) (FHMNET)
57	24

16 2602:808:3:1:1:: (Canada)

ASN25948 (FHMNET, CA)

s.0cf.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.252.173.62 (Frankfurt am Main, Germany) 6 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.161.190 (Bethnal Green, United Kingdom)

ASN29990 (ASN-APPNEX, US)
PTR: prebid.ams1.adnexus.net

prebid.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.39.201 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-39-201.eu-central-1.compute.amazonaws.com

prebid-server.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 76.223.111.131 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.20.86 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: p18.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.82.71.229 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-82-71-229.us-west-2.compute.amazonaws.com

id.sharedid.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 208.100.17.180 (United States)

ASN32748 (STEADFAST, US)
PTR: ip180.208-100-17.static.steadfastdns.net

ssc-cms.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:13::1400 (United States)

ASN41041 (VCLK-EU-SE, US)

prebid-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 52.18.52.16 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-52-16.eu-west-1.compute.amazonaws.com

rtb.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.18.234.21 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.253.211 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.148.27.139 (New York, United States) 2 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 213.19.147.44 (United Kingdom) 4 redirects

ASN3356 (LEVEL3, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.19.147.45 (United Kingdom) 2 redirects

ASN3356 (LEVEL3, US)

sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.52.2.48 (United States) 3 redirects

ASN30282 (AS-INAPCDN-OCY, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.162.133.149 (Madrid, Spain)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::13 (United Kingdom) 1 redirects

ASN56396 (TURN, GB)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.18 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.0.31 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 147.75.38.124 (Amsterdam, Netherlands) 3 redirects

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.138.120 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

ssbsync-global.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.2.110.134 (United States) 1 redirects

ASN46636 (NATCOWEB, US)

cs.krushmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.29.176.117 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-176-117.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:8c6e:cf2c:8d6:9fb5 (United States)

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.209.16.83 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-209-16-83.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.202.112.95 (United States) 1 redirects

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 64.202.112.31 (United States) 3 redirects

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com

cs.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:110:c305::8000 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.21.104.248 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-104-248.compute-1.amazonaws.com

sync.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 129.159.70.95 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)

sync.technoratimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.197.150.8 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com

match.deepintent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.157.193.56 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-193-56.eu-central-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.137.121 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.37.42.132 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.241 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.14.49 (Frankfurt am Main, Germany) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.162 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 124.146.215.51 (Minato-ku, Japan) 1 redirects

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)

tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.128 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.65 (Amsterdam, Netherlands) 2 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.212.255.128 (Canada)

ASN25948 (FHMNET, CA)

us.dblks.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	gumgum.com 1 redirects rtb.gumgum.com	5 KB
16	0cf.io s.0cf.io	74 KB
7	adnxs.com 6 redirects secure.adnxs.com prebid.adnxs.com ib.adnxs.com	6 KB
5	rubiconproject.com 1 redirects prebid-server.rubiconproject.com secure-assets.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com	11 KB
4	1rx.io 4 redirects sync.1rx.io	2 KB
4	adsrvr.org 3 redirects match.adsrvr.org	2 KB
3	outbrain.com 3 redirects sync.outbrain.com	1 KB
3	a-mo.net 3 redirects prebid.a-mo.net	892 B
3	yahoo.com 2 redirects ups.analytics.yahoo.com pr-bh.ybp.yahoo.com	2 KB
3	lijit.com 3 redirects ap.lijit.com	2 KB
3	pubmatic.com ads.pubmatic.com image6.pubmatic.com	11 KB
3	openx.net 3 redirects rtb.openx.net us-u.openx.net	998 B
3	casalemedia.com 2 redirects ssum.casalemedia.com	2 KB
2	creativecdn.com 2 redirects creativecdn.com	695 B
2	doubleclick.net 1 redirects cm.g.doubleclick.net	891 B
2	everesttech.net 2 redirects sync-tm.everesttech.net	629 B
2	360yield.com 2 redirects ad.360yield.com	616 B
2	emxdgt.com cs.emxdgt.com	22 B
2	bidswitch.net 2 redirects x.bidswitch.net	899 B
2	smartadserver.com 2 redirects ssbsync-global.smartadserver.com ssbsync.smartadserver.com	500 B
2	3lift.com 2 redirects eb2.3lift.com	774 B
2	unrulymedia.com 2 redirects sync.targeting.unrulymedia.com	1004 B
2	contextweb.com 2 redirects bh.contextweb.com	799 B
2	33across.com ssc-cms.33across.com
2	criteo.com 1 redirects gum.criteo.com mug.criteo.com	986 B
1	dblks.net us.dblks.net	501 B
1	rfihub.com 1 redirects p.rfihub.com	749 B
1	socdm.com 1 redirects tg.socdm.com	695 B
1	mathtag.com 1 redirects sync.mathtag.com	612 B
1	deepintent.com match.deepintent.com	44 B
1	technoratimedia.com sync.technoratimedia.com	294 B
1	ipredictive.com 1 redirects sync.ipredictive.com	428 B
1	zemanta.com 1 redirects b1sync.zemanta.com	303 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com	612 B
1	quantserve.com pixel.quantserve.com	372 B
1	krushmedia.com 1 redirects cs.krushmedia.com	594 B
1	turn.com 1 redirects d.turn.com	432 B
1	sonobi.com sync.go.sonobi.com	513 B
1	dotomi.com prebid-match.dotomi.com	612 B
1	sharedid.org id.sharedid.org	208 B
1	id5-sync.com id5-sync.com	435 B
57	41

	Domain	Requested by
16	rtb.gumgum.com	1 redirects s.0cf.io rtb.gumgum.com
16	s.0cf.io	s.0cf.io rtb.gumgum.com
5	secure.adnxs.com	5 redirects
4	sync.1rx.io	4 redirects
4	match.adsrvr.org	3 redirects s.0cf.io
3	sync.outbrain.com	3 redirects
3	prebid.a-mo.net	3 redirects
3	ap.lijit.com	3 redirects
3	ssum.casalemedia.com	2 redirects s.0cf.io
2	creativecdn.com	2 redirects
2	cm.g.doubleclick.net	1 redirects rtb.gumgum.com
2	sync-tm.everesttech.net	2 redirects
2	eus.rubiconproject.com	rtb.gumgum.com eus.rubiconproject.com
2	ad.360yield.com	2 redirects
2	cs.emxdgt.com	rtb.gumgum.com
2	x.bidswitch.net	2 redirects
2	ups.analytics.yahoo.com	2 redirects
2	eb2.3lift.com	2 redirects
2	sync.targeting.unrulymedia.com	2 redirects
2	bh.contextweb.com	2 redirects
2	ads.pubmatic.com	s.0cf.io rtb.gumgum.com
2	rtb.openx.net	2 redirects
2	ssc-cms.33across.com	s.0cf.io rtb.gumgum.com
1	us.dblks.net	s.0cf.io
1	token.rubiconproject.com	eus.rubiconproject.com
1	p.rfihub.com	1 redirects
1	tg.socdm.com	1 redirects
1	sync.mathtag.com	1 redirects
1	secure-assets.rubiconproject.com	1 redirects
1	ssbsync.smartadserver.com	1 redirects
1	match.deepintent.com	rtb.gumgum.com
1	sync.technoratimedia.com	rtb.gumgum.com
1	sync.ipredictive.com	1 redirects
1	pr-bh.ybp.yahoo.com	rtb.gumgum.com
1	us-u.openx.net	1 redirects
1	b1sync.zemanta.com	1 redirects
1	sync.srv.stackadapt.com	1 redirects
1	pixel.quantserve.com	rtb.gumgum.com
1	image6.pubmatic.com	ads.pubmatic.com
1	cs.krushmedia.com	1 redirects
1	ssbsync-global.smartadserver.com	1 redirects
1	ib.adnxs.com	1 redirects
1	d.turn.com	1 redirects
1	sync.go.sonobi.com	s.0cf.io
1	prebid-match.dotomi.com	s.0cf.io
1	id.sharedid.org	s.0cf.io
1	id5-sync.com	s.0cf.io
1	mug.criteo.com
1	gum.criteo.com	1 redirects
1	prebid-server.rubiconproject.com	s.0cf.io
1	prebid.adnxs.com
57	51

This site contains no links.

Subject Issuer	Validity	Valid
prebid.adnxs.com GeoTrust TLS RSA CA G1	`2020-03-29` - `2022-03-29`	2 years	crt.sh
s.0cf.io R3	`2021-07-27` - `2021-10-25`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2020-12-18` - `2022-01-18`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-06-27` - `2021-09-24`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.id5-sync.com R3	`2021-07-13` - `2021-10-11`	3 months	crt.sh
id.sharedid.org Amazon	`2021-01-08` - `2022-02-06`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-01` - `2021-09-30`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2019-06-19` - `2021-08-31`	2 years	crt.sh
*.gumgum.com Amazon	`2021-06-05` - `2022-07-04`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2020-12-06` - `2022-01-07`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
*.emxdgt.com Go Daddy Secure Certificate Authority - G2	`2021-05-18` - `2022-06-19`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-03-29` - `2021-09-22`	6 months	crt.sh
*.technoratimedia.com DigiCert SHA2 High Assurance Server CA	`2020-07-28` - `2021-10-01`	a year	crt.sh
*.deepintent.com Go Daddy Secure Certificate Authority - G2	`2020-04-09` - `2022-06-08`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
us.dblks.net R3	`2021-07-27` - `2021-10-25`	3 months	crt.sh

This page contains 31 frames:

Primary Page: http://s.0cf.io/
Frame ID: B69E69CD230166FD6C5640946B894DD6
Requests: 9 HTTP requests in this frame

Frame: https://s.0cf.io/
Frame ID: 0F5E68B5C8B6DFC044325B3FD9CD609F
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?gdpr_58=&gdpr_consent=&ts=&ri=70&ru=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3Dpi6CDbtURxWatU4cCQSl0Q-25031178%26id%3D1%26uid%3D33XUSERID33X
Frame ID: C3EA318C6F98137C4B2E9F84F5A89443
Requests: 1 HTTP requests in this frame

Frame: https://prebid-match.dotomi.com/prebid/match?rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3Dpi6CDbtURxWatU4cCQSl0Q-25031178%26id%3D10%26uid%3D
Frame ID: F7466AB66853FEFC7AF06E563C943009
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3Dpi6CDbtURxWatU4cCQSl0Q-25031178%26id%3D15%26uid%3D
Frame ID: 3872886C4B66F624676E9EEB5DBE1106
Requests: 15 HTTP requests in this frame

Frame: https://s.0cf.io/
Frame ID: D288A10A35897812D15A4C2F54296FF5
Requests: 1 HTTP requests in this frame

Frame: https://s.0cf.io/
Frame ID: 272FA40684743FF0CA416231A6CCD84A
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=0&us_privacy=0&predirect=https%3A%2F%2Fs.0cf.io%2F%3Fps%3Dtrue%26dbid%3Dpi6CDbtURxWatU4cCQSl0Q-25031178%26id%3D20%26uid%3D
Frame ID: 781A0E7B524C630A83A78C852F2214B8
Requests: 2 HTTP requests in this frame

Frame: https://s.0cf.io/
Frame ID: F056C029D2EA49F5756F5E9216099497
Requests: 1 HTTP requests in this frame

Frame: https://s.0cf.io/
Frame ID: 9B7F4CD1E5CC27BBAADF8E2B0FC9F762
Requests: 1 HTTP requests in this frame

Frame: https://s.0cf.io/
Frame ID: 250910A61D299CAF4521CFB37C134A3E
Requests: 1 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3Dpi6CDbtURxWatU4cCQSl0Q-25031178%26id%3D26%26uid%3D%5BUID%5D
Frame ID: 886CF3B96C01C1BEACB183485728659F
Requests: 1 HTTP requests in this frame

