gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org Open in urlscan Pro
104.243.38.18 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/
Submission: On June 06 via api (June 6th 2025, 3:02:22 am UTC) from US — Scanned from DE

Summary HTTP 272 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 92 IPs in 7 countries across 93 domains to perform 272 HTTP transactions. The main IP is 104.243.38.18, located in Piscataway, United States and belongs to RELIABLESITE, US. The main domain is gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org.
TLS certificate: Issued by E5 on June 5th 2025. Valid for: 3 months.

This is the only time gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 36	104.243.38.18 104.243.38.18	23470 (RELIABLESITE) (RELIABLESITE)
4	2a00:1450:400... 2a00:1450:400d:80c::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:10c9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:1962	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400d:808::200e	15169 (GOOGLE) (GOOGLE)
4	104.237.132.182 104.237.132.182	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
1	2606:4700:303... 2606:4700:3034::6815:86c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2606:4700:303... 2606:4700:3031::ac43:80bd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6812:1f31	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:400d:805::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:400d:80d::2008	15169 (GOOGLE) (GOOGLE)
4	2606:4700:303... 2606:4700:3033::6815:5adc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	152.42.150.143 152.42.150.143	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3	2606:4700:10:... 2606:4700:10::6816:4bd8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 4	2a02:2638:d::d 2a02:2638:d::d	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE Criteo Technology SAS)
2	2606:4700:10:... 2606:4700:10::6816:ac7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:aee2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	141.95.33.120 141.95.33.120	16276 (OVH OVH SAS) (OVH OVH SAS)
3	2606:4700:20:... 2606:4700:20::ac43:4bf1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	159.65.211.77 159.65.211.77	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
13	34.1.1.166 34.1.1.166	15169 (GOOGLE) (GOOGLE)
1	52.222.236.91 52.222.236.91	16509 (AMAZON-02) (AMAZON-02)
6	18.201.5.241 18.201.5.241	16509 (AMAZON-02) (AMAZON-02)
1	146.190.187.150 146.190.187.150	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2602:803:c003... 2602:803:c003:200::21	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2607:f350:3:2... 2607:f350:3:2569:0:10:0:200a	27630 (AS-XFERNET) (AS-XFERNET)
10	143.244.197.139 143.244.197.139	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	34.120.63.153 34.120.63.153	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	52.223.6.21 52.223.6.21	16509 (AMAZON-02) (AMAZON-02)
4	51.38.120.206 51.38.120.206	16276 (OVH OVH SAS) (OVH OVH SAS)
1	2a02:2638:3::39 2a02:2638:3::39	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE Criteo Technology SAS)
1	35.186.253.211 35.186.253.211	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	217.182.178.224 217.182.178.224	16276 (OVH OVH SAS) (OVH OVH SAS)
4	37.252.171.53 37.252.171.53	29990 (ASN-APPNEX) (ASN-APPNEX)
1	34.36.200.111 34.36.200.111	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2606:4700:10:... 2606:4700:10::6816:541	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.217.18.6 172.217.18.6	15169 (GOOGLE) (GOOGLE)
1	57.129.85.132 57.129.85.132	16276 (OVH OVH SAS) (OVH OVH SAS)
1	2606:4700::68... 2606:4700::6810:afe2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	130.211.23.194 130.211.23.194	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2606:4700::68... 2606:4700::6810:5049	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
2	2a02:2638:3::28 2a02:2638:3::28	() ()
1	178.250.1.11 178.250.1.11	() ()
1	147.182.222.40 147.182.222.40	() ()
14	184.30.22.30 184.30.22.30	() ()
1	23.32.238.112 23.32.238.112	() ()
1	54.230.228.68 54.230.228.68	() ()
3	35.244.159.8 35.244.159.8	() ()
4	35.71.131.137 35.71.131.137	() ()
3 3	185.184.8.90 185.184.8.90	() ()
2 6	35.214.136.108 35.214.136.108	() ()
7 8	46.228.174.117 46.228.174.117	() ()
1	162.55.236.224 162.55.236.224	() ()
1	18.244.18.85 18.244.18.85	() ()
2	103.231.98.106 103.231.98.106	() ()
2	18.195.234.25 18.195.234.25	() ()
2 4	64.74.236.159 64.74.236.159	() ()
1	76.223.111.18 76.223.111.18	() ()
1 1	95.100.146.58 95.100.146.58	() ()
2 2	44.220.122.200 44.220.122.200	() ()
6	54.76.253.58 54.76.253.58	() ()
1	204.62.12.186 204.62.12.186	() ()
1 1	54.85.8.8 54.85.8.8	() ()
2 2	80.77.84.96 80.77.84.96	() ()
2	64.38.119.44 64.38.119.44	() ()
3 3	163.5.194.32 163.5.194.32	() ()
2	35.244.174.68 35.244.174.68	() ()
3 8	104.18.26.193 104.18.26.193	() ()
1	54.170.123.81 54.170.123.81	() ()
5 5	23.212.211.47 23.212.211.47	() ()
3	67.202.105.21 67.202.105.21	() ()
2	103.67.200.72 103.67.200.72	() ()
2	52.71.16.161 52.71.16.161	() ()
1	2a02:26f0:710... 2a02:26f0:7100::213:c669	() ()
1	188.40.16.220 188.40.16.220	() ()
1 4	5.196.111.69 5.196.111.69	() ()
1	67.202.105.23 67.202.105.23	() ()
2	184.30.17.43 184.30.17.43	() ()
2 2	54.154.115.68 54.154.115.68	() ()
2 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	() ()
2 2	193.0.160.130 193.0.160.130	() ()
1	2607:f350:3:2... 2607:f350:3:2569:0:10:0:200d	() ()
1	34.224.66.164 34.224.66.164	() ()
1 1	184.30.24.22 184.30.24.22	() ()
2 2	45.55.125.114 45.55.125.114	() ()
7	69.173.144.138 69.173.144.138	() ()
2 2	35.206.140.87 35.206.140.87	() ()
7	34.247.233.198 34.247.233.198	() ()
1	2a05:d018:d29... 2a05:d018:d29:3602:6b69:5262:77c9:d976	() ()
1 1	3.224.137.85 3.224.137.85	() ()
1	169.197.150.8 169.197.150.8	() ()
1 1	50.31.142.127 50.31.142.127	() ()
1 1	208.93.169.131 208.93.169.131	() ()
2 2	37.157.6.230 37.157.6.230	() ()
1 4	216.58.206.66 216.58.206.66	() ()
1 1	124.146.153.162 124.146.153.162	() ()
1	198.47.127.19 198.47.127.19	() ()
1 2	98.82.158.241 98.82.158.241	() ()
1	44.210.49.252 44.210.49.252	() ()
1 1	35.208.249.213 35.208.249.213	() ()
1 1	35.186.193.173 35.186.193.173	() ()
1 1	172.105.213.147 172.105.213.147	() ()
1 1	172.240.45.96 172.240.45.96	() ()
1 2	89.149.192.200 89.149.192.200	() ()
1 1	2600:1f18:765... 2600:1f18:765:4800:4c61:7155:4e03:8f9f	() ()
1	34.36.216.150 34.36.216.150	() ()
272	92

36 104.243.38.18 (Piscataway, United States) 1 redirects

ASN23470 (RELIABLESITE, US)

gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

4 2a00:1450:400d:80c::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2606:4700::6812:10c9 (None, )

ASN13335 (CLOUDFLARENET, US)

acscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2a06:98c1:3120::3 (None, )

ASN13335 (CLOUDFLARENET, US)

partner.senty.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2606:4700::6812:1962 (None, )

ASN13335 (CLOUDFLARENET, US)

youradexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

4 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

4 2a00:1450:400d:808::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

4 104.237.132.182 (Richardson, United States)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: 104-237-132-182.ip.linodeusercontent.com

stats.senty.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2606:4700:3034::6815:86c (None, )

ASN13335 (CLOUDFLARENET, US)

pubtrky.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

7 2606:4700:3031::ac43:80bd (None, )

ASN13335 (CLOUDFLARENET, US)

fontgenerator.cc	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

t2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 2606:4700::6811:190e (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 2606:4700::6812:1f31 (None, )

ASN13335 (CLOUDFLARENET, US)

stpd.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 2a00:1450:400d:805::2002 (Ireland)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

6 2a00:1450:400d:80d::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

4 2606:4700:3033::6815:5adc (None, )

ASN13335 (CLOUDFLARENET, US)

app.tinyadz.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 152.42.150.143 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

cdn4.buysellads.net	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 2606:4700:10::6816:4bd8 (None, )

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

4 2a02:2638:d::d (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 2606:4700:10::6816:ac7 (None, )

ASN13335 (CLOUDFLARENET, US)

ex.ingage.tech	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2606:4700::6810:aee2 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 141.95.33.120 (Germany)

ASN16276 (OVH OVH SAS, FR)
PTR: ns3203256.ip-141-95-33.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 2606:4700:20::ac43:4bf1 (None, )

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 159.65.211.77 (Slough, United Kingdom)

ASN14061 (DIGITALOCEAN-ASN, US)

srv.buysellads.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

13 34.1.1.166 (Paris, France)

ASN15169 (GOOGLE, US)
PTR: 166.1.1.34.bc.googleusercontent.com

hb-api.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools
visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools
visitor.europe-west9.gcp.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 52.222.236.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-91.fra56.r.cloudfront.net

hb.yellowblue.io	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

6 18.201.5.241 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-201-5-241.eu-west-1.compute.amazonaws.com

g2.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools
rtb.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 146.190.187.150 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

exchange.cootlogix.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2602:803:c003:200::21 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2607:f350:3:2569:0:10:0:200a (United States)

ASN27630 (AS-XFERNET, US)

apex.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

10 143.244.197.139 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

ads.servenobid.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 52.223.6.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: a8c33d2b6751b365d.awsglobalaccelerator.com

direct.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

4 51.38.120.206 (Hessen, Germany)

ASN16276 (OVH OVH SAS, FR)
PTR: ip206.ip-51-38-120.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2a02:2638:3::39 (France)

ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 35.186.253.211 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 217.182.178.224 (France)

ASN16276 (OVH OVH SAS, FR)
PTR: ip224.ip-217-182-178.eu

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

4 37.252.171.53 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 34.36.200.111 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 111.200.36.34.bc.googleusercontent.com

ag.dns-finder.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 2606:4700:10::6816:541 (None, )

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 172.217.18.6 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 57.129.85.132 (Frankfurt am Main, Germany)

ASN16276 (OVH OVH SAS, FR)
PTR: ns3249663.ip-57-129-85.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2606:4700::6810:afe2 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 130.211.23.194 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2606:4700::6810:5049 (None, )

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ep1.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

44a2a511f66f192a5aa6fa455f77babc.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ep2.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 2a02:2638:3::28 (None, )

ASN- ()

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 178.250.1.11 (None, )

ASN- ()

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 147.182.222.40 (None, )

ASN- ()

sync.cootlogix.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

14 184.30.22.30 (None, )

ASN- ()

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 23.32.238.112 (None, )

ASN- ()

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 54.230.228.68 (None, )

ASN- ()

public.servenobid.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 35.244.159.8 (None, )

ASN- ()

buysellads-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

4 35.71.131.137 (None, )

ASN- ()

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 185.184.8.90 (None, ) 3 redirects

ASN- ()

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

6 35.214.136.108 (None, ) 2 redirects

ASN- ()

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

8 46.228.174.117 (None, ) 7 redirects

ASN- ()

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 162.55.236.224 (None, )

ASN- ()

sync.richaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 18.244.18.85 (None, )

ASN- ()

api-ssp.spot.im	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 103.231.98.106 (None, )

ASN- ()

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 18.195.234.25 (None, )

ASN- ()

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

4 64.74.236.159 (None, ) 2 redirects

ASN- ()

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 76.223.111.18 (None, )

ASN- ()

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 95.100.146.58 (None, ) 1 redirects