Frame: https://s.0cf.io/
Frame ID: DBC61C5FDECB91EFDDDA17DA93F23E0A
Requests: 1 HTTP requests in this frame

Frame: https://s.0cf.io/
Frame ID: C5BF5D301EF5DB66FBA10D1BC4900306
Requests: 1 HTTP requests in this frame

Frame: https://s.0cf.io/
Frame ID: FC3D0BAB54D5E8CAB83CB06A3A877A47
Requests: 1 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%3FA%3Dda7f9ce8-2530-4e33-bd99-f94d48d92ece%26bidder%3Dindex_rtb%26cbx%3DaHR0cHM6Ly9zLjBjZi5pby8jcHM9dHJ1ZSZkYmlkPXBpNkNEYnRVUnhXYXRVNGNDUVNsMFEtMjUwMzExNzgmaWQ9ODEmdWlkPQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D0%26uid%3D&gdpr=0&gdpr_consent=0
Frame ID: 78974D641B0FA54E56ADD6C6A2547D68
Requests: 1 HTTP requests in this frame

Frame: https://s.0cf.io/
Frame ID: 9749B0FF1F48EA25513AF07CD5B5F4E2
Requests: 1 HTTP requests in this frame

Frame: https://s.0cf.io/
Frame ID: 0207B0EFB45DC4E802675E8FA894511F
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=0
Frame ID: 6903C8A911869F2F05C0F1A4207F36BA
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=ttd&i=cf25106f-2495-4d4b-b268-1dbde2548ecf&t=1631107690
Frame ID: E15A9146BA2601A7089F17C34392D751
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 00C1B72FFB691892B3C87FBE2316A5AB
Requests: 3 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=mmh&i=83ac6111-2d6b-4b00-a26b-5314b19af10a&gdpr=0&gdpr_consent=0
Frame ID: 5CD5C925241DF65CE25F8F9372D25A95
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=atm&i=YREtbAADVLQPjgBg&gdpr=0&gdpr_consent=0&_test=YREtbAADVLQPjgBg
Frame ID: 132842564E858D8103E8434EE6B34F01
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8yMTYyZjFjZS1lOWRmLTQwYWQtOTdlMC0yN2FmYjNjYzMyMmU=&gdpr=0&gdpr_consent=0&google_tc=
Frame ID: 8AC506C0634063B06F4B8624DE6EC0D5
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
Frame ID: 6F4981AB504132B9D6E4D6528098F71E
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Frame ID: 0B97218E0A0F6D51FB597CAA7E5C749B
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=sus&i=YREtbMCo8YIAAI0IZGYAAAAA
Frame ID: 54C941215B1FC27E19527EAA4515F517
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=zet&i=1870471597311386215
Frame ID: B0E3BA97C930B40E68641520EF24E097
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=rth&i=3NX6G0FbZq5KvjGwaJ5Z&pi=gumgum&tc=1
Frame ID: 2C889969DDCEF3C9CE88A0F03463AD85
Requests: 1 HTTP requests in this frame

Frame: https://s.0cf.io/
Frame ID: 1FDB955AF6C6C25D1A5AB5B9D40B473D
Requests: 1 HTTP requests in this frame

Frame: https://us.dblks.net/set_uid?uid=pi6CDbtURxWatU4cCQSl0Q-25031178
Frame ID: B90C16C2641FBD801FE9DF4FD525F7D8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

57
Requests

95 %
HTTPS

12 %
IPv6

41
Domains

51
Subdomains

24
IPs

9
Countries

105 kB
Transfer

266 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://secure.adnxs.com/getuid?https%3A%2F%2Fprebid.adnxs.com%2Fpbs%2Fv1%2Fgetuids HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fprebid.adnxs.com%252Fpbs%252Fv1%252Fgetuids HTTP 302
https://prebid.adnxs.com/pbs/v1/getuids

Request Chain 2

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3Dpi6CDbtURxWatU4cCQSl0Q-25031178%26id%3D0%26uid%3D%24UID HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.0cf.io%252F%2523ps%253Dtrue%2526dbid%253Dpi6CDbtURxWatU4cCQSl0Q-25031178%2526id%253D0%2526uid%253D%2524UID HTTP 302
https://s.0cf.io/

Request Chain 4

https://gum.criteo.com/sid/json?origin=prebid HTTP 302
https://mug.criteo.com/sid?cpp=0oidpnxjOHJob0xvUk9wSXRFVkZ5VVhIOU9kZ1dva25hZ21jN3ZoaU5IV01nUURXKzIwbUoySEF5RGlWNXZkaUlKLzFjdDQvWFo4WlVDekQ3L0QrVGRjMGhBZ21IUGxoM2tva2E3UjdtVUt3ZjVRVHJzN1djVDY4Zzk1K3FibmNSdzFWbG91RG1qams5ZlNSNmc2b21ORkQwc0E9PXw&cppv=2

Request Chain 11

https://ssum.casalemedia.com/usermatchredir?s=184932&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3Dpi6CDbtURxWatU4cCQSl0Q-25031178%26id%3D74%26uid%3D HTTP 302
https://ssum.casalemedia.com/usermatchredir?s=184932&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3Dpi6CDbtURxWatU4cCQSl0Q-25031178%26id%3D74%26uid%3D&C=1 HTTP 302
https://s.0cf.io/

Request Chain 12

https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3Dpi6CDbtURxWatU4cCQSl0Q-25031178%26id%3D19%26uid%3D%24%7BUID%7D HTTP 302
https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3Dpi6CDbtURxWatU4cCQSl0Q-25031178%26id%3D19%26uid%3D%24%7BUID%7D&ox_sc=1 HTTP 302
https://s.0cf.io/

Request Chain 14

https://bh.contextweb.com/rtset?pid=561205&ev=1&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3Dpi6CDbtURxWatU4cCQSl0Q-25031178%26id%3D21%26uid%3D%25%25VGUID%25%25 HTTP 302
https://s.0cf.io/

Request Chain 15

https://sync.1rx.io/usersync2/rmphb?gdpr=0&gdpr_consent=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3Dpi6CDbtURxWatU4cCQSl0Q-25031178%26id%3D22%26uid%3D%5BRX_UUID%5D HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5835081509 HTTP 302
https://sync.1rx.io/usersync/tradedesk/cf25106f-2495-4d4b-b268-1dbde2548ecf HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-8dfc680f-2a31-403d-b2fa-c3515dae9830-003?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3Dpi6CDbtURxWatU4cCQSl0Q-25031178%26id%3D22%26uid%3DRX-8dfc680f-2a31-403d-b2fa-c3515dae9830-003 HTTP 302
https://s.0cf.io/

Request Chain 16

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3Dpi6CDbtURxWatU4cCQSl0Q-25031178%26id%3D25%26uid%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3Dpi6CDbtURxWatU4cCQSl0Q-25031178%26id%3D25%26uid%3D%24UID&sovrn_retry=true HTTP 307
https://s.0cf.io/

Request Chain 18

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjg0NTA1NDYvdC8w/url/https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3Dpi6CDbtURxWatU4cCQSl0Q-25031178%26id%3D48%26uid%3D$!%7BTURN_UUID%7D HTTP 302
https://s.0cf.io/

Request Chain 19

https://eb2.3lift.com/getuid?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3Dpi6CDbtURxWatU4cCQSl0Q-25031178%26id%3D76%26uid%3D%24UID HTTP 302
https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3Dpi6CDbtURxWatU4cCQSl0Q-25031178%26id%3D76%26uid%3D%24UID HTTP 302
https://s.0cf.io/

Request Chain 20

https://ups.analytics.yahoo.com/ups/58448/occ?uid=pi6CDbtURxWatU4cCQSl0Q-2503117877%26uid%3D HTTP 302
https://ups.analytics.yahoo.com/ups/58448/occ?uid=pi6CDbtURxWatU4cCQSl0Q-2503117877%26uid%3D&verify=true HTTP 302
https://s.0cf.io/

Request Chain 21

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=0&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3Dpi6CDbtURxWatU4cCQSl0Q-25031178%26id%3D81%26uid%3D HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%3FA%3Dda7f9ce8-2530-4e33-bd99-f94d48d92ece%26bidder%3Dappnexus%26cbx%3DaHR0cHM6Ly9zLjBjZi5pby8jcHM9dHJ1ZSZkYmlkPXBpNkNEYnRVUnhXYXRVNGNDUVNsMFEtMjUwMzExNzgmaWQ9ODEmdWlkPQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D0%26uid%3D$UID&gdpr=0&gdpr_consent=0 HTTP 302
https://prebid.a-mo.net/cchain/0?A=da7f9ce8-2530-4e33-bd99-f94d48d92ece&bidder=appnexus&cbx=aHR0cHM6Ly9zLjBjZi5pby8jcHM9dHJ1ZSZkYmlkPXBpNkNEYnRVUnhXYXRVNGNDUVNsMFEtMjUwMzExNzgmaWQ9ODEmdWlkPQ%3D%3D&gdpr=0&gdpr_consent=0&uid=7029441839799791405&gdpr=0&gdpr_consent=0 HTTP 302
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%3FA%3Dda7f9ce8-2530-4e33-bd99-f94d48d92ece%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9zLjBjZi5pby8jcHM9dHJ1ZSZkYmlkPXBpNkNEYnRVUnhXYXRVNGNDUVNsMFEtMjUwMzExNzgmaWQ9ODEmdWlkPQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D0%26uid%3D$UID&gdpr=0&gdpr_consent=0 HTTP 307
https://prebid.a-mo.net/cchain/1?A=da7f9ce8-2530-4e33-bd99-f94d48d92ece&bidder=sovrn&cbx=aHR0cHM6Ly9zLjBjZi5pby8jcHM9dHJ1ZSZkYmlkPXBpNkNEYnRVUnhXYXRVNGNDUVNsMFEtMjUwMzExNzgmaWQ9ODEmdWlkPQ==&gdpr=0&gdpr_consent=0&uid=2a2da96351edc4099d66f2a5 HTTP 302
https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%3FA%3Dda7f9ce8-2530-4e33-bd99-f94d48d92ece%26bidder%3Dindex_rtb%26cbx%3DaHR0cHM6Ly9zLjBjZi5pby8jcHM9dHJ1ZSZkYmlkPXBpNkNEYnRVUnhXYXRVNGNDUVNsMFEtMjUwMzExNzgmaWQ9ODEmdWlkPQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D0%26uid%3D&gdpr=0&gdpr_consent=0

Request Chain 22

https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=0&us_privacy=0&redirectUri=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3Dpi6CDbtURxWatU4cCQSl0Q-25031178%26id%3D82%26uid%3D%5Bssb_sync_pid%5D HTTP 302
https://s.0cf.io/

Request Chain 23

https://cs.krushmedia.com/4e4abdd5ecc661643458a730b1aa927d.gif?gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3Dpi6CDbtURxWatU4cCQSl0Q-25031178%26id%3D83%26uid%3D%5BUID%5D HTTP 302
https://s.0cf.io/

Request Chain 25

https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID HTTP 302
https://rtb.gumgum.com/usersync?b=apn&i=7029441839799791405

Request Chain 26

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_2162f1ce-e9df-40ad-97e0-27afb3cc322e&gdpr=0&gdpr_consent=0&us_privacy= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_2162f1ce-e9df-40ad-97e0-27afb3cc322e&gdpr=0&gdpr_consent=0&us_privacy= HTTP 302
https://pixel.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=gumgum2&gdpr=0&gdpr_consent=0

Request Chain 27

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=0 HTTP 302
https://rtb.gumgum.com/usersync?b=sta&i=0-e3510c2b-bc60-4ca4-47c2-dc0618dd6635$ip$82.102.19.136

Request Chain 28

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_2162f1ce-e9df-40ad-97e0-27afb3cc322e&gdpr=0&gdpr_consent=0&us_privacy= HTTP 302
https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=0&gdpr_consent=0