ASN- ()

hb.trustedstack.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 44.220.122.200 (None, ) 2 redirects

ASN- ()

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

6 54.76.253.58 (None, )

ASN- ()

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 204.62.12.186 (None, )

ASN- ()

sync.contextualadv.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 54.85.8.8 (None, ) 1 redirects

ASN- ()

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 80.77.84.96 (None, ) 2 redirects

ASN- ()

csync.copper6.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 64.38.119.44 (None, )

ASN- ()

bttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 163.5.194.32 (None, ) 3 redirects

ASN- ()

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 35.244.174.68 (None, )

ASN- ()

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools
idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

8 104.18.26.193 (None, ) 3 redirects

ASN- ()

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 54.170.123.81 (None, )

ASN- ()

ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

5 23.212.211.47 (None, ) 5 redirects

ASN- ()

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 67.202.105.21 (None, )

ASN- ()

ssc-cms.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 103.67.200.72 (None, )

ASN- ()

sync.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 52.71.16.161 (None, )

ASN- ()

cs-server-s2s.yellowblue.io	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2a02:26f0:7100::213:c669 (None, )

ASN- ()

player.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 188.40.16.220 (None, )

ASN- ()

ittpx.eskimi.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

4 5.196.111.69 (None, ) 1 redirects

ASN- ()

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 67.202.105.23 (None, )

ASN- ()

pixel.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 184.30.17.43 (None, )

ASN- ()

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 54.154.115.68 (None, ) 2 redirects

ASN- ()

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 2001:678:cb4:bbbb::11 (None, ) 2 redirects

ASN- ()

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 193.0.160.130 (None, ) 2 redirects

ASN- ()

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2607:f350:3:2569:0:10:0:200d (None, )

ASN- ()

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 34.224.66.164 (None, )

ASN- ()

ssp.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 184.30.24.22 (None, ) 1 redirects

ASN- ()

hbx.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 45.55.125.114 (None, ) 2 redirects

ASN- ()

ads.servedxk.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

7 69.173.144.138 (None, )

ASN- ()

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 35.206.140.87 (None, ) 2 redirects

ASN- ()

pool.admedo.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

7 34.247.233.198 (None, )

ASN- ()

usersync.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2a05:d018:d29:3602:6b69:5262:77c9:d976 (None, )

ASN- ()

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 3.224.137.85 (None, ) 1 redirects

ASN- ()

sync.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 169.197.150.8 (None, )

ASN- ()

match.deepintent.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 50.31.142.127 (None, ) 1 redirects

ASN- ()

b1sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 208.93.169.131 (None, ) 1 redirects

ASN- ()

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 37.157.6.230 (None, ) 2 redirects

ASN- ()

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

4 216.58.206.66 (None, ) 1 redirects

ASN- ()

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 124.146.153.162 (None, ) 1 redirects

ASN- ()

tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 198.47.127.19 (None, )

ASN- ()

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 98.82.158.241 (None, ) 1 redirects

ASN- ()

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 44.210.49.252 (None, )

ASN- ()

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 35.208.249.213 (None, ) 1 redirects

ASN- ()

trace.mediago.io	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 35.186.193.173 (None, ) 1 redirects

ASN- ()

cm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 172.105.213.147 (None, ) 1 redirects

ASN- ()

s.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 172.240.45.96 (None, ) 1 redirects

ASN- ()

sync.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 89.149.192.200 (None, ) 1 redirects

ASN- ()

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2600:1f18:765:4800:4c61:7155:4e03:8f9f (None, ) 1 redirects

ASN- ()

pxl.iqm.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 34.36.216.150 (None, )

ASN- ()

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

	Apex Domain Subdomains	Transfer
36	duckdns.org 1 redirects gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org	489 KB
27	rubiconproject.com 5 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 585 eus.rubiconproject.com secure-assets.rubiconproject.com token.rubiconproject.com	18 KB
13	gumgum.com g2.gumgum.com — Cisco Umbrella Rank: 1521 usersync.gumgum.com rtb.gumgum.com	4 KB
13	omnitagjs.com hb-api.omnitagjs.com — Cisco Umbrella Rank: 5103 visitor.omnitagjs.com visitor.europe-west9.gcp.omnitagjs.com	7 KB
11	servenobid.com ads.servenobid.com — Cisco Umbrella Rank: 3221 public.servenobid.com	8 KB
8	casalemedia.com 3 redirects ssum-sec.casalemedia.com dsum-sec.casalemedia.com	5 KB
8	lijit.com 2 redirects ap.lijit.com ce.lijit.com	2 KB
8	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 258 ad.doubleclick.net — Cisco Umbrella Rank: 167 cm.g.doubleclick.net	227 KB
7	smartadserver.com 2 redirects prg.smartadserver.com — Cisco Umbrella Rank: 1754 ssbsync.smartadserver.com rtb-csync.smartadserver.com	2 KB
7	fontgenerator.cc fontgenerator.cc — Cisco Umbrella Rank: 338819	41 KB
6	1rx.io 6 redirects sync.1rx.io	3 KB
6	bidswitch.net 2 redirects x.bidswitch.net	1 KB
6	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 478 bidder.criteo.com — Cisco Umbrella Rank: 1394 mug.criteo.com	9 KB
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 59	133 KB
5	pubmatic.com image8.pubmatic.com ads.pubmatic.com image6.pubmatic.com	14 KB
5	adtrafficquality.google ep1.adtrafficquality.google — Cisco Umbrella Rank: 392 ep2.adtrafficquality.google — Cisco Umbrella Rank: 401	25 KB
5	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 300 acdn.adnxs.com secure.adnxs.com Failed	19 KB
5	adsrvr.org direct.adsrvr.org — Cisco Umbrella Rank: 1227 match.adsrvr.org	1013 B
5	btloader.com btloader.com — Cisco Umbrella Rank: 939 api.btloader.com — Cisco Umbrella Rank: 1138	27 KB
5	gstatic.com fonts.gstatic.com t2.gstatic.com	35 KB
5	senty.com.au partner.senty.com.au — Cisco Umbrella Rank: 281117 stats.senty.com.au — Cisco Umbrella Rank: 132511	7 KB
4	33across.com ssc-cms.33across.com pixel.33across.com
4	zemanta.com 2 redirects b1sync.zemanta.com	2 KB
4	openx.net rtb.openx.net — Cisco Umbrella Rank: 626 buysellads-d.openx.net u.openx.net us-u.openx.net	921 B
4	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 800	413 B
4	tinyadz.com app.tinyadz.com — Cisco Umbrella Rank: 197722	8 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 73	20 B
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 57	6 KB
3	a-mo.net 3 redirects prebid.a-mo.net	339 B
3	creativecdn.com 3 redirects creativecdn.com	1 KB
3	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 124 44a2a511f66f192a5aa6fa455f77babc.safeframe.googlesyndication.com	24 KB
3	yellowblue.io hb.yellowblue.io — Cisco Umbrella Rank: 1825 cs-server-s2s.yellowblue.io	1 KB
3	4dex.io script.4dex.io — Cisco Umbrella Rank: 3802	22 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 240	95 KB
2	amazon-adsystem.com 1 redirects s.amazon-adsystem.com	2 KB
2	adform.net 2 redirects c1.adform.net	1 KB
2	admedo.com 2 redirects pool.admedo.com	750 B
2	servedxk.com 2 redirects ads.servedxk.com	949 B
2	rfihub.com 2 redirects p.rfihub.com	1 KB
2	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com	851 B
2	turn.com 2 redirects ad.turn.com	868 B
2	aniview.com 1 redirects player.aniview.com sync.aniview.com	3 KB
2	adkernel.com sync.adkernel.com	268 B
2	rlcdn.com id.rlcdn.com idsync.rlcdn.com	196 B
2	bttrack.com bttrack.com	243 B
2	copper6.com 2 redirects csync.copper6.com	1 KB
2	stackadapt.com 2 redirects sync.srv.stackadapt.com	3 KB
2	sharethrough.com match.sharethrough.com	115 B
2	criteo.net static.criteo.net	31 KB
2	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 1122	653 B
2	media.net 1 redirects prebid.media.net — Cisco Umbrella Rank: 1051 hbx.media.net	1 KB
2	sonobi.com apex.go.sonobi.com — Cisco Umbrella Rank: 4012 sync.go.sonobi.com	2 KB
2	cootlogix.com exchange.cootlogix.com — Cisco Umbrella Rank: 5002 sync.cootlogix.com	861 B
2	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 546	1 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 325	116 KB
2	ingage.tech ex.ingage.tech — Cisco Umbrella Rank: 3983	467 B
2	stpd.cloud stpd.cloud — Cisco Umbrella Rank: 45376	120 KB
1	sitescout.com pixel-sync.sitescout.com
1	iqm.com 1 redirects pxl.iqm.com	794 B
1	appier.net 1 redirects s.c.appier.net	561 B
1	ctnsnet.com 1 redirects cm.ctnsnet.com	430 B
1	mediago.io 1 redirects trace.mediago.io	391 B
1	liadm.com i.liadm.com	208 B
1	socdm.com 1 redirects tg.socdm.com	690 B
1	contextweb.com 1 redirects bh.contextweb.com	868 B
1	outbrain.com 1 redirects b1sync.outbrain.com	759 B
1	deepintent.com match.deepintent.com	44 B
1	ipredictive.com 1 redirects sync.ipredictive.com	465 B
1	yahoo.com pr-bh.ybp.yahoo.com	343 B
1	disqus.com ssp.disqus.com	41 B
1	eskimi.com ittpx.eskimi.com	160 B
1	yieldmo.com ads.yieldmo.com	42 B
1	postrelease.com 1 redirects jadserve.postrelease.com	472 B
1	contextualadv.com sync.contextualadv.com	236 B
1	trustedstack.com 1 redirects hb.trustedstack.com	499 B
1	3lift.com eb2.3lift.com	140 B
1	spot.im api-ssp.spot.im	192 B
1	richaudience.com sync.richaudience.com	129 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 450	7 KB
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1032	299 B
1	dns-finder.com ag.dns-finder.com — Cisco Umbrella Rank: 1201	233 B
1	buysellads.com srv.buysellads.com — Cisco Umbrella Rank: 29043	114 B
1	buysellads.net cdn4.buysellads.net — Cisco Umbrella Rank: 33598	186 KB
1	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 3	18 B
1	pubtrky.com pubtrky.com — Cisco Umbrella Rank: 21097	623 B
1	youradexchange.com youradexchange.com — Cisco Umbrella Rank: 23261
1	acscdn.com acscdn.com — Cisco Umbrella Rank: 29489	44 KB
0	audienceexposure.com Failed audienceexposure.com Failed
0	aidemsrv.com Failed gum.aidemsrv.com Failed
0	screencore.io Failed sync.screencore.io Failed
0	smxconv.com Failed usync.smxconv.com Failed
0	bid.com Failed rtb.bid.com Failed
0	loopme.me Failed csync.loopme.me Failed
272	93