Request Chain 29

https://sync.1rx.io/usersync2/floor6&gdpr=0&gdpr_consent=0 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7124275238 HTTP 302
https://sync.1rx.io/usersync/tradedesk/cf25106f-2495-4d4b-b268-1dbde2548ecf HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-8dfc680f-2a31-403d-b2fa-c3515dae9830-003?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3Dpi6CDbtURxWatU4cCQSl0Q-25031178%26id%3D22%26uid%3DRX-8dfc680f-2a31-403d-b2fa-c3515dae9830-003 HTTP 302
https://s.0cf.io/

Request Chain 30

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
https://rtb.gumgum.com/usersync?b=pln&i=KtMFwSgww2j0&ev=1&pid=558355

Request Chain 31

https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=0&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
https://rtb.gumgum.com/usersync?b=obn&i=ENC%28-9lfPkDiqv6-9aE_DrnKThaMCrCsv868bOOIuJTxKB1Fm62UE27Wpc4IzQKjO3LP%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28-9lfPkDiqv6-9aE_DrnKThaMCrCsv868bOOIuJTxKB1Fm62UE27Wpc4IzQKjO3LP%29 HTTP 302
https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_2162f1ce-e9df-40ad-97e0-27afb3cc322e&obuid=ENC(-9lfPkDiqv6-9aE_DrnKThaMCrCsv868bOOIuJTxKB1Fm62UE27Wpc4IzQKjO3LP) HTTP 302
https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Demx%26uid%3D%24UID%26obUid%3D-9lfPkDiqv6-9aE_DrnKThaMCrCsv868bOOIuJTxKB1Fm62UE27Wpc4IzQKjO3LP%0A%0A

Request Chain 32

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=0&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
https://rtb.gumgum.com/usersync?b=opx&i=c4b5b14a-55b7-49a2-b334-c70f749ba75b&gdpr=0&gdpr_consent=0&gdpr=0&gdpr_consent=0

Request Chain 34

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=0&us_privacy=&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
https://rtb.gumgum.com/usersync?b=vnt&i=a504171d-f915-11eb-b72f-831af43107d7

Request Chain 37

https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
https://rtb.gumgum.com/usersync?b=idi&i=93a268e1-9cc6-44a7-a51b-837ea3fdf079

Request Chain 38

https://ssbsync.smartadserver.com/api/sync?callerId=15 HTTP 302
https://rtb.gumgum.com/usersync?b=sad&i=8453673451920779381&gdpr=1&gdpr_consent=

Request Chain 40

https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=0 HTTP 302
https://rtb.gumgum.com/usersync?b=ttd&i=cf25106f-2495-4d4b-b268-1dbde2548ecf&t=1631107690

Request Chain 41

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
https://eus.rubiconproject.com/usync.html?p=gumgum

Request Chain 42

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=0&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
https://rtb.gumgum.com/usersync?b=mmh&i=83ac6111-2d6b-4b00-a26b-5314b19af10a&gdpr=0&gdpr_consent=0

Request Chain 43

https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=0 HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=0&_test=YREtbAADVLQPjgBg HTTP 302
https://rtb.gumgum.com/usersync?b=atm&i=YREtbAADVLQPjgBg&gdpr=0&gdpr_consent=0&_test=YREtbAADVLQPjgBg

Request Chain 44

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8yMTYyZjFjZS1lOWRmLTQwYWQtOTdlMC0yN2FmYjNjYzMyMmU=&gdpr=0&gdpr_consent=0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8yMTYyZjFjZS1lOWRmLTQwYWQtOTdlMC0yN2FmYjNjYzMyMmU=&gdpr=0&gdpr_consent=0&google_tc=

Request Chain 47

https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
https://rtb.gumgum.com/usersync?b=sus&i=YREtbMCo8YIAAI0IZGYAAAAA

Request Chain 48

https://p.rfihub.com/cm?pub=42796&in=1 HTTP 302
https://rtb.gumgum.com/usersync?b=zet&i=1870471597311386215

Request Chain 49

https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
https://rtb.gumgum.com/usersync?b=rth&i=3NX6G0FbZq5KvjGwaJ5Z&pi=gumgum&tc=1

Request Chain 54

http://s.0cf.io/update_ids/?id=pi6CDbtURxWatU4cCQSl0Q-25031178 HTTP 307
https://s.0cf.io/update_ids/?id=pi6CDbtURxWatU4cCQSl0Q-25031178

57 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
s.0cf.io/ 15 KB
6 KB 208ms
104ms Document
text/html 2602:808:3:1:1::
FHMNET

General

Check archive.org

Show headers Download Go to

Full URL

http://s.0cf.io/

Protocol

HTTP/1.1

Server

2602:808:3:1:1:: , Canada, ASN25948 (FHMNET, CA),

Reverse DNS

Software

nginx/1.16.1 / Express

Resource Hash

2418adbe810655a8057d501d39cb12793e75379c312c501861af871cd2b5db80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Host: s.0cf.io
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: nginx/1.16.1
Date: Mon, 09 Aug 2021 13:28:10 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
cache-control: max-age=2628000, immutable, public
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Last-Modified: Mon, 07 Jun 2021 18:13:54 GMT
ETag: W/"3d99-179e7ae5bc9"
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip

POST
H/1.1 200
OK get_id Show response
s.0cf.io/ 41 B
503 B 103ms
103ms Fetch
text/html 2602:808:3:1:1::
FHMNET

General

Check archive.org

Show headers Download Go to

Full URL

http://s.0cf.io/get_id

Requested by

Host: s.0cf.io
URL: http://s.0cf.io/

Protocol

HTTP/1.1

Server

2602:808:3:1:1:: , Canada, ASN25948 (FHMNET, CA),

Reverse DNS

Software

nginx/1.16.1 / Express

Resource Hash

bff7441d5df4021035c2d3fe42fa2c51a4ec01473d26a3e986324784d790fc49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Pragma: no-cache
Origin: http://s.0cf.io
Accept-Encoding: gzip, deflate
Host: s.0cf.io
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: text/plain
Accept: */*
Cache-Control: no-cache
Referer: http://s.0cf.io/
Connection: keep-alive
Content-Length: 2
Referer: http://s.0cf.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: text/plain

Response headers

Date: Mon, 09 Aug 2021 13:28:10 GMT
Content-Encoding: gzip
Server: nginx/1.16.1
X-Powered-By: Express
ETag: W/"29-B2IT0/kvl9WSOWhLtiW2SGEZxGY"
Strict-Transport-Security: max-age=31536000
Content-Type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store, private
Transfer-Encoding: chunked
Connection: keep-alive
access-control-allow-credentials: true

GET
H/1.1

200
OK

getuids Show response
prebid.adnxs.com/pbs/v1/
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fprebid.adnxs.com%2Fpbs%2Fv1%2Fgetuids
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fprebid.adnxs.com%252Fpbs%252Fv1%252Fgetuids
https://prebid.adnxs.com/pbs/v1/getuids

46 B
380 B

1093ms
41ms

Fetch
text/plain

37.252.161.190
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.adnxs.com/pbs/v1/getuids
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.252.161.190 Bethnal Green, United Kingdom, ASN29990 (ASN-APPNEX, US),
Reverse DNS: prebid.ams1.adnexus.net
Software: nginx/1.19.0 /
Resource Hash: ccdcf6cb466e38686f94537f5a8d6abf91cbb28d6770c8f84a438556d4498a43

Request headers

Referer: http://s.0cf.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 09 Aug 2021 13:28:12 GMT
Server: nginx/1.19.0
Vary: Origin
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: null
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 46
Expires: 0

Redirect headers

Pragma: no-cache
Date: Mon, 09 Aug 2021 13:28:10 GMT
X-Proxy-Origin: 82.102.19.136; 82.102.19.136; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: a21e7f0b-ae46-4399-ad54-91d18910794f
Server: nginx/1.17.9
Access-Control-Allow-Origin: http://s.0cf.io
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://prebid.adnxs.com/pbs/v1/getuids
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

/ Show response
s.0cf.io/ Frame 0F5E
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3Dpi6CDbtURxWatU4cCQSl0Q-25031178%26id%3D0%26uid%3D%24UID
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.0cf.io%252F%2523ps%253Dtrue%2526dbid%253Dpi6CDbtURxWatU4cCQSl0Q-25031178%2526id%253D0%2526uid%253D%2524UID
https://s.0cf.io/

15 KB
6 KB

322ms
109ms

Document
text/html

2602:808:3:1:1::
FHMNET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.0cf.io/

Requested by

Host: s.0cf.io
URL: http://s.0cf.io/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2602:808:3:1:1:: , Canada, ASN25948 (FHMNET, CA),

Reverse DNS

Software

nginx/1.16.1 / Express

Resource Hash

2418adbe810655a8057d501d39cb12793e75379c312c501861af871cd2b5db80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Host: s.0cf.io
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://s.0cf.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://s.0cf.io/

Response headers

Server: nginx/1.16.1
Date: Mon, 09 Aug 2021 13:28:11 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
cache-control: max-age=2628000, immutable, public
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Last-Modified: Mon, 07 Jun 2021 18:13:54 GMT
ETag: W/"3d99-179e7ae5bc9"
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip

Redirect headers

Server: nginx/1.17.9
Date: Mon, 09 Aug 2021 13:28:10 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://s.0cf.io/#ps=true&dbid=pi6CDbtURxWatU4cCQSl0Q-25031178&id=0&uid=7029441839799791405
AN-X-Request-Uuid: 0b73c90e-d562-4071-a146-48bfb6f02b39
Set-Cookie: uuid2=7029441839799791405; SameSite=None; Path=/; Max-Age=7776000; Expires=Sun, 07-Nov-2021 13:28:10 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 82.102.19.136; 82.102.19.136; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com

GET
H2 200 getuids Show response
prebid-server.rubiconproject.com/ 2 B
246 B 91ms
25ms Fetch
application/json 18.195.39.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/getuids
Requested by: Host: s.0cf.io
URL: http://s.0cf.io/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.39.201 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-39-201.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: http://s.0cf.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 09 Aug 2021 13:28:10 GMT
content-encoding: gzip
content-type: application/json;charset=utf-8
access-control-allow-origin: http://s.0cf.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 28
expires: 0

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid
https://mug.criteo.com/sid?cpp=0oidpnxjOHJob0xvUk9wSXRFVkZ5VVhIOU9kZ1dva25hZ21jN3ZoaU5IV01nUURXKzIwbUoySEF5RGlWNXZkaUlKLzFjdDQvWFo4WlVDekQ3L0QrVGRjMGhBZ21IUGxoM2tva2E3UjdtVUt3ZjVRVHJzN1djVDY4Zzk1K3...