	Domain	Requested by
36	gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org	1 redirects gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
14	eus.rubiconproject.com	cdn4.buysellads.net eus.rubiconproject.com visitor.omnitagjs.com public.servenobid.com g2.gumgum.com player.aniview.com
10	ads.servenobid.com	cdn4.buysellads.net public.servenobid.com g2.gumgum.com ssum-sec.casalemedia.com ssbsync.smartadserver.com
8	visitor.omnitagjs.com	cdn4.buysellads.net visitor.omnitagjs.com
7	usersync.gumgum.com	g2.gumgum.com
7	token.rubiconproject.com	eus.rubiconproject.com
7	fontgenerator.cc	partner.senty.com.au fontgenerator.cc
6	ap.lijit.com	visitor.omnitagjs.com public.servenobid.com player.aniview.com
6	sync.1rx.io	6 redirects
6	x.bidswitch.net	2 redirects visitor.omnitagjs.com g2.gumgum.com player.aniview.com
6	www.googletagmanager.com	fontgenerator.cc gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
5	dsum-sec.casalemedia.com	1 redirects ssum-sec.casalemedia.com
5	secure-assets.rubiconproject.com	5 redirects
5	g2.gumgum.com	cdn4.buysellads.net public.servenobid.com
4	cm.g.doubleclick.net	1 redirects g2.gumgum.com ssum-sec.casalemedia.com ssbsync.smartadserver.com
4	ssbsync.smartadserver.com	1 redirects visitor.omnitagjs.com public.servenobid.com
4	visitor.europe-west9.gcp.omnitagjs.com	visitor.omnitagjs.com player.aniview.com
4	b1sync.zemanta.com	2 redirects visitor.omnitagjs.com ssbsync.smartadserver.com
4	match.adsrvr.org	visitor.omnitagjs.com g2.gumgum.com ssum-sec.casalemedia.com
4	onetag-sys.com	cdn4.buysellads.net visitor.omnitagjs.com public.servenobid.com
4	gum.criteo.com	1 redirects stpd.cloud static.criteo.net
4	app.tinyadz.com	fontgenerator.cc app.tinyadz.com
4	stats.senty.com.au	partner.senty.com.au stats.senty.com.au fontgenerator.cc
4	www.google-analytics.com	gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org cdn.jsdelivr.net
4	fonts.gstatic.com	fonts.googleapis.com
4	fonts.googleapis.com	gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org fontgenerator.cc
3	ssc-cms.33across.com	visitor.omnitagjs.com
3	ssum-sec.casalemedia.com	2 redirects public.servenobid.com
3	prebid.a-mo.net	3 redirects
3	creativecdn.com	3 redirects
3	ep2.adtrafficquality.google	securepubads.g.doubleclick.net ep2.adtrafficquality.google
3	ib.adnxs.com	cdn4.buysellads.net acdn.adnxs.com public.servenobid.com
3	script.4dex.io	stpd.cloud script.4dex.io
3	btloader.com	cdn4.buysellads.net btloader.com static.cloudflareinsights.com
3	securepubads.g.doubleclick.net	fontgenerator.cc securepubads.g.doubleclick.net
3	cdnjs.cloudflare.com	fontgenerator.cc
2	rtb-csync.smartadserver.com	1 redirects ssbsync.smartadserver.com
2	s.amazon-adsystem.com	1 redirects ssum-sec.casalemedia.com
2	c1.adform.net	2 redirects
2	pool.admedo.com	2 redirects
2	ads.servedxk.com	2 redirects
2	p.rfihub.com	2 redirects
2	sync.targeting.unrulymedia.com	1 redirects ssbsync.smartadserver.com
2	ad.turn.com	2 redirects
2	ce.lijit.com	2 redirects
2	ads.pubmatic.com	public.servenobid.com g2.gumgum.com
2	cs-server-s2s.yellowblue.io	visitor.omnitagjs.com public.servenobid.com
2	sync.adkernel.com	visitor.omnitagjs.com
2	bttrack.com	visitor.omnitagjs.com player.aniview.com
2	csync.copper6.com	2 redirects
2	sync.srv.stackadapt.com	2 redirects
2	match.sharethrough.com	visitor.omnitagjs.com public.servenobid.com
2	image8.pubmatic.com	visitor.omnitagjs.com
2	static.criteo.net	cdn4.buysellads.net static.criteo.net
2	pagead2.googlesyndication.com	securepubads.g.doubleclick.net ep2.adtrafficquality.google
2	ep1.adtrafficquality.google	securepubads.g.doubleclick.net
2	api.btloader.com	btloader.com
2	ad-delivery.net	fontgenerator.cc
2	id5-sync.com	stpd.cloud
2	cdn.jsdelivr.net	stpd.cloud gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
2	ex.ingage.tech	cdn4.buysellads.net
2	stpd.cloud	fontgenerator.cc
1	pixel-sync.sitescout.com	player.aniview.com
1	pxl.iqm.com	1 redirects
1	sync.aniview.com	1 redirects
1	s.c.appier.net	1 redirects
1	cm.ctnsnet.com	1 redirects
1	trace.mediago.io	1 redirects
1	i.liadm.com	ssum-sec.casalemedia.com
1	image6.pubmatic.com	ads.pubmatic.com
1	tg.socdm.com	1 redirects
1	rtb.gumgum.com	g2.gumgum.com
1	bh.contextweb.com	1 redirects
1	b1sync.outbrain.com	1 redirects
1	match.deepintent.com	g2.gumgum.com
1	sync.ipredictive.com	1 redirects
1	pr-bh.ybp.yahoo.com	g2.gumgum.com
1	us-u.openx.net	g2.gumgum.com
1	idsync.rlcdn.com	public.servenobid.com
1	hbx.media.net	1 redirects
1	ssp.disqus.com	public.servenobid.com
1	sync.go.sonobi.com	public.servenobid.com
1	pixel.33across.com	public.servenobid.com
1	ittpx.eskimi.com	visitor.omnitagjs.com
1	player.aniview.com	visitor.omnitagjs.com
1	ads.yieldmo.com	visitor.omnitagjs.com
1	id.rlcdn.com	visitor.omnitagjs.com
1	jadserve.postrelease.com	1 redirects
1	sync.contextualadv.com	visitor.omnitagjs.com
1	u.openx.net	visitor.omnitagjs.com
1	hb.trustedstack.com	1 redirects
1	eb2.3lift.com	visitor.omnitagjs.com
1	api-ssp.spot.im	visitor.omnitagjs.com
1	sync.richaudience.com	visitor.omnitagjs.com
1	secure.adnxs.com	visitor.omnitagjs.com g2.gumgum.com player.aniview.com
1	buysellads-d.openx.net	cdn4.buysellads.net
1	public.servenobid.com	cdn4.buysellads.net
1	acdn.adnxs.com	cdn4.buysellads.net
1	sync.cootlogix.com	cdn4.buysellads.net
1	mug.criteo.com
1	44a2a511f66f192a5aa6fa455f77babc.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	static.cloudflareinsights.com	btloader.com
1	lb.eu-1-id5-sync.com	stpd.cloud
1	ad.doubleclick.net	fontgenerator.cc
1	ag.dns-finder.com	btloader.com
1	prg.smartadserver.com	cdn4.buysellads.net
1	rtb.openx.net	cdn4.buysellads.net
1	bidder.criteo.com	cdn4.buysellads.net
1	direct.adsrvr.org	cdn4.buysellads.net
1	prebid.media.net	cdn4.buysellads.net
1	apex.go.sonobi.com	cdn4.buysellads.net
1	fastlane.rubiconproject.com	cdn4.buysellads.net
1	exchange.cootlogix.com	cdn4.buysellads.net
1	hb.yellowblue.io	cdn4.buysellads.net
1	hb-api.omnitagjs.com	cdn4.buysellads.net
1	srv.buysellads.com	cdn4.buysellads.net
1	cdn4.buysellads.net	fontgenerator.cc
1	t2.gstatic.com	gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
1	www.google.com	1 redirects
1	pubtrky.com	acscdn.com
1	youradexchange.com	acscdn.com
1	partner.senty.com.au	gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
1	acscdn.com	gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
0	audienceexposure.com Failed	visitor.omnitagjs.com
0	gum.aidemsrv.com Failed	visitor.omnitagjs.com
0	sync.screencore.io Failed	visitor.omnitagjs.com
0	usync.smxconv.com Failed	visitor.omnitagjs.com
0	rtb.bid.com Failed	visitor.omnitagjs.com
0	csync.loopme.me Failed	visitor.omnitagjs.com
272	129

This site contains links to these domains. Also see Links.

Domain
youradexchange.com

Subject Issuer	Validity	Valid
E5	`2025-06-05` - `2025-09-03`	3 months	crt.sh
upload.video.google.com WR2	`2025-05-12` - `2025-08-04`	3 months	crt.sh
acscdn.com WE1	`2025-05-13` - `2025-08-11`	3 months	crt.sh
partner.senty.com.au WE1	`2025-04-17` - `2025-07-16`	3 months	crt.sh
youradexchange.com WE1	`2025-06-01` - `2025-08-30`	3 months	crt.sh
*.gstatic.com WE2	`2025-05-12` - `2025-08-04`	3 months	crt.sh
*.google-analytics.com WR2	`2025-05-12` - `2025-08-04`	3 months	crt.sh
stats.senty.com.au E6	`2025-05-15` - `2025-08-13`	3 months	crt.sh
pubtrky.com WE1	`2025-05-05` - `2025-08-03`	3 months	crt.sh
fontgenerator.cc WE1	`2025-04-14` - `2025-07-13`	3 months	crt.sh
cdnjs.cloudflare.com WE1	`2025-05-22` - `2025-08-20`	3 months	crt.sh
stpd.cloud WE1	`2025-04-30` - `2025-07-29`	3 months	crt.sh
*.g.doubleclick.net WR2	`2025-05-12` - `2025-08-04`	3 months	crt.sh
tinyadz.com WE1	`2025-05-08` - `2025-08-07`	3 months	crt.sh
*.cdn4.buysellads.net E5	`2025-05-14` - `2025-08-12`	3 months	crt.sh
btloader.com WE1	`2025-06-01` - `2025-08-30`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2025-04-18` - `2025-07-17`	3 months	crt.sh
*.ingage.tech Sectigo RSA Organization Validation Secure Server CA	`2024-08-01` - `2025-08-11`	a year	crt.sh
*.jsdelivr.net Sectigo RSA Domain Validation Secure Server CA	`2025-04-25` - `2026-05-04`	a year	crt.sh
id5-sync.com E6	`2025-05-01` - `2025-07-30`	3 months	crt.sh
script.4dex.io WE1	`2025-05-16` - `2025-08-14`	3 months	crt.sh
*.buysellads.com E5	`2025-05-14` - `2025-08-12`	3 months	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2024-07-02` - `2025-08-01`	a year	crt.sh
*.yellowblue.io Amazon RSA 2048 M02	`2025-02-16` - `2026-03-17`	a year	crt.sh
ie-ad-exch-prd-two-eks.prd.eks.ie.adexchange.gumgum.com Amazon RSA 2048 M04	`2025-06-03` - `2026-07-02`	a year	crt.sh
*.cootlogix.com Starfield Secure Certificate Authority - G2	`2024-10-13` - `2025-10-13`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2025-03-04` - `2026-04-03`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2024-12-06` - `2026-01-07`	a year	crt.sh
ads.servenobid.com R11	`2025-05-27` - `2025-08-25`	3 months	crt.sh
prebid.media.net WR3	`2025-05-22` - `2025-08-21`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2025-03-19` - `2026-04-02`	a year	crt.sh
*.onetag-sys.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2025-01-21` - `2025-12-27`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2024-08-14` - `2025-08-18`	a year	crt.sh
*.smartadserver.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2025-01-09` - `2026-02-09`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2025-02-21` - `2026-03-23`	a year	crt.sh
dns-finder.com WR3	`2025-05-12` - `2025-08-10`	3 months	crt.sh
ad-delivery.net WE1	`2025-05-06` - `2025-08-04`	3 months	crt.sh
*.doubleclick.net WE2	`2025-05-12` - `2025-08-04`	3 months	crt.sh
eu-1-id5-sync.com R11	`2025-05-01` - `2025-07-30`	3 months	crt.sh
api.btloader.com WR3	`2025-05-27` - `2025-08-25`	3 months	crt.sh
cloudflareinsights.com WE1	`2025-04-27` - `2025-07-26`	3 months	crt.sh
adtrafficquality.google WE2	`2025-05-12` - `2025-08-04`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2025-04-11` - `2025-07-04`	3 months	crt.sh
cdn.adnxs.com R10	`2025-05-30` - `2025-08-28`	3 months	crt.sh
*.servenobid.com Amazon RSA 2048 M02	`2024-11-07` - `2025-12-06`	a year	crt.sh
*.bidswitch.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2025-04-06` - `2025-07-01`	3 months	crt.sh
*.richaudience.com RapidSSL TLS RSA CA G1	`2025-02-20` - `2026-02-25`	a year	crt.sh
*.spot.im Amazon RSA 2048 M03	`2025-03-10` - `2026-04-08`	a year	crt.sh
*.pubmatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2025-02-19` - `2026-03-22`	a year	crt.sh
*.sharethrough.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-07-15` - `2025-08-15`	a year	crt.sh
*.zemanta.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-09-02` - `2025-09-05`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M03	`2025-02-11` - `2026-03-12`	a year	crt.sh
*.lijit.com Amazon RSA 2048 M03	`2024-10-21` - `2025-11-20`	a year	crt.sh
clearnview.com Go Daddy Secure Certificate Authority - G2	`2025-01-15` - `2025-10-07`	9 months	crt.sh
*.bttrack.com Sectigo RSA Domain Validation Secure Server CA	`2025-03-06` - `2026-04-01`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2025-02-06` - `2026-03-05`	a year	crt.sh
*.ads.yieldmo.com E5	`2025-03-27` - `2025-06-25`	3 months	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2024-09-05` - `2025-09-30`	a year	crt.sh
*.adkernel.com GlobalSign GCC R6 AlphaSSL CA 2023	`2025-01-22` - `2026-02-23`	a year	crt.sh
*.aniview.com DigiCert TLS RSA SHA256 2020 CA1	`2024-08-17` - `2025-08-20`	a year	crt.sh
*.eskimi.com GeoTrust TLS RSA CA G1	`2025-02-18` - `2026-03-21`	a year	crt.sh
casalemedia.com E6	`2025-04-08` - `2025-07-07`	3 months	crt.sh
ssp.disqus.com Sectigo RSA Domain Validation Secure Server CA	`2025-03-31` - `2026-03-31`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2025-02-04` - `2025-07-30`	6 months	crt.sh
*.deepintent.com Go Daddy Secure Certificate Authority - G2	`2024-12-06` - `2026-01-07`	a year	crt.sh
*.ad-server.k8s.ie.ggops.com Amazon RSA 2048 M02	`2024-11-18` - `2025-12-18`	a year	crt.sh
*.liadm.com Amazon RSA 2048 M02	`2024-07-31` - `2025-08-29`	a year	crt.sh
*.sitescout.com GeoTrust TLS RSA CA G1	`2025-01-16` - `2026-02-01`	a year	crt.sh