136 B
451 B

3066ms
23ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=0oidpnxjOHJob0xvUk9wSXRFVkZ5VVhIOU9kZ1dva25hZ21jN3ZoaU5IV01nUURXKzIwbUoySEF5RGlWNXZkaUlKLzFjdDQvWFo4WlVDekQ3L0QrVGRjMGhBZ21IUGxoM2tva2E3UjdtVUt3ZjVRVHJzN1djVDY4Zzk1K3FibmNSdzFWbG91RG1qams5ZlNSNmc2b21ORkQwc0E9PXw&cppv=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

3685d2ef4b478f82182acf2105d1889612212875d02e42d6589488c5df6b0b1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://s.0cf.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Mon, 09 Aug 2021 13:28:13 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1746
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Mon, 09 Aug 2021 13:28:10 GMT
location: https://mug.criteo.com/sid?cpp=0oidpnxjOHJob0xvUk9wSXRFVkZ5VVhIOU9kZ1dva25hZ21jN3ZoaU5IV01nUURXKzIwbUoySEF5RGlWNXZkaUlKLzFjdDQvWFo4WlVDekQ3L0QrVGRjMGhBZ21IUGxoM2tva2E3UjdtVUt3ZjVRVHJzN1djVDY4Zzk1K3FibmNSdzFWbG91RG1qams5ZlNSNmc2b21ORkQwc0E9PXw&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: http://s.0cf.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1495
content-length: 370
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 109 B
538 B 113ms
37ms Fetch
application/json 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=prebid&fmt=json
Requested by: Host: s.0cf.io
URL: http://s.0cf.io/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 29eab572f3ffe2a02f1d798fb408bed5cbf4dadd8fb7c12d4ee5a2b6df902da9

Request headers

Referer: http://s.0cf.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: text/plain

Response headers

date: Mon, 09 Aug 2021 13:28:10 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: http://s.0cf.io
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Wed, 08 Sep 2021 13:28:10 GMT

GET
H/1.1 200 258.json Show response
id5-sync.com/g/v1/ 130 B
435 B 726ms
98ms Fetch
text/json 51.89.20.86
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v1/258.json?1puid=&gdpr=0&gdpr_consent=

Requested by

Host: s.0cf.io
URL: http://s.0cf.io/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.89.20.86 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

p18.id5-sync.com

Software

Resource Hash

b8ac125bb580f9c815bc8655f9c9fed1410024fa746b5d09616419365c28ad43

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: http://s.0cf.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: text/plain

Response headers

Access-Control-Allow-Origin: http://s.0cf.io
Date: Mon, 09 Aug 2021 13:27:59 GMT
Access-Control-Allow-Credentials: true
Vary: Origin
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: text/json;charset=utf-8

GET
H2 204 id Show response
id.sharedid.org/ 0
208 B 776ms
455ms Fetch 35.82.71.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.sharedid.org/id
Requested by: Host: s.0cf.io
URL: http://s.0cf.io/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.82.71.229 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-82-71-229.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://s.0cf.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: http://s.0cf.io
pragma: no-cache
date: Mon, 09 Aug 2021 13:28:11 GMT
cache-control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
expires: 0

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame C3EA 0
0 346ms
111ms Document
text/plain 208.100.17.180
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?gdpr_58=&gdpr_consent=&ts=&ri=70&ru=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3Dpi6CDbtURxWatU4cCQSl0Q-25031178%26id%3D1%26uid%3D33XUSERID33X
Requested by: Host: s.0cf.io
URL: http://s.0cf.io/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.180 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip180.208-100-17.static.steadfastdns.net
Software: 33XP005 /
Resource Hash

Request headers

:method: GET
:authority: ssc-cms.33across.com
:scheme: https
:path: /ps/?gdpr_58=&gdpr_consent=&ts=&ri=70&ru=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3Dpi6CDbtURxWatU4cCQSl0Q-25031178%26id%3D1%26uid%3D33XUSERID33X
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://s.0cf.io/

Response headers

x-33x-status: 2000208
server: 33XP005
date: Mon, 09 Aug 2021 13:28:10 GMT

GET
H2 404 match Show response
prebid-match.dotomi.com/prebid/ Frame F746 548 B
612 B 106ms
64ms Document
text/html 2a02:fa8:8806:13::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-match.dotomi.com/prebid/match?rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3Dpi6CDbtURxWatU4cCQSl0Q-25031178%26id%3D10%26uid%3D
Requested by: Host: s.0cf.io
URL: http://s.0cf.io/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1400 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

:method: GET
:authority: prebid-match.dotomi.com
:scheme: https
:path: /prebid/match?rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3Dpi6CDbtURxWatU4cCQSl0Q-25031178%26id%3D10%26uid%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://s.0cf.io/

Response headers

server: nginx
date: Mon, 09 Aug 2021 13:28:10 GMT
content-type: text/html
content-length: 548

GET
H2 200 prbds2s Show response
rtb.gumgum.com/usync/ Frame 3872 4 KB
2 KB 116ms
37ms Document
text/html 52.18.52.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3Dpi6CDbtURxWatU4cCQSl0Q-25031178%26id%3D15%26uid%3D
Requested by: Host: s.0cf.io
URL: http://s.0cf.io/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.52.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-52-16.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 8939822843b3bdb5994814c30b410e9a8388e2e07db6bffaeb72e349b42e0f48

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3Dpi6CDbtURxWatU4cCQSl0Q-25031178%26id%3D15%26uid%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://s.0cf.io/

Response headers

date: Mon, 09 Aug 2021 13:28:10 GMT
content-type: text/html;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
set-cookie: vst=e_2162f1ce-e9df-40ad-97e0-27afb3cc322e; Domain=.gumgum.com; Expires=Tue, 09-Aug-2022 13:28:10 GMT; Path=/; Secure; SameSite=None
etag: W/"0c0081b5c2aa3a1d293c22d4ba9f4b2de"
timing-allow-origin: *
content-encoding: gzip

GET
H/1.1

200
OK

/ Show response
s.0cf.io/ Frame D288
Redirect Chain

https://ssum.casalemedia.com/usermatchredir?s=184932&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3Dpi6CDbtURxWatU4cCQSl0Q-25031178%26id%3D74%26uid%3D
https://ssum.casalemedia.com/usermatchredir?s=184932&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3Dpi6CDbtURxWatU4cCQSl0Q-25031178%26id%3D74%26uid%3D&C=1
https://s.0cf.io/

15 KB
6 KB

107ms
107ms

Document
text/html

2602:808:3:1:1::
FHMNET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.0cf.io/

Requested by

Host: s.0cf.io
URL: http://s.0cf.io/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2602:808:3:1:1:: , Canada, ASN25948 (FHMNET, CA),

Reverse DNS

Software

nginx/1.16.1 / Express

Resource Hash

2418adbe810655a8057d501d39cb12793e75379c312c501861af871cd2b5db80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Host: s.0cf.io
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://s.0cf.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://s.0cf.io/

Response headers

Server: nginx/1.16.1
Date: Mon, 09 Aug 2021 13:28:12 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
cache-control: max-age=2628000, immutable, public
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Last-Modified: Mon, 07 Jun 2021 18:13:54 GMT
ETag: W/"3d99-179e7ae5bc9"
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip

Redirect headers

Server: Apache
Content-Length: 300
Content-Type: text/html; charset=iso-8859-1
Location: https://s.0cf.io/#ps=true&dbid=pi6CDbtURxWatU4cCQSl0Q-25031178&id=74&uid=YREtbKvTzZpJ0Z1n6hQ1CAAA%261202
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Mon, 09 Aug 2021 13:28:12 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 09 Aug 2021 13:28:12 GMT
Connection: keep-alive
Set-Cookie: CMID=YREtbKvTzZpJ0Z1n6hQ1CAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 09 Aug 2022 13:28:12 GMT CMPS=1132;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 07 Nov 2021 13:28:12 GMT CMPRO=1202;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 07 Nov 2021 13:28:12 GMT CMST=YREtbGERLWwA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 10 Aug 2021 13:28:12 GMT

GET
H/1.1

200
OK

/ Show response
s.0cf.io/ Frame 272F
Redirect Chain

https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3Dpi6CDbtURxWatU4cCQSl0Q-25031178%26id%3D19%26uid%3D%24%7BUID%7D
https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3Dpi6CDbtURxWatU4cCQSl0Q-25031178%26id%3D19%26uid%3D%24%7BUID%7D&ox_sc=1
https://s.0cf.io/

15 KB
6 KB

323ms
110ms

Document
text/html

2602:808:3:1:1::
FHMNET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.0cf.io/

Requested by

Host: s.0cf.io
URL: http://s.0cf.io/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2602:808:3:1:1:: , Canada, ASN25948 (FHMNET, CA),

Reverse DNS

Software

nginx/1.16.1 / Express

Resource Hash

2418adbe810655a8057d501d39cb12793e75379c312c501861af871cd2b5db80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Host: s.0cf.io
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://s.0cf.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://s.0cf.io/

Response headers

Server: nginx/1.16.1
Date: Mon, 09 Aug 2021 13:28:11 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
cache-control: max-age=2628000, immutable, public
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Last-Modified: Mon, 07 Jun 2021 18:13:54 GMT
ETag: W/"3d99-179e7ae5bc9"
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip

Redirect headers

server: Cowboy
date: Mon, 09 Aug 2021 13:28:10 GMT
content-length: 0
cache-control: private, max-age=0, no-cache, must-revalidate
x-request-id: 6hdmq5g3mommciq33jnd6rhj0ecc2j4q
vary: Origin
access-control-allow-origin: null
access-control-expose-headers
access-control-allow-credentials: true
location: https://s.0cf.io/#ps=true&dbid=pi6CDbtURxWatU4cCQSl0Q-25031178&id=19&uid=0a569af5-c43d-421d-bfc3-17f73d906490
pragma: no-cache
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
alt-svc: clear

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 781A 14 KB
5 KB 95ms
31ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=0&us_privacy=0&predirect=https%3A%2F%2Fs.0cf.io%2F%3Fps%3Dtrue%26dbid%3Dpi6CDbtURxWatU4cCQSl0Q-25031178%26id%3D20%26uid%3D
Requested by: Host: s.0cf.io
URL: http://s.0cf.io/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/user_sync.html?gdpr=0&gdpr_consent=0&us_privacy=0&predirect=https%3A%2F%2Fs.0cf.io%2F%3Fps%3Dtrue%26dbid%3Dpi6CDbtURxWatU4cCQSl0Q-25031178%26id%3D20%26uid%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://s.0cf.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://s.0cf.io/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=119104
expires: Tue, 10 Aug 2021 22:33:14 GMT
date: Mon, 09 Aug 2021 13:28:10 GMT
vary: Accept-Encoding

GET
H/1.1

200
OK

/ Show response
s.0cf.io/ Frame F056
Redirect Chain

https://bh.contextweb.com/rtset?pid=561205&ev=1&rurl=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3Dpi6CDbtURxWatU4cCQSl0Q-25031178%26id%3D21%26uid%3D%25%25VGUID%25%25
https://s.0cf.io/

15 KB
6 KB

244ms
105ms

Document
text/html

2602:808:3:1:1::
FHMNET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.0cf.io/

Requested by

Host: s.0cf.io
URL: http://s.0cf.io/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2602:808:3:1:1:: , Canada, ASN25948 (FHMNET, CA),

Reverse DNS

Software

nginx/1.16.1 / Express

Resource Hash

2418adbe810655a8057d501d39cb12793e75379c312c501861af871cd2b5db80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Host: s.0cf.io
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://s.0cf.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://s.0cf.io/

Response headers

Server: nginx/1.16.1
Date: Mon, 09 Aug 2021 13:28:11 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
cache-control: max-age=2628000, immutable, public
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Last-Modified: Mon, 07 Jun 2021 18:13:54 GMT
ETag: W/"3d99-179e7ae5bc9"
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip

Redirect headers

p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cw-server: bh-deployment-84459f4bbf-szkbq
cache-control: private, max-age=0, no-cache, no-store
expires: -1
content-language: en-US
location: https://s.0cf.io/#ps=true&dbid=pi6CDbtURxWatU4cCQSl0Q-25031178&id=21&uid=1zUbSji2fJ40&ev=1&pid=561205
server: Jetty(9.4.14.v20181114)
strict-transport-security: max-age=15768000
set-cookie: INGRESSCOOKIE=1b4e40cfc78eae72; path=/; HttpOnly; Secure; SameSite=None

GET
H/1.1

200
OK

/ Show response
s.0cf.io/ Frame 9B7F
Redirect Chain

https://sync.1rx.io/usersync2/rmphb?gdpr=0&gdpr_consent=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3Dpi6CDbtURxWatU4cCQSl0Q-25031178%26id%3D22%26uid%3D%5BRX_UUID%5D
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5835081509
https://sync.1rx.io/usersync/tradedesk/cf25106f-2495-4d4b-b268-1dbde2548ecf
https://sync.targeting.unrulymedia.com/csync/RX-8dfc680f-2a31-403d-b2fa-c3515dae9830-003?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3Dpi6CDbtURxWatU4cCQSl0Q-25031178%26id%3D22%26uid%3DRX-8d...
https://s.0cf.io/

15 KB
6 KB

146ms
106ms

Document
text/html

2602:808:3:1:1::
FHMNET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.0cf.io/

Requested by

Host: s.0cf.io
URL: http://s.0cf.io/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2602:808:3:1:1:: , Canada, ASN25948 (FHMNET, CA),

Reverse DNS

Software

nginx/1.16.1 / Express

Resource Hash

2418adbe810655a8057d501d39cb12793e75379c312c501861af871cd2b5db80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Host: s.0cf.io
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://s.0cf.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://s.0cf.io/

Response headers

Server: nginx/1.16.1
Date: Mon, 09 Aug 2021 13:28:11 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
cache-control: max-age=2628000, immutable, public
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Last-Modified: Mon, 07 Jun 2021 18:13:54 GMT
ETag: W/"3d99-179e7ae5bc9"
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip

Redirect headers

server: Tengine
date: Mon, 09 Aug 2021 13:28:11 GMT
content-type: text/html
set-cookie: _rxuuid=%7B%22rx_uuid%22%3A%22RX-8dfc680f-2a31-403d-b2fa-c3515dae9830-003%22%7D; path=/; expires=Tue, 09 Aug 2022 13:28:11 GMT; domain=.targeting.unrulymedia.com; samesite=none; secure; httponly
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location: https://s.0cf.io/#ps=true&dbid=pi6CDbtURxWatU4cCQSl0Q-25031178&id=22&uid=RX-8dfc680f-2a31-403d-b2fa-c3515dae9830-003
etag: RX8dfc680f2a31403db2fac3515dae9830003

GET
H/1.1

200
OK

/ Show response
s.0cf.io/ Frame 2509
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3Dpi6CDbtURxWatU4cCQSl0Q-25031178%26id%3D25%26uid%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3Dpi6CDbtURxWatU4cCQSl0Q-25031178%26id%3D25%26uid%3D%24UID&sovrn_retry=true
https://s.0cf.io/

15 KB
6 KB

322ms
104ms

Document
text/html

2602:808:3:1:1::
FHMNET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.0cf.io/

Requested by

Host: s.0cf.io
URL: http://s.0cf.io/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2602:808:3:1:1:: , Canada, ASN25948 (FHMNET, CA),

Reverse DNS

Software

nginx/1.16.1 / Express

Resource Hash

2418adbe810655a8057d501d39cb12793e75379c312c501861af871cd2b5db80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Host: s.0cf.io
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://s.0cf.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://s.0cf.io/

Response headers

Server: nginx/1.16.1
Date: Mon, 09 Aug 2021 13:28:11 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
cache-control: max-age=2628000, immutable, public
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Last-Modified: Mon, 07 Jun 2021 18:13:54 GMT
ETag: W/"3d99-179e7ae5bc9"
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip

Redirect headers

Server: nginx
Date: Mon, 09 Aug 2021 13:28:10 GMT
Content-Length: 0
Location: https://s.0cf.io/#ps=true&dbid=pi6CDbtURxWatU4cCQSl0Q-25031178&id=25&uid=2a2da96351edc4099d66f2a5
Set-Cookie: ljt_reader=2a2da96351edc4099d66f2a5;Version=1;Domain=.lijit.com;Path=/;Max-Age=31536000;Secure; SameSite=None;
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type
X-Sovrn-Pod: ad_ap5ams1

GET
H/1.1 200
OK Cookie set us.gif Show response
sync.go.sonobi.com/ Frame 886C 49 B
513 B 78ms
20ms Document
image/gif 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3Dpi6CDbtURxWatU4cCQSl0Q-25031178%26id%3D26%26uid%3D%5BUID%5D

Requested by

Host: s.0cf.io
URL: http://s.0cf.io/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 Madrid, Spain, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Host: sync.go.sonobi.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://s.0cf.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://s.0cf.io/

Response headers

Date: Mon, 09 Aug 2021 13:28:10 GMT
Content-Type: image/gif
Content-Length: 49
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, no-store, private
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma: no-cache
Tcn: Choice
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
X-Xss-Protection: 0
Server: sonobi-go
Set-Cookie: HAPLB5S=s57129|YREtb; path=/; domain=.go.sonobi.com

GET
H/1.1

200
OK

/ Show response
s.0cf.io/ Frame DBC6
Redirect Chain

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjg0NTA1NDYvdC8w/url/https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3Dpi6CDbtURxWatU4cCQSl0Q-25031178%26id%3D48%26uid%3D$!%7BTURN_UUID%7D
https://s.0cf.io/

15 KB
6 KB

320ms
107ms

Document
text/html

2602:808:3:1:1::
FHMNET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.0cf.io/

Requested by

Host: s.0cf.io
URL: http://s.0cf.io/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2602:808:3:1:1:: , Canada, ASN25948 (FHMNET, CA),

Reverse DNS

Software

nginx/1.16.1 / Express

Resource Hash

2418adbe810655a8057d501d39cb12793e75379c312c501861af871cd2b5db80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Host: s.0cf.io
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://s.0cf.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://s.0cf.io/

Response headers

Server: nginx/1.16.1
Date: Mon, 09 Aug 2021 13:28:11 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
cache-control: max-age=2628000, immutable, public
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Last-Modified: Mon, 07 Jun 2021 18:13:54 GMT
ETag: W/"3d99-179e7ae5bc9"
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip

Redirect headers

p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
pragma: no-cache
set-cookie: uid=2971376409638427763; Domain=.turn.com; Expires=Sat, 05-Feb-2022 13:28:10 GMT; Path=/; Secure; SameSite=None
location: https://s.0cf.io/#ps=true&dbid=pi6CDbtURxWatU4cCQSl0Q-25031178&id=48&uid=2971376409638427763
content-length: 0
date: Mon, 09 Aug 2021 13:28:10 GMT

GET
H/1.1

200
OK

/ Show response
s.0cf.io/ Frame C5BF
Redirect Chain

https://eb2.3lift.com/getuid?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3Dpi6CDbtURxWatU4cCQSl0Q-25031178%26id%3D76%26uid%3D%24UID
https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3Dpi6CDbtURxWatU4cCQSl0Q-25031178%26id%3D76%26uid%3D%24UID
https://s.0cf.io/

15 KB
6 KB

321ms
108ms

Document
text/html

2602:808:3:1:1::
FHMNET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.0cf.io/

Requested by

Host: s.0cf.io
URL: http://s.0cf.io/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2602:808:3:1:1:: , Canada, ASN25948 (FHMNET, CA),

Reverse DNS

Software

nginx/1.16.1 / Express

Resource Hash

2418adbe810655a8057d501d39cb12793e75379c312c501861af871cd2b5db80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Host: s.0cf.io
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://s.0cf.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://s.0cf.io/

Response headers

Server: nginx/1.16.1
Date: Mon, 09 Aug 2021 13:28:11 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
cache-control: max-age=2628000, immutable, public
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Last-Modified: Mon, 07 Jun 2021 18:13:54 GMT
ETag: W/"3d99-179e7ae5bc9"
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip

Redirect headers

date: Mon, 09 Aug 2021 13:28:10 GMT
content-length: 0
location: https://s.0cf.io/#ps=true&dbid=pi6CDbtURxWatU4cCQSl0Q-25031178&id=76&uid=17068046882221095239
set-cookie: tluid=17068046882221095239; Max-Age=7776000; Expires=Sun, 07 Nov 2021 13:28:10 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
cache-control: no-cache, no-store, must-revalidate
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1

200
OK

/ Show response
s.0cf.io/ Frame FC3D
Redirect Chain

https://ups.analytics.yahoo.com/ups/58448/occ?uid=pi6CDbtURxWatU4cCQSl0Q-2503117877%26uid%3D
https://ups.analytics.yahoo.com/ups/58448/occ?uid=pi6CDbtURxWatU4cCQSl0Q-2503117877%26uid%3D&verify=true
https://s.0cf.io/

15 KB
6 KB

329ms
111ms

Document
text/html

2602:808:3:1:1::
FHMNET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.0cf.io/

Requested by

Host: s.0cf.io
URL: http://s.0cf.io/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2602:808:3:1:1:: , Canada, ASN25948 (FHMNET, CA),

Reverse DNS

Software

nginx/1.16.1 / Express

Resource Hash

2418adbe810655a8057d501d39cb12793e75379c312c501861af871cd2b5db80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Host: s.0cf.io
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://s.0cf.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://s.0cf.io/

Response headers

Server: nginx/1.16.1
Date: Mon, 09 Aug 2021 13:28:11 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
cache-control: max-age=2628000, immutable, public
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Last-Modified: Mon, 07 Jun 2021 18:13:54 GMT
ETag: W/"3d99-179e7ae5bc9"
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip

Redirect headers

Date: Mon, 09 Aug 2021 13:28:10 GMT
Content-Length: 0
Strict-Transport-Security: max-age=31536000
Set-Cookie: IDSYNC=193k~1zqd;Version=1;Domain=.analytics.yahoo.com;Path=/;Max-Age=31622400;Expires=Wed, 10-Aug-2022 13:28:10 GMT;Secure;SameSite=None A3=d=AQABBGotEWECECzSxdNor2rlrFisyjFtDkcFEgEBAQF-EmEbYQAAAAAA_eMAAA&S=AQAAAlrNI-s-APYnjRS-bfrYRLw; Expires=Tue, 9 Aug 2022 19:28:10 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly B=4e3jd65gh2bba&b=3&s=ns; Expires=Tue, 9 Aug 2022 19:28:10 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://s.0cf.io/#ps=true&dbid=pi6CDbtURxWatU4cCQSl0Q-2503117877&uid=&id=77&uid=y-nFwGbi9E2uH27u3AXQPR8qDa2J6MFkO1yAzunJc-~A
Age: 0
Connection: keep-alive
Server: ATS/7.1.2.128

GET
H/1.1

200
OK

usermatchredir Show response
ssum.casalemedia.com/ Frame 7897
Redirect Chain

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=0&cb=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3Dpi6CDbtURxWatU4cCQSl0Q-25031178%26id%3D81%26uid%3D
https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%3FA%3Dda7f9ce8-2530-4e33-bd99-f94d48d92ece%26bidder%3Dappnexus%26cbx%3DaHR0cHM6Ly9zLjBjZi5pby8jcHM9dHJ1ZSZkYmlkPXBpNkNEYnRVUnh...
https://prebid.a-mo.net/cchain/0?A=da7f9ce8-2530-4e33-bd99-f94d48d92ece&bidder=appnexus&cbx=aHR0cHM6Ly9zLjBjZi5pby8jcHM9dHJ1ZSZkYmlkPXBpNkNEYnRVUnhXYXRVNGNDUVNsMFEtMjUwMzExNzgmaWQ9ODEmdWlkPQ%3D%3D&...
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%3FA%3Dda7f9ce8-2530-4e33-bd99-f94d48d92ece%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9zLjBjZi5pby8jcHM9dHJ1ZSZkYmlkPXBpNkNEYnRVU...
https://prebid.a-mo.net/cchain/1?A=da7f9ce8-2530-4e33-bd99-f94d48d92ece&bidder=sovrn&cbx=aHR0cHM6Ly9zLjBjZi5pby8jcHM9dHJ1ZSZkYmlkPXBpNkNEYnRVUnhXYXRVNGNDUVNsMFEtMjUwMzExNzgmaWQ9ODEmdWlkPQ==&gdpr=0&...
https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%3FA%3Dda7f9ce8-2530-4e33-bd99-f94d48d92ece%26bidder%3Dindex_rtb%26cbx%3DaHR0cHM6Ly9zLjBjZi5pby8jcH...