This page contains 48 frames:

Primary Page: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/
Frame ID: EA5DAF2086B18868FFBDD8B2E23E8512
Requests: 40 HTTP requests in this frame

Frame: https://fontgenerator.cc/embed
Frame ID: 1932A9C9C98F8EAF0DEF64C9E395B12C
Requests: 66 HTTP requests in this frame

Frame: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/home/
Frame ID: F3797ECB591A797BFA072843320BA03D
Requests: 19 HTTP requests in this frame

Frame: https://btloader.com/trustedIframe.html?o=5102648370397184
Frame ID: A4F7503D9213DCA403D5E6BDAD9B6962
Requests: 4 HTTP requests in this frame

Frame: https://44a2a511f66f192a5aa6fa455f77babc.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html?n=1
Frame ID: F868F16D50759FFD844E0E638DFE28E0
Requests: 1 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html
Frame ID: 67BE917B21CA00A29AC2B4D1BC8416B0
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
Frame ID: E492C2D351629195BE6C733832786708
Requests: 2 HTTP requests in this frame

Frame: https://sync.cootlogix.com/api/sync/iframe/?cid=&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: A3E2BCD4F5956F31B4F34528E5AB9AFA
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 3C54A99F82C353C5BB5964209B403324
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: B3F353BFA41E98020F24010F37E29C8B
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1749178948035
Frame ID: 55628FE4B3C4143F0B9FF9BBA67E9767
Requests: 1 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: C66A16F7ACF152822C1EAE51D16EFA86
Requests: 13 HTTP requests in this frame

Frame: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Frame ID: 1013EAF64046196D807D346632FEAE74
Requests: 36 HTTP requests in this frame

Frame: https://buysellads-d.openx.net/w/1.0/pd
Frame ID: 967EDE66CEA0A7DCFDCC43AF4D9E2863
Requests: 1 HTTP requests in this frame

Frame: https://gum.aidemsrv.com/ortb_sync?gdpr={GDPR}&consent={GDPR_CONSENT}&us_privacy={US_PRIVACY}&redirect=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DAIDEM%26ttl%3D720%26uid%3Db2f604635d0b9abde52139fc8a8034be%26visitor%3D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
Frame ID: 0BBCC44CBC4DEFC28EF64280F78753C4
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=1&gdpr_consent=
Frame ID: 1434F1798D9FB60D8990B5B5BC5ACF91
Requests: 3 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
Frame ID: F26F5AFFCCAB3FD08DD2A41B99C02C92
Requests: 1 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=261976&r=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DADSOLUT%26ttl%3D720%26uid%3D1914a28ad9f7cf23695694b8008de71e%26visitor%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
Frame ID: 2B31D937570FC8327E03F2D330837764
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=1&gdpr_consent=
Frame ID: 57CBA119F5FF8F8BB1E2C1B5A1088A91
Requests: 3 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DRISE_CODES%26ttl%3D720%26uid%3D48b439bcf2930e6408d6e795f7f1cdd2%26visitor%3D%7BpartnerId%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
Frame ID: 78A7C873203D20BC8871BCC09938F365
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS_VIDEO%26ttl%3D720%26uid%3D0e36e8655c40248fb8d2e311b5db1153%26visitor%3D33XUSERID33X%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
Frame ID: 8490A9E129E1B951EFE36A3AC4739DA1
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DOW_33ACROSS%26ttl%3D720%26uid%3D25492590fe216b332ae998485e25beb4%26visitor%3D33XUSERID33X%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
Frame ID: BE2DFF2713C92994390DE9EA3D9C30D0
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adyoulike_2&endpoint=eu&gdpr=1&gdpr_consent=
Frame ID: 12CADF9275324E9801CEFC5AE248A1B6
Requests: 3 HTTP requests in this frame

Frame: https://audienceexposure.com/iframe?redirect=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DBRAVE_IO%26ttl%3D720%26uid%3D1dd849eac6b255853660ea3ed55cb2b4%26visitor%3D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
Frame ID: 0597B70DF5CD7A994FCEED66E15EA709
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&us_privacy=${US_PRIVACY}
Frame ID: 5580FE3237EEF14B2162299A3604B4B2
Requests: 1 HTTP requests in this frame

Frame: https://player.aniview.com/ssync/62f53b2c7850d0786f227f64/ssync.html?pid=62f53b2c7850d0786f227f64&r=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DANIVIEW%26ttl%3D720%26uid%3De8ecb87ff2ef3a3b16ba16c51e7986ac%26visitor%3D%5BAV_UID%5D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
Frame ID: AF33FA8AA901BA66D15B17BBD4DC7FC4
Requests: 6 HTTP requests in this frame

Frame: https://ittpx.eskimi.com/sync?sp_id=14&gdpr=1&gdpr_consent=
Frame ID: E8B45117B3F75FAD444CE3C1231DCAE1
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=1&gdpr_consent=
Frame ID: D7BE4A820E9101594C4C7CF61A19AFEC
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=1&gdpr_consent=
Frame ID: DB4D970FC6F60788D926491226451008
Requests: 1 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=260835&r=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DSTRONGMETRICS%26ttl%3D720%26uid%3D84e758200d24051d4c62795c5b9604bd%26visitor%3D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
Frame ID: 0C10A7447F61C1EE35A8383C73067E46
Requests: 1 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: 9D35DFAE30012BD22261974AD324457C
Requests: 12 HTTP requests in this frame

Frame: https://pixel.33across.com/ps?m=xch&rt=html&id=0010b00002Mq2FYAAZ&ru=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D304%26uid%3D33XUSERID33X
Frame ID: E849D278D1CA2C561EF8ABF86CF57C35
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: B825CE80FF3F28A827C39DB37937B346
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: 9EA11CFD9AA07E079C3983D0BE4041F4
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Frame ID: 1934B2504C20E7CE5BB8189802E4D690
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: E0EBF9AEF99A26C060EAF94AF18308FB
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Frame ID: 92F2E533733B4EFB34699F36DE89BBE9
Requests: 2 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Frame ID: 053D1458B8023A02A705B4A0E17F492A
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=adf&i=780600566577439202&gdpr=0&gdpr_consent=
Frame ID: 47F7E5C64859CC2A487A2E48A29899B7
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV81OTNlYmEwZC0wYWFkLTRhZTYtYWY4Mi0zOWUwZTYxYmIyMGI=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv&google_tc=
Frame ID: 6ED497C2717221576247075709338E6B
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: ACC69128C31C78AF5B9CCD5B97D8D6C9
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Frame ID: AD2A4995FD935E421C30C101FFC57EAB
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=aEJaScCo8JEAACgfoqkAAAAA
Frame ID: 4A33807762F3A4527AEB427AC874E6E0
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=ZpmPeFdqDORdT-5LCTVRM7qjU6OZtSsdm-5rFR8Q_Y8&pi=gumgum
Frame ID: 718AB1BDE556488A38429531C28CB68A
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 06605C5DC5C276D320821D926D60AB82
Requests: 3 HTTP requests in this frame

Frame: https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D%26biddername%3D55%26key%3D%24UID
Frame ID: 26ECC8DDAF3875FC29D73ACE6A14779C
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
Frame ID: 59EC37E7C04574BCFAF1D7FC712574F3
Requests: 3 HTTP requests in this frame

Frame: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=117&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D%26biddername%3D72%26pid%3D62f53b2c7850d0786f227f64%26key%3D%7BuserId%7D
Frame ID: 9C0E8BD968DB0EFF839D62EF7B106A7D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Shadow

Detected technologies

AppNexus (Advertising) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google AdSense (Advertising) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

272
Requests

82 %
HTTPS

31 %
IPv6

93
Domains

129
Subdomains

92
IPs

7
Countries

1742 kB
Transfer

6195 kB
Size

14
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://youradexchange.com/ad/visit.php?al=1

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32

https://www.google.com/s2/favicons/imgs/icons?domain=bnalk&sz=24 HTTP 301
https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://bnalk&size=24

Request Chain 35

https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/home HTTP 301
https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/home/

Request Chain 132

https://gum.criteo.com/sid/json?origin=publishertag&domain=fontgenerator.cc&sn=ChromeSyncframe&so=0&topUrl=gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org&topicsavail=1&fledgeavail=1 HTTP 302
https://mug.criteo.com/sid?cpp=STPFaHxIVTgwaEtjTFZrWnRId0NHaUZlSnk0TWh4TkdkS1hjUzN5RUZRSy80d3Q4d2VBQWFabUFOaGhlOGxDRVZkdmFONUh5UkdESzVCNCtYM05SV2RQVENpNllSSFVJSmpKNFp5cnBpTXFDYUFLam1KWXl0cUVYNmhSeVRIVEpyVEZlM2pBRzJpcGRrNzJRaHEzTzNMUlRxSkx0d0EvTmplVllHaW9hZ0g4N0x2TGhmTnJTeUc0SDUyZlIzK1RmL0tLZWtCQ3B3TXZxdGt6WVczdytMU3lYSTNYWFl0eHhJSlhkWTR0TjhFaGYzaXFFT084M0g1WFlVYUZyemllalRPVFNncTE5MjVwZDdKdWI0WEFiWk5YY1lLMUd5dnB1RTkyVmFWUmJZemM2aU9rSVJxRkRrVTlSNUlwQWVrbmo0ditmL0VIUk96UU5aSHUrK05tVXU5bHJHNVVveldNMWpVaHdwdFR5NmpJNy9vckU9fA&cppv=2

Request Chain 144

https://creativecdn.com/cm-notify?pi=adyoulike&gdpr=1&gdpr_consent= HTTP 302
https://creativecdn.com/cm-notify?pi=adyoulike&gdpr=1&gdpr_consent=&tc=1 HTTP 302
https://visitor.omnitagjs.com/visitor/sync?uid=094e13e3a08b6f25e4d4f7b1fba0b26b&visitor=ZpmPeFdqDORdT-5LCTVRM7qjU6OZtSsdm-5rFR8Q_Y8&name=RTB_HOUSE&pi=adyoulike&gdpr=1&gdpr_consent=&tc=1

Request Chain 146

https://sync.1rx.io/usersync2/rmpssp?sub=adyoulike&gdpr=1&gdpr_consent= HTTP 302
https://visitor.omnitagjs.com/visitor/sync?name=NEXXEN&ttl=720&uid=146e9da1fca8f0ce5e1ef0b5909cc4cd&visitor=OPTOUT

Request Chain 156

https://hb.trustedstack.com/cksync.php?cs=66&type=opw&redirect=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3F%26uid%3D6a4186b759e18e574be0648ddd5e766a%26visitor%3D%3Cvsid%3E&gdpr=1&gdpr_consent= HTTP 302
https://visitor.omnitagjs.com/visitor/sync?&uid=6a4186b759e18e574be0648ddd5e766a&visitor=0000EEA

Request Chain 157

https://sync.srv.stackadapt.com/sync?nid=33&gdpr=1&gdpr_consent= HTTP 302
https://visitor.omnitagjs.com/visitor/sync?uid=74a1ec3b61e72925193cfceeea1b0608&visitor=0-0860521f-cbfc-5ec9-6269-906ff5c8e9b4$ip$45.141.152.76&name=STACKADAPT&gdpr=1&gdpr_consent=

Request Chain 166

https://jadserve.postrelease.com/suid/101967?ntv_r=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DNATIVO%26ttl%3D720%26uid%3D0544850a0778385701c6899403bef718%26visitor%3DNTV_USER_ID%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://visitor.europe-west9.gcp.omnitagjs.com/visitor/sync?name=NATIVO&ttl=720&uid=0544850a0778385701c6899403bef718&visitor=NTV_USER_ID&gdpr=1&gdpr_consent=

Request Chain 167

https://csync.copper6.com/3ccb4268afab0c2b1373a8a8fdc5011f.gif?redir=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DOW_COPPER6%26ttl%3D720%26uid%3D28acaf13e408a52aee4358368b1d9f0b%26visitor%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://visitor.europe-west9.gcp.omnitagjs.com/visitor/sync?name=OW_COPPER6&ttl=720&uid=28acaf13e408a52aee4358368b1d9f0b&visitor=f00f7a8e-7933-425a-a891-2c8d75019523&gdpr=1&gdpr_consent=

Request Chain 169

https://csync.copper6.com/f3c49daf592d06bab39258cac72c0de9.gif?redir=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D0fccaa3ff6e0f9ec339e7eb753458ab3%26visitor%3D%5BUID%5D&gdpr=1&gdpr_consent= HTTP 302
https://visitor.omnitagjs.com/visitor/sync?uid=0fccaa3ff6e0f9ec339e7eb753458ab3&visitor=db499ea4-09ad-4fa6-9737-2f4f2b0684c2

Request Chain 170

https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3Dcc74a90418053c5e5c118472fd8c7507%26visitor%3D HTTP 302
https://visitor.omnitagjs.com/visitor/sync?uid=cc74a90418053c5e5c118472fd8c7507&visitor=

Request Chain 173

https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D642b2fc65afcd5ddddcf2d0e96254052%26visitor%3D HTTP 302
https://visitor.omnitagjs.com/visitor/sync?uid=642b2fc65afcd5ddddcf2d0e96254052&visitor=

Request Chain 174

https://ssum-sec.casalemedia.com/usermatchredir?s=190532&cb=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DOW_INDEX%26ttl%3D720%26uid%3D6b882ebc903fbdf00a60398f542a5c35%26visitor%3D%7BuserId%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://visitor.europe-west9.gcp.omnitagjs.com/visitor/sync?name=OW_INDEX&ttl=720&uid=6b882ebc903fbdf00a60398f542a5c35&visitor={userId}&gdpr=1&gdpr_consent=aEJaSFVbLSMAEaTQAIU3kQAA%265121

Request Chain 179

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu&gdpr=1&gdpr_consent= HTTP 301
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=1&gdpr_consent=

Request Chain 182

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu&gdpr=1&gdpr_consent= HTTP 301
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=1&gdpr_consent=

Request Chain 198

https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1

Request Chain 199

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east

Request Chain 203

https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
https://ads.servenobid.com/sync?pid=310&uid=KyKWARZHn3bGIscyRYC-TsVz

Request Chain 205

https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1749178952223 HTTP 302
https://ad.turn.com/r/cs?pid=45&id=RX-fb86baa9-e2d9-4882-8885-6cca131e0cba-003&rndcb=8830845690 HTTP 302
https://sync.1rx.io/usersync/turn/3297876935822924026?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-fb86baa9-e2d9-4882-8885-6cca131e0cba-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-fb86baa9-e2d9-4882-8885-6cca131e0cba-003 HTTP 302
https://ads.servenobid.com/sync?pid=321&uid=RX-fb86baa9-e2d9-4882-8885-6cca131e0cba-003

Request Chain 206

https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
https://ads.servenobid.com/sync?pid=324&uid=5131077719815679379

Request Chain 208

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0

Request Chain 211

https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E HTTP 302
https://ads.servenobid.com/sync?pid=353&uid=0000EEA

Request Chain 212

https://ads.servedxk.com/rsync?redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D369%26uid%3D%24UID HTTP 302
https://ads.servenobid.com/sync?pid=369&uid=v2d1698572-e681-49b2-9c3e-05637d018975

Request Chain 213

https://ads.servedxk.com/rsync?redirect=https%3A%2F%2Fidsync.rlcdn.com%2F712910.gif%3Fpartner_uid%3D%24UID HTTP 302
https://idsync.rlcdn.com/712910.gif?partner_uid=v2c5e09d2e-96f5-4d65-970c-4ef3784d00ad

Request Chain 218

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_593eba0d-0aad-4ae6-af82-39e0e61bb20b&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_593eba0d-0aad-4ae6-af82-39e0e61bb20b&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=52891df3-7211-4f2c-9765-e6ed239400b8 HTTP 302
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=52891df3-7211-4f2c-9765-e6ed239400b8 HTTP 302
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=e9377b90-b196-4dd7-8b3c-c65f72d9d3fd&user_group=1&ssp=gumgum2&bsw_param=52891df3-7211-4f2c-9765-e6ed239400b8

Request Chain 220

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=sta&i=CGBSH8v8XsliaZBv9cjptC2NmEw

Request Chain 222

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
https://usersync.gumgum.com/usersync?b=vnt&i=db1c80c9-0802-484a-bebc-7b22dc12cb8d

Request Chain 224

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_593eba0d-0aad-4ae6-af82-39e0e61bb20b&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
https://b1sync.outbrain.com/usersync/gumgum/?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__&gdpr=0&gdpr_consent=&puid=e_593eba0d-0aad-4ae6-af82-39e0e61bb20b&s=2&us_privacy=1--- HTTP 302
https://b1sync.zemanta.com/usersync/gumgum/?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__&gdpr=0&gdpr_consent=&obuid=61d8319a-b174-4707-89d1-ff4dbfe33b3f&puid=e_593eba0d-0aad-4ae6-af82-39e0e61bb20b&s=2&us_privacy=1--- HTTP 302
https://usersync.gumgum.com/usersync?b=zem&i=61d8319a-b174-4707-89d1-ff4dbfe33b3f&gdpr=0&us_privacy=1---

Request Chain 225

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&us_privacy=1---&gpp=&gpp_sid=&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
https://rtb.gumgum.com/usersync?b=pln&i=bM4OVpK9nReC&ev=1&gpp_sid=&gpp=&us_privacy=1---&pid=558355

Request Chain 226

https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=sad&i=9117802501659367042

Request Chain 229

https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=adf&i=780600566577439202&gdpr=0&gdpr_consent=

Request Chain 230

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV81OTNlYmEwZC0wYWFkLTRhZTYtYWY4Mi0zOWUwZTYxYmIyMGI=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV81OTNlYmEwZC0wYWFkLTRhZTYtYWY4Mi0zOWUwZTYxYmIyMGI=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv&google_tc=

Request Chain 233

https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
https://usersync.gumgum.com/usersync?b=sus&i=aEJaScCo8JEAACgfoqkAAAAA

Request Chain 234

https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
https://usersync.gumgum.com/usersync?b=rth&i=ZpmPeFdqDORdT-5LCTVRM7qjU6OZtSsdm-5rFR8Q_Y8&pi=gumgum

Request Chain 235

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
https://eus.rubiconproject.com/usync.html?p=gumgum

Request Chain 238

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=aEJaSFVbLSMAEaTQAIU3kQAA

Request Chain 239

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=aEJaSFVbLSMAEaTQAIU3kQAAFAEAAAAB&gpp=&gpp_sid= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=aEJaSFVbLSMAEaTQAIU3kQAAFAEAAAAB&gpp=&gpp_sid=&dcc=t

Request Chain 241

https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5131077719815679379

Request Chain 242

https://trace.mediago.io/ju/cs/indexexchange HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=cd5d5f3fbf78ceb3275vbr00mbk7zibo

Request Chain 243

https://cm.ctnsnet.com/int/cm?exc=19 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=068e9da6b7db4831bef128dab3088cca&expiration=1751770952

Request Chain 244

https://s.c.appier.net/index?userId=aEJaSFVbLSMAEaTQAIU3kQAA%265121&gdpr=&us_privacy= HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=203&external_user_id=Yk2L69FsBzitCptwSVpCaA&gdpr=1

Request Chain 246

https://sync.aniview.com/ssync?pid=62f53b2c7850d0786f227f64&r=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DANIVIEW%26ttl%3D720%26uid%3De8ecb87ff2ef3a3b16ba16c51e7986ac%26visitor%3D%5BAV_UID%5D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://visitor.europe-west9.gcp.omnitagjs.com/visitor/sync?name=ANIVIEW&ttl=720&uid=e8ecb87ff2ef3a3b16ba16c51e7986ac&visitor=b39a1a59-c340-44b6-8c97-2a5fc0834f7b&gdpr=1&gdpr_consent=

Request Chain 251

https://sync.1rx.io/usersync2/smartadserver?gdpr=0&gdpr_consent= HTTP 302
https://ad.turn.com/r/cs?pid=45&id=RX-fb86baa9-e2d9-4882-8885-6cca131e0cba-003&rndcb=2053699255 HTTP 302
https://sync.1rx.io/usersync/turn/3297876935822924026?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-fb86baa9-e2d9-4882-8885-6cca131e0cba-003

Request Chain 252

https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=134&partneruserid=OB_OK&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmart_adserver_eb%26google_hm%3DSMART_USER_ID_B64&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=OTExNzgwMjUwMTY1OTM2NzA0Mg==&gdpr=0&gdpr_consent=

Request Chain 253

https://pxl.iqm.com/i/ck/equativ?cid=SMART_USER_ID&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D154%26partneruserid%3D%7BIQM_COOKIE%7D&gdpr=0&gdpr_consent= HTTP 302
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=154&partneruserid=5e51d4b8-4020-4033-9aa2-bb0574accddb

Request Chain 263

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184&endpoint=us-east HTTP 301
https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east

272 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/ 23 KB
7 KB 556ms
114ms Document
text/html 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: 5bcae56fb9334fe8446c36552a142eab9929fe2a2c91732072dd20818c9c17dc

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000
cache-control: public, max-age=604800
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
date: Fri, 06 Jun 2025 03:02:24 GMT
etag: W/"5de0-196ee8b91bb"
last-modified: Tue, 20 May 2025 16:34:06 GMT
vary: Accept-Encoding
via: 1.1 Caddy
x-powered-by: Express