43 B
315 B

1233ms
472ms

Document
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%3FA%3Dda7f9ce8-2530-4e33-bd99-f94d48d92ece%26bidder%3Dindex_rtb%26cbx%3DaHR0cHM6Ly9zLjBjZi5pby8jcHM9dHJ1ZSZkYmlkPXBpNkNEYnRVUnhXYXRVNGNDUVNsMFEtMjUwMzExNzgmaWQ9ODEmdWlkPQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D0%26uid%3D&gdpr=0&gdpr_consent=0
Requested by: Host: s.0cf.io
URL: http://s.0cf.io/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Host: ssum.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://s.0cf.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://s.0cf.io/

Response headers

Server: Apache
Content-Type: image/gif
Vary: Is-Traffic-Usersync
Content-Length: 43
Expires: Mon, 09 Aug 2021 13:28:12 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 09 Aug 2021 13:28:12 GMT
Connection: keep-alive

Redirect headers

cache-control: max-age=0, private, must-revalidate
content-length: 0
date: Mon, 09 Aug 2021 13:28:10 GMT
location: https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%3FA%3Dda7f9ce8-2530-4e33-bd99-f94d48d92ece%26bidder%3Dindex_rtb%26cbx%3DaHR0cHM6Ly9zLjBjZi5pby8jcHM9dHJ1ZSZkYmlkPXBpNkNEYnRVUnhXYXRVNGNDUVNsMFEtMjUwMzExNzgmaWQ9ODEmdWlkPQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D0%26uid%3D&gdpr=0&gdpr_consent=0
server: envoy
x-envoy-upstream-service-time: 2

GET
H/1.1

200
OK

/ Show response
s.0cf.io/ Frame 9749
Redirect Chain

https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=0&us_privacy=0&redirectUri=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3Dpi6CDbtURxWatU4cCQSl0Q-25031178%26id%3D82%...
https://s.0cf.io/

15 KB
6 KB

358ms
105ms

Document
text/html

2602:808:3:1:1::
FHMNET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.0cf.io/

Requested by

Host: s.0cf.io
URL: http://s.0cf.io/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2602:808:3:1:1:: , Canada, ASN25948 (FHMNET, CA),

Reverse DNS

Software

nginx/1.16.1 / Express

Resource Hash

2418adbe810655a8057d501d39cb12793e75379c312c501861af871cd2b5db80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Host: s.0cf.io
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://s.0cf.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://s.0cf.io/

Response headers

Server: nginx/1.16.1
Date: Mon, 09 Aug 2021 13:28:11 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
cache-control: max-age=2628000, immutable, public
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Last-Modified: Mon, 07 Jun 2021 18:13:54 GMT
ETag: W/"3d99-179e7ae5bc9"
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip

Redirect headers

date: Mon, 09 Aug 2021 13:28:10 GMT
content-length: 0
location: https://s.0cf.io/#ps=true&dbid=pi6CDbtURxWatU4cCQSl0Q-25031178&id=82&uid=8453673451920779381
set-cookie: pid=8453673451920779381; expires=Fri, 09 Sep 2022 13:27:10 GMT; domain=smartadserver.com; path=/; samesite=None; secure; samesite=none

GET
H/1.1

200
OK

/ Show response
s.0cf.io/ Frame 0207
Redirect Chain

https://cs.krushmedia.com/4e4abdd5ecc661643458a730b1aa927d.gif?gdpr=0&gdpr_consent=0&us_privacy=0&redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3Dpi6CDbtURxWatU4cCQSl0Q-25031178%26id%3D83%26ui...
https://s.0cf.io/

15 KB
6 KB

249ms
147ms

Document
text/html

2602:808:3:1:1::
FHMNET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.0cf.io/

Requested by

Host: s.0cf.io
URL: http://s.0cf.io/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2602:808:3:1:1:: , Canada, ASN25948 (FHMNET, CA),

Reverse DNS

Software

nginx/1.16.1 / Express

Resource Hash

2418adbe810655a8057d501d39cb12793e75379c312c501861af871cd2b5db80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Host: s.0cf.io
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://s.0cf.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://s.0cf.io/

Response headers

Server: nginx/1.16.1
Date: Mon, 09 Aug 2021 13:28:11 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
cache-control: max-age=2628000, immutable, public
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Last-Modified: Mon, 07 Jun 2021 18:13:54 GMT
ETag: W/"3d99-179e7ae5bc9"
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip

Redirect headers

Server: nginx
Date: Mon, 09 Aug 2021 13:28:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: krm_usr=9f94d820-ac91-49e0-ab24-b2ba0f01fd76; path=/; domain=.krushmedia.com; expires=Wed, 08 Sep 2021 13:28:11 GMT;SameSite=None;Secure krm_r=137; path=/; domain=.krushmedia.com; expires=Wed, 08 Sep 2021 13:28:11 GMT;SameSite=None;Secure
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Location: https://s.0cf.io/#ps=true&dbid=pi6CDbtURxWatU4cCQSl0Q-25031178&id=83&uid=9f94d820-ac91-49e0-ab24-b2ba0f01fd76

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 781A 0
42 B 87ms
25ms Script
text/plain 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=59297005&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=0&us_privacy=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=0&us_privacy=0&predirect=https%3A%2F%2Fs.0cf.io%2F%3Fps%3Dtrue%26dbid%3Dpi6CDbtURxWatU4cCQSl0Q-25031178%26id%3D20%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 13:28:10 GMT
content-length: 0

GET
H2

200

usersync
rtb.gumgum.com/ Frame 3872
Redirect Chain

https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID
https://rtb.gumgum.com/usersync?b=apn&i=7029441839799791405

35 B
237 B

52ms
51ms

Image
image/gif

52.18.52.16
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=apn&i=7029441839799791405
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3Dpi6CDbtURxWatU4cCQSl0Q-25031178%26id%3D15%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.52.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-52-16.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Aug 2021 13:28:11 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Pragma: no-cache
Date: Mon, 09 Aug 2021 13:28:10 GMT
X-Proxy-Origin: 82.102.19.136; 82.102.19.136; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 955d62eb-1694-4ade-94e8-e592ddfe9b21
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://rtb.gumgum.com/usersync?b=apn&i=7029441839799791405
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

p-zLwwakwy-hZw3.gif
pixel.quantserve.com/pixel/ Frame 3872
Redirect Chain

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_2162f1ce-e9df-40ad-97e0-27afb3cc322e&gdpr=0&gdpr_consent=0&us_privacy=
https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_2162f1ce-e9df-40ad-97e0-27afb3cc322e&gdpr=0&gdpr_consent=0&us_privacy=
https://pixel.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=gumgum2&gdpr=0&gdpr_consent=0

35 B
372 B

24ms
8ms

Image
image/gif

2620:116:800d:21:8c6e:cf2c:8d6:9fb5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=gumgum2&gdpr=0&gdpr_consent=0

Requested by

Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3Dpi6CDbtURxWatU4cCQSl0Q-25031178%26id%3D15%26uid%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Aug 2021 13:28:11 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

Redirect headers

location: //pixel.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=gumgum2&gdpr=0&gdpr_consent=0
date: Mon, 09 Aug 2021 13:28:11 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

usersync
rtb.gumgum.com/ Frame 3872
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=0
https://rtb.gumgum.com/usersync?b=sta&i=0-e3510c2b-bc60-4ca4-47c2-dc0618dd6635$ip$82.102.19.136

35 B
237 B

47ms
47ms

Image
image/gif

52.18.52.16
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=sta&i=0-e3510c2b-bc60-4ca4-47c2-dc0618dd6635$ip$82.102.19.136
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3Dpi6CDbtURxWatU4cCQSl0Q-25031178%26id%3D15%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.52.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-52-16.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Aug 2021 13:28:11 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Location: https://rtb.gumgum.com/usersync?b=sta&i=0-e3510c2b-bc60-4ca4-47c2-dc0618dd6635$ip$82.102.19.136
Date: Mon, 09 Aug 2021 13:28:11 GMT
Connection: keep-alive
Content-Length: 122
Content-Type: text/html; charset=utf-8

GET
H2

200

usersync
rtb.gumgum.com/ Frame 3872
Redirect Chain

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_2162f1ce-e9df-40ad-97e0-27afb3cc322e&gdpr=0&gdpr_consent=0&us_privacy=
https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=0&gdpr_consent=0

35 B
237 B

39ms
39ms

Image
image/gif

52.18.52.16
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=0&gdpr_consent=0
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3Dpi6CDbtURxWatU4cCQSl0Q-25031178%26id%3D15%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.52.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-52-16.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Aug 2021 13:28:11 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Location: https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=0&gdpr_consent=0
Pragma: no-cache
Date: Mon, 09 Aug 2021 13:28:11 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 97
Content-Type: text/html; charset=utf-8

GET
H/1.1

200
OK

/
s.0cf.io/ Frame 3872
Redirect Chain

https://sync.1rx.io/usersync2/floor6&gdpr=0&gdpr_consent=0
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7124275238
https://sync.1rx.io/usersync/tradedesk/cf25106f-2495-4d4b-b268-1dbde2548ecf
https://sync.targeting.unrulymedia.com/csync/RX-8dfc680f-2a31-403d-b2fa-c3515dae9830-003?redir=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3Dpi6CDbtURxWatU4cCQSl0Q-25031178%26id%3D22%26uid%3DRX-8d...
https://s.0cf.io/

0
0

157ms
108ms

Image
text/html

2602:808:3:1:1::
FHMNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.0cf.io/
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3Dpi6CDbtURxWatU4cCQSl0Q-25031178%26id%3D15%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2602:808:3:1:1:: , Canada, ASN25948 (FHMNET, CA),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true

Redirect headers

location: https://s.0cf.io/#ps=true&dbid=pi6CDbtURxWatU4cCQSl0Q-25031178&id=22&uid=RX-8dfc680f-2a31-403d-b2fa-c3515dae9830-003
date: Mon, 09 Aug 2021 13:28:11 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX8dfc680f2a31403db2fac3515dae9830003
content-type: text/html

GET
H2

200

usersync
rtb.gumgum.com/ Frame 3872
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
https://rtb.gumgum.com/usersync?b=pln&i=KtMFwSgww2j0&ev=1&pid=558355

35 B
237 B

43ms
43ms

Image
image/gif

52.18.52.16
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=pln&i=KtMFwSgww2j0&ev=1&pid=558355
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3Dpi6CDbtURxWatU4cCQSl0Q-25031178%26id%3D15%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.52.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-52-16.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Aug 2021 13:28:11 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: en-US
location: https://rtb.gumgum.com/usersync?b=pln&i=KtMFwSgww2j0&ev=1&pid=558355
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-84459f4bbf-6z6m4
expires: -1

GET
H2

204

um
cs.emxdgt.com/ Frame 3872
Redirect Chain

https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=0&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D
https://rtb.gumgum.com/usersync?b=obn&i=ENC%28-9lfPkDiqv6-9aE_DrnKThaMCrCsv868bOOIuJTxKB1Fm62UE27Wpc4IzQKjO3LP%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26pla...
https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_2162f1ce-e9df-40ad-97e0-27afb3cc322e&obuid=ENC(-9lfPkDiqv6-9aE_DrnKThaMCrCsv868bOOIuJTxKB1Fm62UE27Wpc4IzQKjO3LP)
https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Demx%26uid%3D%24UID%26obUid%3D-9lfPkDiqv6-9aE_DrnKThaMCrCsv868bOOIuJTxKB1Fm62UE27Wpc4IzQKjO3LP%0A%0A

0
22 B

23ms
23ms

Image
text/html

18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Demx%26uid%3D%24UID%26obUid%3D-9lfPkDiqv6-9aE_DrnKThaMCrCsv868bOOIuJTxKB1Fm62UE27Wpc4IzQKjO3LP%0A%0A
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3Dpi6CDbtURxWatU4cCQSl0Q-25031178%26id%3D15%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 13:28:11 GMT
content-length: 0
content-type: text/html