GET
H2 200 autoblank.js Show response
gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/assets/js/ 1 KB
646 B 122ms
115ms Script
text/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/assets/js/autoblank.js
Requested by: Host: gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
URL: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: 41e9e0b7ccf8d3af68bcbb38488e18d48198ee131b2df9ff128e4e6e911099c6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Origin: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
Referer: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/

Response headers

cache-control: public, max-age=86400, must-revalidate, public, max-age=604800
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"553-19630f6df0b"
via: 1.1 Caddy
alt-svc: h3=":443"; ma=2592000
content-length: 594
date: Fri, 06 Jun 2025 03:02:24 GMT
content-type: text/javascript; charset=utf-8
last-modified: Sun, 13 Apr 2025 21:03:27 GMT
vary: Accept-Encoding
x-powered-by: Express

GET
H2 200 index.css
gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/css/ 12 KB
3 KB 118ms
113ms Stylesheet
text/css 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/css/index.css
Requested by: Host: gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
URL: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: d4be4824499330afdd7139a22d7ad59bd2146bc17565e9ac961461388245b0dc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/

Response headers

cache-control: public, max-age=86400, must-revalidate, public, max-age=604800
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"2e4a-196eb5befff"
via: 1.1 Caddy
alt-svc: h3=":443"; ma=2592000
content-length: 2514
date: Fri, 06 Jun 2025 03:02:24 GMT
content-type: text/css; charset=utf-8
last-modified: Tue, 20 May 2025 01:43:13 GMT
vary: Accept-Encoding
x-powered-by: Express

GET
H2 200 themes.css
gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/css/ 3 KB
856 B 117ms
112ms Stylesheet
text/css 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/css/themes.css
Requested by: Host: gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
URL: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: 92335a8a579ab20778ad116b2e403ac436989b7c6b760bd9e906d451483ddb24

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/

Response headers

cache-control: public, max-age=86400, must-revalidate, public, max-age=604800
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"b00-196c0828a31"
via: 1.1 Caddy
alt-svc: h3=":443"; ma=2592000
content-length: 734
date: Fri, 06 Jun 2025 03:02:24 GMT
content-type: text/css; charset=utf-8
last-modified: Sun, 11 May 2025 18:01:42 GMT
vary: Accept-Encoding
x-powered-by: Express

GET
H2 200 css2
fonts.googleapis.com/ 23 KB
2 KB 207ms
67ms Stylesheet
text/css 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&family=Open+Sans:wght@400;700&display=swap

Requested by

Host: gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
URL: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

84f796be2fbef3583823bc3bae446c8ce5aa1e5b407d74cc021c22137a9ba859

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Fri, 06 Jun 2025 03:02:24 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 06 Jun 2025 03:02:24 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Fri, 06 Jun 2025 02:52:33 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
918 B 187ms
47ms Stylesheet
text/css 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e970bdd269198fc1bf6183c389d2d299cf05c1e7b2076cee4fcf6ba7ac01be02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Fri, 06 Jun 2025 03:02:24 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 06 Jun 2025 03:02:24 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Fri, 06 Jun 2025 01:04:24 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 settings.js Show response
gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/assets/js/ 4 KB
1 KB 117ms
112ms Script
text/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/assets/js/settings.js
Requested by: Host: gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
URL: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: 40847f04a0b4dbacd513872a0472555bf0dd89cfcd4c7d905a0166469f80b438

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Origin: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
Referer: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/

Response headers

cache-control: public, max-age=86400, must-revalidate, public, max-age=604800
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"1028-196bc7a5607"
via: 1.1 Caddy
alt-svc: h3=":443"; ma=2592000
content-length: 997
date: Fri, 06 Jun 2025 03:02:24 GMT
content-type: text/javascript; charset=utf-8
last-modified: Sat, 10 May 2025 23:14:16 GMT
vary: Accept-Encoding
x-powered-by: Express

GET
H2 200 debugger.js Show response
gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/assets/js/ 1 KB
521 B 122ms
118ms Script
text/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/assets/js/debugger.js
Requested by: Host: gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
URL: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: 0b11eecfa382b1f2092d94e727a0145c9f6c2866e04419eef89e9bc381c7a787

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/

Response headers

cache-control: public, max-age=86400, must-revalidate, public, max-age=604800
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"464-19630f6df0b"
via: 1.1 Caddy
alt-svc: h3=":443"; ma=2592000
content-length: 446
date: Fri, 06 Jun 2025 03:02:24 GMT
content-type: text/javascript; charset=utf-8
last-modified: Sun, 13 Apr 2025 21:03:27 GMT
vary: Accept-Encoding
x-powered-by: Express

GET
H3 200 ana.js Show response
gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/ 385 KB
132 KB 143ms
143ms Script
application/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL

https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/ana.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2b560e95e26224c6c15e5804a3f9c26444e9f0c92ac4e41c811e734ae8021729

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/

Response headers

content-encoding: zstd
report-to: {"group":"ascgcycc:1077:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1077:0"}],}
expires: Fri, 06 Jun 2025 03:02:24 GMT
date: Fri, 06 Jun 2025 03:02:24 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1077:0
via: 2.0 Caddy
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1077:0
content-length: 134114
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 aclib.js Show response
acscdn.com/script/ 141 KB
44 KB 65ms
28ms Script
text/javascript 2606:4700::6812:10c9
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://acscdn.com/script/aclib.js
Requested by: Host: gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
URL: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:10c9 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d3303dd4f1400c20d5a1cfa5669d7d52a2450191cf146bd8592b3e9b371cb46f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/

Response headers

x-goog-metageneration: 2
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash: crc32c=4fY6WA==, md5=oWE7r61Vustjyu4kUoHVaA==
cf-cache-status: HIT
etag: W/"a1613bafad55bacb63caee245281d568"
age: 780
content-encoding: gzip
x-goog-stored-content-encoding: identity
expires: Fri, 06 Jun 2025 04:02:24 GMT
alt-svc: h3=":443"; ma=86400
x-goog-stored-content-length: 144707
server-timing: cfExtPri
date: Fri, 06 Jun 2025 03:02:24 GMT
content-type: text/javascript
last-modified: Thu, 05 Jun 2025 09:30:06 GMT
vary: Accept-Encoding
priority: u=1,i=?0
x-guploader-uploadid: ABgVH89LcJt-QgDrCVJCnkpEdFGuhostCgDmf302oCkTJETdGbqJwciTGP1rD1eaFgB9J0iG
cache-control: public, max-age=3600
x-goog-storage-class: MULTI_REGIONAL
cf-ray: 94b4abb3a98b9f4c-FRA
access-control-allow-origin: *
x-goog-generation: 1749115806229286
server: cloudflare

GET
H2 200 index.js Show response
gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/baremux/ 8 KB
3 KB 120ms
116ms Script
text/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/baremux/index.js
Requested by: Host: gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
URL: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: 74a76e5980403a11a657d3ad5f43ea97fae94b8d1cdec9886eb23bdbc645dbe1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/

Response headers

cache-control: public, max-age=0
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"2123-19420c19b61"
via: 1.1 Caddy
alt-svc: h3=":443"; ma=2592000
content-length: 3161
date: Fri, 06 Jun 2025 03:02:24 GMT
content-type: text/javascript; charset=utf-8
last-modified: Wed, 01 Jan 2025 07:25:46 GMT
vary: Accept-Encoding
x-powered-by: Express

GET
H2 200 search.js Show response
gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/assets/js/ 1004 B
486 B 117ms
113ms Script
text/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/assets/js/search.js
Requested by: Host: gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
URL: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: 217bef43e1ece84e8dc9eb6f2e6629b6d24d8738c663f47f33edc697b9a097a5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/

Response headers

cache-control: public, max-age=86400, must-revalidate, public, max-age=604800
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"3ec-19630f6df0b"
via: 1.1 Caddy
alt-svc: h3=":443"; ma=2592000
content-length: 434
date: Fri, 06 Jun 2025 03:02:24 GMT
content-type: text/javascript; charset=utf-8
last-modified: Sun, 13 Apr 2025 21:03:27 GMT
vary: Accept-Encoding
x-powered-by: Express

GET
H2 200 themes.js Show response
gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/assets/js/ 4 KB
1 KB 119ms
116ms Script
text/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/assets/js/themes.js
Requested by: Host: gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
URL: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: e3715d1fe227e6550c249faf6362adb08c08898bc88db2192ea12b39b8be0974

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Origin: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
Referer: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/

Response headers

cache-control: public, max-age=86400, must-revalidate, public, max-age=604800
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"116e-19630f6df0b"
via: 1.1 Caddy
alt-svc: h3=":443"; ma=2592000
content-length: 1343
date: Fri, 06 Jun 2025 03:02:24 GMT
content-type: text/javascript; charset=utf-8
last-modified: Sun, 13 Apr 2025 21:03:27 GMT
vary: Accept-Encoding
x-powered-by: Express

GET
H2 200 options.js Show response
gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/assets/js/ 4 KB
1 KB 133ms
130ms Script
text/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/assets/js/options.js
Requested by: Host: gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
URL: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: f5f36977e96a38963c796982ed3915e49673ba0b63f3d51031a1500c1f0907bd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/

Response headers

cache-control: public, max-age=86400, must-revalidate, public, max-age=604800
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"e89-19630f6df0b"
via: 1.1 Caddy
alt-svc: h3=":443"; ma=2592000
content-length: 1017
date: Fri, 06 Jun 2025 03:02:24 GMT
content-type: text/javascript; charset=utf-8
last-modified: Sun, 13 Apr 2025 21:03:27 GMT
vary: Accept-Encoding
x-powered-by: Express

GET
H2 200 uv.bundle.js Show response
gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/uv/ 370 KB
109 KB 209ms
206ms Script
text/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/uv/uv.bundle.js
Requested by: Host: gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
URL: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: 24c817c4fef658a57754e07c2c89b185e9de3a2bc4261d7e863b345f27df82c4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/

Response headers

cache-control: public, max-age=0
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"5c6cc-1932310d24f"
via: 1.1 Caddy
alt-svc: h3=":443"; ma=2592000
date: Fri, 06 Jun 2025 03:02:24 GMT
content-type: text/javascript; charset=utf-8
last-modified: Wed, 13 Nov 2024 01:08:45 GMT
vary: Accept-Encoding
x-powered-by: Express

GET
H2 200 uv.config.js Show response
gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/uv/ 2 KB
904 B 209ms
206ms Script
text/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/uv/uv.config.js
Requested by: Host: gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
URL: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: a07ed6c92587063c8a3f828c58ed8076071418ca3181e9f67817c8d5041b0c47

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/

Response headers

cache-control: public, max-age=604800
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"710-197045adf12"
via: 1.1 Caddy
alt-svc: h3=":443"; ma=2592000
content-length: 830
date: Fri, 06 Jun 2025 03:02:24 GMT
content-type: text/javascript; charset=utf-8
last-modified: Sat, 24 May 2025 22:12:33 GMT
vary: Accept-Encoding
x-powered-by: Express

GET
H2 200 uv.sw.js Show response
gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/uv/ 7 KB
3 KB 207ms
205ms Script
text/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/uv/uv.sw.js
Requested by: Host: gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
URL: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: bdaf47b5db2c6b13b97a28df68b67180dc0fcda656776ae345b264c2183b9ef2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/

Response headers

cache-control: public, max-age=0
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"1d3b-1932310d26f"
via: 1.1 Caddy
alt-svc: h3=":443"; ma=2592000
content-length: 2957
date: Fri, 06 Jun 2025 03:02:24 GMT
content-type: text/javascript; charset=utf-8
last-modified: Wed, 13 Nov 2024 01:08:45 GMT
vary: Accept-Encoding
x-powered-by: Express

GET
H2 200 tabs.js Show response
gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/assets/js/ 15 KB
4 KB 209ms
207ms Script
text/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/assets/js/tabs.js
Requested by: Host: gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
URL: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: 4e3e6b20f1eae4923f24bf1e3dab2dde56b255c331cdc17b9507e790a48cc36b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Origin: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
Referer: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/

Response headers

cache-control: public, max-age=86400, must-revalidate, public, max-age=604800
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"3a68-196cccf5594"
via: 1.1 Caddy
alt-svc: h3=":443"; ma=2592000
date: Fri, 06 Jun 2025 03:02:24 GMT
content-type: text/javascript; charset=utf-8
last-modified: Wed, 14 May 2025 03:21:02 GMT
vary: Accept-Encoding
x-powered-by: Express

GET
H2 200 bookmarks.js Show response
gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/assets/js/ 4 KB
1 KB 208ms
206ms Script
text/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/assets/js/bookmarks.js
Requested by: Host: gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
URL: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: 8e1c63600bf52ac2101c85ecdef6f843d1d593f6c097f32591fcfea496ec4073

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Origin: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
Referer: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/

Response headers

cache-control: public, max-age=86400, must-revalidate, public, max-age=604800
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"f4b-19630f6df0b"
via: 1.1 Caddy
alt-svc: h3=":443"; ma=2592000
content-length: 1252
date: Fri, 06 Jun 2025 03:02:24 GMT
content-type: text/javascript; charset=utf-8
last-modified: Sun, 13 Apr 2025 21:03:27 GMT
vary: Accept-Encoding
x-powered-by: Express

GET
H3 200 partner.js Show response
partner.senty.com.au/ 8 KB
3 KB 133ms
64ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://partner.senty.com.au/partner.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ff4e107901c810062910e50a956b5ad423cc2a6bcb69074890879f4ba3a4ede

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/

Response headers

content-encoding: br
cf-cache-status: MISS
etag: W/"6b0cc467d5115583d90e253585cc17fe"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d%2BRVZi0l6me8kuy9ZomqdxqDCCBILpu6M%2FYSQxMk8l1mOiNy%2Bz6yIdY83VY8ywdLGqTh44XtCZznWk3ArqUi9DMBQkKTZP0CvCZWGG5jv7%2FLFnE1K2L7lG4v7g0tSuT2X9S2E3ox%2BKKf5CfW%2BYblrZbDlg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: cfExtPri
date: Fri, 06 Jun 2025 03:02:24 GMT
content-type: application/javascript
vary: Accept-Encoding
priority: u=1,i=?0
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 94b4abb3ef09367a-FRA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 settings_manager.js Show response
gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/assets/js/ 4 KB
1 KB 102ms
94ms Script
text/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/assets/js/settings_manager.js
Requested by: Host: gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
URL: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: 8b6965a87cf7118c3c59e80a39eb18dfead63c4a4b8e0a1e0134f5842cd4d8cc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Origin: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
Referer: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/assets/js/settings.js

Response headers

cache-control: public, max-age=86400, must-revalidate, public, max-age=604800
cross-origin-opener-policy: same-origin
content-encoding: gzip
etag: W/"f26-19630f6df0b"
via: 1.1 Caddy
content-length: 885
date: Fri, 06 Jun 2025 03:02:24 GMT
content-type: text/javascript; charset=utf-8
x-powered-by: Express
vary: Accept-Encoding
last-modified: Sun, 13 Apr 2025 21:03:27 GMT

GET
H2 204 czcf.php
youradexchange.com/ad/ 0
0 214ms
144ms Fetch 2606:4700::6812:1962
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://youradexchange.com/ad/czcf.php?cz=hfjbzu6ztb&atv=62.1&chmob=%3F0
Requested by: Host: acscdn.com
URL: https://acscdn.com/script/aclib.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1962 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/

Response headers

cf-cache-status: DYNAMIC
access-control-allow-methods: GET, POST, OPTIONS
via: 1.1 google
cf-ray: 94b4abb55ae7373f-FRA
access-control-allow-origin: *
date: Fri, 06 Jun 2025 03:02:24 GMT
server: cloudflare
access-control-allow-headers: Content-Type

GET
H2 200 search.js Show response
gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/assets/js/ 1004 B
0 1ms
1ms Script
text/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/assets/js/search.js
Requested by: Host: gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
URL: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: 217bef43e1ece84e8dc9eb6f2e6629b6d24d8738c663f47f33edc697b9a097a5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/

Response headers

cache-control: public, max-age=86400, must-revalidate, public, max-age=604800
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"3ec-19630f6df0b"
via: 1.1 Caddy
alt-svc: h3=":443"; ma=2592000
content-length: 434
date: Fri, 06 Jun 2025 03:02:24 GMT
content-type: text/javascript; charset=utf-8
last-modified: Sun, 13 Apr 2025 21:03:27 GMT
vary: Accept-Encoding
x-powered-by: Express

GET
H3 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v23/ 8 KB
8 KB 55ms
8ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v23/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Origin: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
Referer: https://fonts.googleapis.com/

Response headers

age: 241912
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 03 Jun 2026 07:50:32 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 03 Jun 2025 07:50:32 GMT
last-modified: Wed, 23 Apr 2025 16:05:59 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7884
x-xss-protection: 0
server: sffe

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 114ms
44ms Fetch
text/plain 2a00:1450:400d:808::200e
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-NCTSG4T1B6&gtm=45je5641v9138172222za204&_p=1749178944754&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101509157~103116026~103200004~103233427~103351869~103351871~104617976~104617978~104651273~104651275~104653070~104653072~104661466~104661468~104698127~104698129&cid=338758318.1749178945&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1749178945&sct=1&seg=0&dl=https%3A%2F%2Fgocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org%2F&dt=Shadow&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1203
Requested by: Host: gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
URL: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/ana.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400d:808::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:102:0
report-to: {"group":"ascnsrsggc:102:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:102:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:102:0
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 06 Jun 2025 03:02:25 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 uv.config.js Show response
gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/uv/ 2 KB
0 1ms
1ms Script
text/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/uv/uv.config.js
Requested by: Host: gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
URL: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: a07ed6c92587063c8a3f828c58ed8076071418ca3181e9f67817c8d5041b0c47

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/

Response headers

cache-control: public, max-age=604800
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"710-197045adf12"
via: 1.1 Caddy
alt-svc: h3=":443"; ma=2592000
content-length: 830
date: Fri, 06 Jun 2025 03:02:24 GMT
content-type: text/javascript; charset=utf-8
last-modified: Sat, 24 May 2025 22:12:33 GMT
vary: Accept-Encoding
x-powered-by: Express

GET
H3 200 history_helper.js Show response
gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/assets/js/ 4 KB
1 KB 96ms
95ms Script
text/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/assets/js/history_helper.js
Requested by: Host: gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
URL: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: 56e70443c37648d17bb54e83ae0028731328f86afb12edd626e8584718be71e0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Origin: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
Referer: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/assets/js/tabs.js

Response headers

cache-control: public, max-age=86400, must-revalidate, public, max-age=604800
cross-origin-opener-policy: same-origin
content-encoding: gzip
etag: W/"ff4-19630f6df0b"
via: 1.1 Caddy
content-length: 960
date: Fri, 06 Jun 2025 03:02:25 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-powered-by: Express
last-modified: Sun, 13 Apr 2025 21:03:27 GMT

GET
H3 200 index.mjs Show response
gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/baremux/ 8 KB
3 KB 101ms
100ms Script
text/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/baremux/index.mjs
Requested by: Host: gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
URL: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: 731c3411d0f309309a97628ba465af31050e0866d07e116f7ea5a1c35e9b99c5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Origin: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
Referer: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/assets/js/tabs.js

Response headers

cache-control: public, max-age=0
cross-origin-opener-policy: same-origin
content-encoding: gzip
etag: W/"2019-19420c19b79"
via: 1.1 Caddy
content-length: 3022
date: Fri, 06 Jun 2025 03:02:25 GMT
content-type: text/javascript; charset=utf-8
x-powered-by: Express
vary: Accept-Encoding
last-modified: Wed, 01 Jan 2025 07:25:46 GMT

GET
H2 200 script.outbound-links.pageview-props.tagged-events.js Show response
stats.senty.com.au/js/ 3 KB
2 KB 426ms
132ms Script
application/javascript 104.237.132.182
AKAMAI-LINODE-AP ...

General

Check archive.org

Download Go to

Full URL

https://stats.senty.com.au/js/script.outbound-links.pageview-props.tagged-events.js

Requested by

Host: partner.senty.com.au
URL: https://partner.senty.com.au/partner.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.237.132.182 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

104-237-132-182.ip.linodeusercontent.com

Software

nginx /

Resource Hash

4f6d3ce6fee0211ee389d61a9344b2f0ff30dc1f7db4e6fd9f2e9417f800afc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/

Response headers

cache-control: public, max-age=86400, must-revalidate
content-encoding: gzip
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff, nosniff
access-control-allow-origin: *
date: Fri, 06 Jun 2025 03:02:26 GMT
x-xss-protection: 1; mode=block
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
server: nginx
x-frame-options: SAMEORIGIN

POST
H3 204 hb.php
pubtrky.com/ut/ 0
623 B 189ms
148ms Ping
text/plain 2606:4700:3034::6815:86c
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://pubtrky.com/ut/hb.php?cb=0.5908265462391973&v=1
Requested by: Host: acscdn.com
URL: https://acscdn.com/script/aclib.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:86c -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Content-Type: text/plain; charset=utf-8
Referer: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MjmgALUegP9dxckm6iSSA%2F1dgWidQzb4vJSFDABk9txutyx6SbTNXXjU79hhhhQmNv8024UPAMRfmLZHYTodZg86A%2BlvnT2ubcc9JtP3zxT5CXIhTrwobvKPO%2FfvEqfMG4nYg49gJC050Q%3D%3D"}],"group":"cf-nel","max_age":604800}
via: 1.1 google
cf-ray: 94b4abbc4a6a5d98-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=9281&min_rtt=7033&rtt_var=3487&sent=12&recv=12&lost=0&retrans=0&sent_bytes=3691&recv_bytes=4426&delivery_rate=302128&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=15468&unsent_bytes=0&cid=32decaa97a5dc796&ts=154&x=92"
date: Fri, 06 Jun 2025 03:02:26 GMT
server: cloudflare

GET
H3 200 broken-sites Show response
gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/v1/api/ 94 B
246 B 101ms
100ms Fetch
application/json 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/v1/api/broken-sites
Requested by: Host: gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
URL: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/assets/js/tabs.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: 68e09e9ee51aa1b41974454515ce31349e8d57190b5208f98ea36089e00e4ebc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/

Response headers

via: 1.1 Caddy
cross-origin-opener-policy: same-origin
content-length: 94
date: Fri, 06 Jun 2025 03:02:25 GMT
etag: W/"5e-HOo7rHHVnDeKI5Rwx5WrHVFSpg4"
content-type: application/json; charset=utf-8
x-powered-by: Express

GET worker.js
gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/baremux/ 0
0

GET
H3 200 embed Show response
fontgenerator.cc/ Frame 1932 10 KB
5 KB 923ms
822ms Document
text/html 2606:4700:3031::ac43:80bd
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://fontgenerator.cc/embed

Requested by

Host: partner.senty.com.au
URL: https://partner.senty.com.au/partner.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:80bd -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b6edcc080295bc506745b15d215226f6a80283818ef60e1e8805992c9c06f143

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 94b4abbcba202be5-FRA
content-encoding: zstd
content-type: text/html; charset=UTF-8
date: Fri, 06 Jun 2025 03:02:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k1AHmalqOVcFhIl0lE%2Fn5e2fP2cE2Q3k3mO7RDFH8zV6mZGNGmIRitU2LxwgIV2BtCI5U8vKGWe%2Bp9EvWDleKVzAj2Bu3i44Puva5CnOgLovwE3hFcm7amnrAR5QrpZYqtjvspcapm5Lf2I%2BAVmC"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=9686&min_rtt=7467&rtt_var=3813&sent=11&recv=10&lost=0&retrans=0&sent_bytes=3705&recv_bytes=3332&delivery_rate=293375&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=15484&unsent_bytes=0&cid=ed8ce673749994c8&ts=829&x=92"
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2

404

faviconV2
t2.gstatic.com/
Redirect Chain

https://www.google.com/s2/favicons/imgs/icons?domain=bnalk&sz=24
https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://bnalk&size=24

726 B
917 B

63ms
21ms

Image
image/png

2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://bnalk&size=24

Requested by

Protocol

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/

Response headers

cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 726
date: Fri, 06 Jun 2025 03:02:26 GMT
x-xss-protection: 0
content-type: image/png
server: sffe

Redirect headers

cache-control: public, max-age=1800
location: https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://bnalk&size=24
x-content-type-options: nosniff
expires: Fri, 06 Jun 2025 03:32:25 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 325
date: Fri, 06 Jun 2025 03:02:25 GMT
x-xss-protection: 0
content-type: text/html; charset=UTF-8
server: sffe

POST
H2 202 event Show response
stats.senty.com.au/api/ 2 B
220 B 405ms
131ms XHR
text/plain 104.237.132.182
AKAMAI-LINODE-AP ...