Redirect headers

Location: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Demx%26uid%3D%24UID%26obUid%3D-9lfPkDiqv6-9aE_DrnKThaMCrCsv868bOOIuJTxKB1Fm62UE27Wpc4IzQKjO3LP%0A%0A
Date: Mon, 09 Aug 2021 13:28:12 GMT
X-TraceId: fe6a8f975815954ff0f8a7e1ffe6426b
Content-Length: 0

GET
H2

200

usersync
rtb.gumgum.com/ Frame 3872
Redirect Chain

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=0&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
https://rtb.gumgum.com/usersync?b=opx&i=c4b5b14a-55b7-49a2-b334-c70f749ba75b&gdpr=0&gdpr_consent=0&gdpr=0&gdpr_consent=0

35 B
237 B

44ms
43ms

Image
image/gif

52.18.52.16
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=opx&i=c4b5b14a-55b7-49a2-b334-c70f749ba75b&gdpr=0&gdpr_consent=0&gdpr=0&gdpr_consent=0
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3Dpi6CDbtURxWatU4cCQSl0Q-25031178%26id%3D15%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.52.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-52-16.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Aug 2021 13:28:11 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

date: Mon, 09 Aug 2021 13:28:11 GMT
content-encoding: gzip
server: OXGW/16.213.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://rtb.gumgum.com/usersync?b=opx&i=c4b5b14a-55b7-49a2-b334-c70f749ba75b&gdpr=0&gdpr_consent=0&gdpr=0&gdpr_consent=0
content-type: image/gif
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H2 200 gumgum
pr-bh.ybp.yahoo.com/sync/ Frame 3872 43 B
299 B 103ms
33ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=0

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 13:28:11 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff

GET
H2

200

usersync
rtb.gumgum.com/ Frame 3872
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=0&us_privacy=&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb...
https://rtb.gumgum.com/usersync?b=vnt&i=a504171d-f915-11eb-b72f-831af43107d7

35 B
237 B

43ms
43ms

Image
image/gif

52.18.52.16
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=vnt&i=a504171d-f915-11eb-b72f-831af43107d7
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3Dpi6CDbtURxWatU4cCQSl0Q-25031178%26id%3D15%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.52.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-52-16.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Aug 2021 13:28:12 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Location: https://rtb.gumgum.com/usersync?b=vnt&i=a504171d-f915-11eb-b72f-831af43107d7
Date: Mon, 09 Aug 2021 13:28:11 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
Content-Length: 0
X-CI-RTID: a504171e-f915-11eb-b72f-831af43107d7

GET
H2 204 services
sync.technoratimedia.com/ Frame 3872 0
294 B 545ms
98ms Image
text/plain 129.159.70.95
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3Dpi6CDbtURxWatU4cCQSl0Q-25031178%26id%3D15%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 129.159.70.95 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 13:28:11 GMT
via: 1.1 varnish
server: nginx
age: 0
access-control-allow-methods: POST,GET,HEAD,OPTIONS
x-varnish: 853431846
access-control-allow-origin: https://rtb.gumgum.com/
access-control-allow-credentials: true

GET
H2 200 142
match.deepintent.com/usersync/ Frame 3872 0
44 B 544ms
97ms Image
text/plain 169.197.150.8
DEEPINTENT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.deepintent.com/usersync/142?redir=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3Dpi6CDbtURxWatU4cCQSl0Q-25031178%26id%3D15%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS: g.deepintent.com
Software: b /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 13:28:10 GMT
content-length: 0
server: b

GET
H2

200

usersync
rtb.gumgum.com/ Frame 3872
Redirect Chain

https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
https://rtb.gumgum.com/usersync?b=idi&i=93a268e1-9cc6-44a7-a51b-837ea3fdf079

35 B
237 B

43ms
42ms

Image
image/gif

52.18.52.16
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=idi&i=93a268e1-9cc6-44a7-a51b-837ea3fdf079
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3Dpi6CDbtURxWatU4cCQSl0Q-25031178%26id%3D15%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.52.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-52-16.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Aug 2021 13:28:12 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

location: https://rtb.gumgum.com/usersync?b=idi&i=93a268e1-9cc6-44a7-a51b-837ea3fdf079
date: Mon, 09 Aug 2021 13:28:12 GMT
access-control-allow-origin: *
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

usersync
rtb.gumgum.com/ Frame 3872
Redirect Chain

https://ssbsync.smartadserver.com/api/sync?callerId=15
https://rtb.gumgum.com/usersync?b=sad&i=8453673451920779381&gdpr=1&gdpr_consent=

35 B
237 B

42ms
42ms

Image
image/gif

52.18.52.16
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=sad&i=8453673451920779381&gdpr=1&gdpr_consent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3Dpi6CDbtURxWatU4cCQSl0Q-25031178%26id%3D15%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.52.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-52-16.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Aug 2021 13:28:12 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

location: https://rtb.gumgum.com/usersync?b=sad&i=8453673451920779381&gdpr=1&gdpr_consent=
date: Mon, 09 Aug 2021 13:28:12 GMT
content-length: 0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 6903 14 KB
5 KB 29ms
29ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=0
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3Dpi6CDbtURxWatU4cCQSl0Q-25031178%26id%3D15%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: KCCH=YES
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=119104
expires: Tue, 10 Aug 2021 22:33:14 GMT
date: Mon, 09 Aug 2021 13:28:10 GMT
vary: Accept-Encoding

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame E15A
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=0
https://rtb.gumgum.com/usersync?b=ttd&i=cf25106f-2495-4d4b-b268-1dbde2548ecf&t=1631107690

35 B
237 B

44ms
43ms

Document
image/gif

52.18.52.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=ttd&i=cf25106f-2495-4d4b-b268-1dbde2548ecf&t=1631107690
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3Dpi6CDbtURxWatU4cCQSl0Q-25031178%26id%3D15%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.52.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-52-16.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=ttd&i=cf25106f-2495-4d4b-b268-1dbde2548ecf&t=1631107690
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_2162f1ce-e9df-40ad-97e0-27afb3cc322e
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

date: Mon, 09 Aug 2021 13:28:11 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

date: Mon, 09 Aug 2021 13:28:10 GMT
content-type: text/html
content-length: 209
location: https://rtb.gumgum.com/usersync?b=ttd&i=cf25106f-2495-4d4b-b268-1dbde2548ecf&t=1631107690
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
set-cookie: TDID=cf25106f-2495-4d4b-b268-1dbde2548ecf; domain=.adsrvr.org; expires=Tue, 09-Aug-2022 13:28:10 GMT; path=/; secure; SameSite=None TDCPM=CAEYASABKAIyCwiGgrK4iNHtORAFOAFaBmd1bWd1bWAC; domain=.adsrvr.org; expires=Tue, 09-Aug-2022 13:28:10 GMT; path=/; secure; SameSite=None
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 00C1
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
https://eus.rubiconproject.com/usync.html?p=gumgum

281 B
554 B

76ms
26ms

Document
text/html

23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3Dpi6CDbtURxWatU4cCQSl0Q-25031178%26id%3D15%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 09 Aug 2021 13:28:11 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=gumgum
Date: Mon, 09 Aug 2021 13:28:11 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 5CD5
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=0&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
https://rtb.gumgum.com/usersync?b=mmh&i=83ac6111-2d6b-4b00-a26b-5314b19af10a&gdpr=0&gdpr_consent=0

35 B
237 B

42ms
42ms

Document
image/gif

52.18.52.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=mmh&i=83ac6111-2d6b-4b00-a26b-5314b19af10a&gdpr=0&gdpr_consent=0
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3Dpi6CDbtURxWatU4cCQSl0Q-25031178%26id%3D15%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.52.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-52-16.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=mmh&i=83ac6111-2d6b-4b00-a26b-5314b19af10a&gdpr=0&gdpr_consent=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_2162f1ce-e9df-40ad-97e0-27afb3cc322e
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

date: Mon, 09 Aug 2021 13:28:12 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

Date: Mon, 09 Aug 2021 13:28:11 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=360
Server: MT3 3831 a91c15f master zrh-pixel-x25
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: uuid=83ac6111-2d6b-4b00-a26b-5314b19af10a; domain=.mathtag.com; path=/; expires=Tue, 06-Sep-2022 13:28:11 GMT; SameSite=None; Secure
location: https://rtb.gumgum.com/usersync?b=mmh&i=83ac6111-2d6b-4b00-a26b-5314b19af10a&gdpr=0&gdpr_consent=0
Expires: Mon, 09 Aug 2021 13:28:10 GMT

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 1328
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=0
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=0&_test=YREtbAADVLQPjgBg
https://rtb.gumgum.com/usersync?b=atm&i=YREtbAADVLQPjgBg&gdpr=0&gdpr_consent=0&_test=YREtbAADVLQPjgBg

35 B
237 B

43ms
43ms

Document
image/gif

52.18.52.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=atm&i=YREtbAADVLQPjgBg&gdpr=0&gdpr_consent=0&_test=YREtbAADVLQPjgBg
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3Dpi6CDbtURxWatU4cCQSl0Q-25031178%26id%3D15%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.52.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-52-16.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=atm&i=YREtbAADVLQPjgBg&gdpr=0&gdpr_consent=0&_test=YREtbAADVLQPjgBg
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_2162f1ce-e9df-40ad-97e0-27afb3cc322e
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

date: Mon, 09 Aug 2021 13:28:12 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

server: Varnish
retry-after: 0
location: https://rtb.gumgum.com/usersync?b=atm&i=YREtbAADVLQPjgBg&gdpr=0&gdpr_consent=0&_test=YREtbAADVLQPjgBg
accept-ranges: bytes
date: Mon, 09 Aug 2021 13:28:12 GMT
via: 1.1 varnish
x-served-by: cache-fra19152-FRA
x-cache: HIT
x-cache-hits: 0
x-timer: S1628515692.138126,VS0,VE0
cache-control: no-cache
pragma: no-cache
content-length: 0

GET
H3-29

200

pixel Show response
cm.g.doubleclick.net/ Frame 8AC5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8yMTYyZjFjZS1lOWRmLTQwYWQtOTdlMC0yN2FmYjNjYzMyMmU=&gdpr=0&gdpr_consent=0
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8yMTYyZjFjZS1lOWRmLTQwYWQtOTdlMC0yN2FmYjNjYzMyMmU=&gdpr=0&gdpr_consent=0&google_tc=

170 B
188 B

62ms
33ms

Document
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8yMTYyZjFjZS1lOWRmLTQwYWQtOTdlMC0yN2FmYjNjYzMyMmU=&gdpr=0&gdpr_consent=0&google_tc=

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

:method: GET
:authority: cm.g.doubleclick.net
:scheme: https
:path: /pixel?google_nid=gumgum_dbm&google_hm=ZV8yMTYyZjFjZS1lOWRmLTQwYWQtOTdlMC0yN2FmYjNjYzMyMmU=&gdpr=0&gdpr_consent=0&google_tc=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

content-type: image/png
date: Mon, 09 Aug 2021 13:28:12 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
server: HTTP server (unknown)
content-length: 170
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8yMTYyZjFjZS1lOWRmLTQwYWQtOTdlMC0yN2FmYjNjYzMyMmU=&gdpr=0&gdpr_consent=0&google_tc=
date: Mon, 09 Aug 2021 13:28:12 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 365
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 09-Aug-2021 13:43:12 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame 6F49 0
0 216ms
111ms Document
text/plain 208.100.17.180
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3Dpi6CDbtURxWatU4cCQSl0Q-25031178%26id%3D15%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.180 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip180.208-100-17.static.steadfastdns.net
Software: 33XP003 /
Resource Hash

Request headers

:method: GET
:authority: ssc-cms.33across.com
:scheme: https
:path: /ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

x-33x-status: 2000208
server: 33XP003
date: Mon, 09 Aug 2021 13:28:10 GMT

GET
H2 204 um
cs.emxdgt.com/ Frame 0B97 0
0 1116ms
24ms Document
text/html 18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3Dpi6CDbtURxWatU4cCQSl0Q-25031178%26id%3D15%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

:method: GET
:authority: cs.emxdgt.com
:scheme: https
:path: /um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

content-type: text/html
date: Mon, 09 Aug 2021 13:28:11 GMT
content-length: 0

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 54C9
Redirect Chain

https://tg.socdm.com/aux/idsync?proto=gumgum
https://rtb.gumgum.com/usersync?b=sus&i=YREtbMCo8YIAAI0IZGYAAAAA

35 B
237 B

42ms
42ms

Document
image/gif

52.18.52.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=sus&i=YREtbMCo8YIAAI0IZGYAAAAA
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3Dpi6CDbtURxWatU4cCQSl0Q-25031178%26id%3D15%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.52.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-52-16.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=sus&i=YREtbMCo8YIAAI0IZGYAAAAA
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_2162f1ce-e9df-40ad-97e0-27afb3cc322e
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

date: Mon, 09 Aug 2021 13:28:12 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

Server: nginx
Date: Mon, 09 Aug 2021 13:28:12 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: private
Location: https://rtb.gumgum.com/usersync?b=sus&i=YREtbMCo8YIAAI0IZGYAAAAA
P3P: CP="See also http://www.scaleout.jp/privacy/"
X-SO-Ads-Time: 2
X-SO-HostName: a-ad40359.dc2p.scaleout.jp
X-SO-LB-Hostname: m-tgng30.dc4p.scaleout.jp
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":43,"gdpr":true,"ipv4":"0.0.0.0","key":"YREtbMCo8YIAAI0IZGYAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"a-ad40359"}
X-SO-Key: YREtbMCo8YIAAI0IZGYAAAAA
X-SO-IP: 82.102.19.136
X-SO-Cluster-ID: 43
X-SO-Upstream-ID: a-ad40359

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame B0E3
Redirect Chain

https://p.rfihub.com/cm?pub=42796&in=1
https://rtb.gumgum.com/usersync?b=zet&i=1870471597311386215

35 B
237 B

42ms
42ms

Document
image/gif

52.18.52.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=zet&i=1870471597311386215
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3Dpi6CDbtURxWatU4cCQSl0Q-25031178%26id%3D15%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.52.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-52-16.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=zet&i=1870471597311386215
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_2162f1ce-e9df-40ad-97e0-27afb3cc322e
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

date: Mon, 09 Aug 2021 13:28:12 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

Date: Mon, 09 Aug 2021 13:28:12 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: rud=H4sIAAAAAAAAAOMSNrQwNzAxNzS1NDc2NDS2MDMyNBXiM9SNKvYvd44KcazKLSiS4jU0M7IwNTQ1szQyMDUBAKircbE0AAAA; Path=/; Domain=.rfihub.com; Expires=Sat, 3 Sep 2022 13:28:12 GMT; Secure; SameSite=None ruds=H4sIAAAAAAAAAOMSNrQwNzAxNzS1NDc2NDS2MDMyNBXiM9SNKvYvd44KcazKLSgCACp6kaolAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None eud=H4sIAAAAAAAAAFslxmtoZmRhamhqZmlkYGoKAKp6MosQAAAA; Path=/; Domain=.rfihub.com; Expires=Sat, 3 Sep 2022 13:28:12 GMT; Secure; SameSite=None
Location: https://rtb.gumgum.com/usersync?b=zet&i=1870471597311386215
Content-Length: 0
Server: Jetty(9.3.29.v20201019)

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 2C88
Redirect Chain

https://creativecdn.com/cm-notify?pi=gumgum
https://creativecdn.com/cm-notify?pi=gumgum&tc=1
https://rtb.gumgum.com/usersync?b=rth&i=3NX6G0FbZq5KvjGwaJ5Z&pi=gumgum&tc=1

35 B
237 B

42ms
42ms

Document
image/gif

52.18.52.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=rth&i=3NX6G0FbZq5KvjGwaJ5Z&pi=gumgum&tc=1
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?iframe=1&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fs.0cf.io%2F%23ps%3Dtrue%26dbid%3Dpi6CDbtURxWatU4cCQSl0Q-25031178%26id%3D15%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.52.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-52-16.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=rth&i=3NX6G0FbZq5KvjGwaJ5Z&pi=gumgum&tc=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_2162f1ce-e9df-40ad-97e0-27afb3cc322e
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

date: Mon, 09 Aug 2021 13:28:11 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

date: Mon, 09 Aug 2021 13:28:11 GMT Mon, 09 Aug 2021 13:28:11 GMT
location: https://rtb.gumgum.com/usersync?b=rth&i=3NX6G0FbZq5KvjGwaJ5Z&pi=gumgum&tc=1
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-length: 0

GET
H/1.1 200
OK / Show response
s.0cf.io/ Frame 1FDB 15 KB
6 KB 391ms
104ms Document
text/html 2602:808:3:1:1::
FHMNET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.0cf.io/

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2602:808:3:1:1:: , Canada, ASN25948 (FHMNET, CA),

Reverse DNS

Software

nginx/1.16.1 / Express

Resource Hash

2418adbe810655a8057d501d39cb12793e75379c312c501861af871cd2b5db80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Host: s.0cf.io
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

Server: nginx/1.16.1
Date: Mon, 09 Aug 2021 13:28:11 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
cache-control: max-age=2628000, immutable, public
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Last-Modified: Mon, 07 Jun 2021 18:13:54 GMT
ETag: W/"3d99-179e7ae5bc9"
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 00C1 31 KB
10 KB 26ms
26ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 9af334f6788d9a1de5f26466b14e1f4506e0315793e0a6271e8a6ea3444c1a0e

Request headers

Referer: https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 09 Aug 2021 13:28:11 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Jul 2021 17:07:27 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=22814
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9358
Expires: Mon, 09 Aug 2021 19:48:25 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 00C1 284 B
536 B 356ms
26ms Image
image/jpg 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Content-Type: image/jpg

GET
H/1.1 200
OK set_uid Show response
us.dblks.net/ Frame B90C 0
501 B 314ms
99ms Document
text/html 199.212.255.128
FHMNET

General

Check archive.org

Show headers Download Go to

Full URL: https://us.dblks.net/set_uid?uid=pi6CDbtURxWatU4cCQSl0Q-25031178
Requested by: Host: s.0cf.io
URL: http://s.0cf.io/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.212.255.128 , Canada, ASN25948 (FHMNET, CA),
Reverse DNS
Software: nginx/1.16.1 / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host: us.dblks.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://s.0cf.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://s.0cf.io/

Response headers

Server: nginx/1.16.1
Date: Mon, 09 Aug 2021 13:28:12 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
X-Powered-By: Express
cache-control: max-age=0, no-cache, no-store, private
access-control-allow-origin: *
access-control-allow-credentials: true
set-cookie: _dbid=pi6CDbtURxWatU4cCQSl0Q-25031178;path=/;SameSite=None;Secure;expires=Wed, 09 Aug 2023 13:28:12 GMT;domain=.dblks.net;priority=high
ETag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"

POST

/
s.0cf.io/update_ids/
Redirect Chain

http://s.0cf.io/update_ids/?id=pi6CDbtURxWatU4cCQSl0Q-25031178
https://s.0cf.io/update_ids/?id=pi6CDbtURxWatU4cCQSl0Q-25031178

0
0

OPTIONS
H/1.1 200
OK /
s.0cf.io/update_ids/ Frame 0
0 321ms
108ms Preflight
text/html 2602:808:3:1:1::
FHMNET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.0cf.io/update_ids/?id=pi6CDbtURxWatU4cCQSl0Q-25031178

Protocol

HTTP/1.1

Server

2602:808:3:1:1:: , Canada, ASN25948 (FHMNET, CA),

Reverse DNS

Software

nginx/1.16.1 / Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://s.0cf.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx/1.16.1
Date: Mon, 09 Aug 2021 13:28:12 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 4
Connection: keep-alive
X-Powered-By: Express
Allow: POST
ETag: W/"4-Yf+Bwwqjx254r+pisuO9HfpJ6FQ"
Strict-Transport-Security: max-age=31536000

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s.0cf.io
URL: https://s.0cf.io/update_ids/?id=pi6CDbtURxWatU4cCQSl0Q-25031178

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.360yield.com
ads.pubmatic.com
ap.lijit.com
b1sync.zemanta.com
bh.contextweb.com
cm.g.doubleclick.net
creativecdn.com
cs.emxdgt.com
cs.krushmedia.com
d.turn.com
eb2.3lift.com
eus.rubiconproject.com
gum.criteo.com
ib.adnxs.com
id.sharedid.org
id5-sync.com
image6.pubmatic.com
match.adsrvr.org
match.deepintent.com
mug.criteo.com
p.rfihub.com
pixel.quantserve.com
pr-bh.ybp.yahoo.com
prebid-match.dotomi.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.adnxs.com
rtb.gumgum.com
rtb.openx.net
s.0cf.io
secure-assets.rubiconproject.com
secure.adnxs.com
ssbsync-global.smartadserver.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssum.casalemedia.com
sync-tm.everesttech.net
sync.1rx.io
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
tg.socdm.com
token.rubiconproject.com
ups.analytics.yahoo.com
us-u.openx.net
us.dblks.net
x.bidswitch.net
s.0cf.io
124.146.215.51
129.159.70.95
142.250.185.162
147.75.38.124
151.101.14.49
169.197.150.8
178.162.133.149
178.250.0.157
18.156.0.31
18.157.193.56
18.195.155.181
18.195.39.201
185.184.8.65
185.29.132.241
185.64.190.78
185.86.137.121
185.86.138.120
193.0.160.128
198.148.27.139
199.212.255.128
2.18.233.180
2.18.234.21
2001:678:cb4:bbbb::13
208.100.17.180
213.19.147.44
213.19.147.45
216.52.2.48
23.37.42.132
2602:808:3:1:1::
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2a00:1288:110:c305::8000
2a02:2638::1c
2a02:fa8:8806:13::1400
34.98.64.218
35.186.253.211
35.82.71.229
37.252.161.190
37.252.173.62
51.89.20.86
52.18.52.16
52.21.104.248
52.29.176.117
54.209.16.83
64.202.112.31
64.202.112.95
69.173.144.165
76.223.111.131
76.223.111.18
8.2.110.134
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
2418adbe810655a8057d501d39cb12793e75379c312c501861af871cd2b5db80
29eab572f3ffe2a02f1d798fb408bed5cbf4dadd8fb7c12d4ee5a2b6df902da9
3685d2ef4b478f82182acf2105d1889612212875d02e42d6589488c5df6b0b1e
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
8939822843b3bdb5994814c30b410e9a8388e2e07db6bffaeb72e349b42e0f48
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
9af334f6788d9a1de5f26466b14e1f4506e0315793e0a6271e8a6ea3444c1a0e
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b8ac125bb580f9c815bc8655f9c9fed1410024fa746b5d09616419365c28ad43
bff7441d5df4021035c2d3fe42fa2c51a4ec01473d26a3e986324784d790fc49
ccdcf6cb466e38686f94537f5a8d6abf91cbb28d6770c8f84a438556d4498a43
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

s.0cf.io Open in urlscan Pro 2602:808:3:1:1:: Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

57 Requests

95 %HTTPS

12 %IPv6

41 Domains

51 Subdomains

24 IPs

9 Countries

105 kBTransfer

266 kBSize

0 Cookies

0 Outgoing links

Redirected requests

57 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

s.0cf.io Open in urlscan Pro
2602:808:3:1:1:: Public Scan

Screenshot
Live screenshot

Full Image

57
Requests

95 %
HTTPS

12 %
IPv6

41
Domains

51
Subdomains

24
IPs

9
Countries

105 kB
Transfer

266 kB
Size

0
Cookies

57 HTTP transactions
0 data transactions