General

Check archive.org

Download Go to

Full URL: https://stats.senty.com.au/api/event
Requested by: Host: stats.senty.com.au
URL: https://stats.senty.com.au/js/script.outbound-links.pageview-props.tagged-events.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.237.132.182 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 104-237-132-182.ip.linodeusercontent.com
Software: nginx /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/

Response headers

x-request-id: GEZU-_-FdDBBlCOMjiRh
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 2
date: Fri, 06 Jun 2025 03:02:26 GMT
content-type: text/plain; charset=utf-8
server: nginx

GET
H3 200 home.html Show response
gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/pages/ Frame F379 47 B
233 B 93ms
93ms Document
text/html 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/pages/home.html
Requested by: Host: gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
URL: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/assets/js/tabs.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: 8a346698d1fe701441863c329bf5132a5536faeaa68ccd7751931726ad04b329

Request headers

Referer: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: public, max-age=3600, must-revalidate public, max-age=604800
content-length: 47
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
date: Fri, 06 Jun 2025 03:02:26 GMT
etag: W/"2f-1924f22eefb"
last-modified: Wed, 02 Oct 2024 21:29:02 GMT
via: 1.1 Caddy
x-powered-by: Express

GET
H3

200

/ Show response
gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/home/ Frame F379
Redirect Chain

https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/home
https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/home/

976 B
728 B

98ms
97ms

Document
text/html

104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/home/
Requested by: Host: gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
URL: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/pages/home.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: c0511e29e2d9e3aa83ab107e55b5e3c2ca9c90c04027a2f551fca1d403fd9cd6

Request headers

Referer: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/pages/home.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36

Response headers

cache-control: public, max-age=604800
content-encoding: gzip
content-length: 555
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
date: Fri, 06 Jun 2025 03:02:27 GMT
etag: W/"3d0-196ee8b91bb"
last-modified: Tue, 20 May 2025 16:34:06 GMT
vary: Accept-Encoding
via: 1.1 Caddy
x-powered-by: Express

Redirect headers

content-length: 154
content-security-policy: default-src 'none'
content-type: text/html; charset=UTF-8
cross-origin-opener-policy: same-origin
date: Fri, 06 Jun 2025 03:02:26 GMT
location: /home/
via: 1.1 Caddy
x-content-type-options: nosniff
x-powered-by: Express

GET
H2 200 css2
fonts.googleapis.com/ Frame 1932 8 KB
2 KB 120ms
50ms Stylesheet
text/css 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans&family=Ubuntu:wght@500&display=swap

Requested by

Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d8e3783dafaec68331904ad2dcec69ba0e18c55290155020a063afe70938220a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Fri, 06 Jun 2025 03:02:27 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 06 Jun 2025 03:02:27 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Fri, 06 Jun 2025 03:02:27 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 mdb.min.css
cdnjs.cloudflare.com/ajax/libs/mdb-ui-kit/7.1.0/ Frame 1932 368 KB
36 KB 69ms
18ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/mdb-ui-kit/7.1.0/mdb.min.css

Requested by

Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1562c1b6966919f59dad5ce26d7ce05a4ecdfc4e6f7f9b8d1d6fa826508794cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "656db89f-8cd9"
age: 301087
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9iu%2BGWZ2my3g9wv1pw5N3Vvz8cvE%2Bcl8kDdzDRPNfYh7XizTGHuNyA%2BN%2BJI6vK30caJjopv8qEnDRnnA45XHid6Sgz1qSLhcd%2BEgFRZKh2qlOtN1L28%2BdcIKFiNJGM8UNqOdxbZIj%2Bm%2FGBv5w9C16yyF"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Wed, 27 May 2026 03:02:27 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Jun 2025 03:02:27 GMT
content-type: text/css; charset=utf-8
last-modified: Mon, 04 Dec 2023 11:31:43 GMT
vary: Accept-Encoding
priority: u=0,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 94b4abc2d8884da0-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 36057
server: cloudflare

GET
H3 200 style.css
fontgenerator.cc/ Frame 1932 14 KB
4 KB 347ms
343ms Stylesheet
text/css 2606:4700:3031::ac43:80bd
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://fontgenerator.cc/style.css

Requested by

Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:80bd -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d35a7ee5aac9714da95d1a4f632cdb97d560a5ecf5e3908a1d229bc8c1057c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/embed

Response headers

content-encoding: gzip
cf-cache-status: REVALIDATED
etag: "68102ad2-3910"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y5frBs96bcaPREE3mB86Fk4Mdzns2U%2FxmR943wXs4WerFIlLb2dlvKwhbsv8HIzO%2FBPU72eA8IihGUoNh18Ni2XN%2Ffc7owYMNhdpFKsXnM0aF%2F1MLVJoJrooUPRJKqdxHYkQN0yVboOuhVuvTlXx"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=8310&min_rtt=6675&rtt_var=2445&sent=31&recv=20&lost=0&retrans=0&sent_bytes=21426&recv_bytes=5159&delivery_rate=541738&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=24218&unsent_bytes=0&cid=ed8ce673749994c8&ts=1285&x=92"
date: Fri, 06 Jun 2025 03:02:27 GMT
content-type: text/css
last-modified: Tue, 29 Apr 2025 01:26:42 GMT
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 94b4abc28a232be5-FRA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 toastr.min.css
fontgenerator.cc/ Frame 1932 7 KB
4 KB 353ms
350ms Stylesheet
text/css 2606:4700:3031::ac43:80bd
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://fontgenerator.cc/toastr.min.css

Requested by

Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:80bd -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

10d159adb573ca535b8275f1d27dc8d60fffd9678ee3b5f1a0f7b4be4a77342f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/embed

Response headers

content-encoding: gzip
cf-cache-status: REVALIDATED
etag: "67e1e2bb-1a55"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r43H9Oz%2FX8Czh1RUIHm9EQOdgXo0Rmoeq5bbY2AH0jJ5bg1%2FR7RqLvJ9AGpsFPRswjJHaUdD%2BxdMdfzj0CNFkywkaJ0rzHUyDD7GpUn3NglyOrKP%2FXG6ffTLS6%2BmZe5WCcrOawldxMz%2FIUwSdgbr"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=8198&min_rtt=6675&rtt_var=1557&sent=39&recv=23&lost=0&retrans=0&sent_bytes=30852&recv_bytes=5288&delivery_rate=637397&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=24218&unsent_bytes=0&cid=ed8ce673749994c8&ts=1290&x=92"
date: Fri, 06 Jun 2025 03:02:27 GMT
content-type: text/css
last-modified: Mon, 24 Mar 2025 22:54:51 GMT
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 94b4abc28a242be5-FRA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 inview.min.js Show response
stpd.cloud/assets/libraries/ Frame 1932 5 KB
3 KB 73ms
21ms Script
application/javascript 2606:4700::6812:1f31
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://stpd.cloud/assets/libraries/inview.min.js

Requested by

Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1f31 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba92f31903d0ed43a15811c0506b1c357fa04ff643140a3c0e162dfc66cd37eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"23df7c2f5fe3a534a7299c9c9e923fa9"
age: 536
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hEaEMJ5UWyUciGz5l%2BACmGeoRzXgqYPWrk0OCXT%2BqqZy4POGrgHdZhe7ZvogMRSzHWZjK%2FDOcN8IeFs7ZegTidvJHM6QrbWZfAJZX6llcJMVEYwTD8zbwNzCvnMQ"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Fri, 06 Jun 2025 03:22:27 GMT
date: Fri, 06 Jun 2025 03:02:27 GMT
content-type: application/javascript
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public, max-age=1200
referrer-policy: strict-origin-when-cross-origin
cf-ray: 94b4abc2d86e37e4-FRA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 1932 110 KB
34 KB 310ms
56ms Script
text/javascript 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

25a678a9086e5aebb05b825278fe3af7e27e4321617427c41624f3fec41bcd37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

content-encoding: br
etag: 911 / 20245 / 31092854 / config-hash: 17043989769770111946
x-content-type-options: nosniff
expires: Fri, 06 Jun 2025 03:02:27 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Fri, 06 Jun 2025 03:02:27 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 34651
x-xss-protection: 0
server: cafe

GET
H2 200 9343 Show response
stpd.cloud/saas/ Frame 1932 426 KB
117 KB 198ms
197ms Script
text/javascript 2606:4700::6812:1f31
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://stpd.cloud/saas/9343
Requested by: Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1f31 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28a2e66d41b018bf27fbf4e3434b298b0b9afaf920f9e8a49dd60ded1e1ae903

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

cache-control: max-age=300
x-stpd-module-cache: HIT
content-encoding: br
cf-ray: 94b4abc4d90537e4-FRA
access-control-allow-origin: *
date: Fri, 06 Jun 2025 03:02:27 GMT
content-type: text/javascript
vary: Accept-Encoding
server: cloudflare

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 1932 389 KB
132 KB 151ms
74ms Script
application/javascript 2a00:1450:400d:80d::2008
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1B87SF7ZHT

Requested by

Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2e4ee300bdad8af8327f220761ec667053b8185fc361ce96495461e27f63569b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

content-encoding: zstd
report-to: {"group":"ascgcycc:1077:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1077:0"}],}
expires: Fri, 06 Jun 2025 03:02:27 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 06 Jun 2025 03:02:27 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1077:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1077:0
content-length: 134742
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 script.outbound-links.pageview-props.tagged-events.js Show response
stats.senty.com.au/js/ Frame 1932 3 KB
2 KB 404ms
142ms Script
application/javascript 104.237.132.182
AKAMAI-LINODE-AP ...

General

Check archive.org

Download Go to

Full URL

https://stats.senty.com.au/js/script.outbound-links.pageview-props.tagged-events.js

Requested by

Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.237.132.182 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

104-237-132-182.ip.linodeusercontent.com

Software

nginx /

Resource Hash

4f6d3ce6fee0211ee389d61a9344b2f0ff30dc1f7db4e6fd9f2e9417f800afc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

cache-control: public, max-age=86400, must-revalidate
content-encoding: gzip
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff, nosniff
access-control-allow-origin: *
date: Fri, 06 Jun 2025 03:02:27 GMT
x-xss-protection: 1; mode=block
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
server: nginx
x-frame-options: SAMEORIGIN

GET
H3 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/ Frame 1932 87 KB
28 KB 89ms
40ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "603e8adc-15d9d"
age: 1980527
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rG7q2vE%2FQQeAd%2BmnfSWcX443Z3IvlOZjJ%2FuoD2teSpPZyRsBvacyALoC4Vxu%2FepChUkDmOJFhqpRIZFjs3rbB4YkZr3lmbZ1pDStDIVyIF8ktpiqKdZMw1q%2BCmajuQFbcF5ajGnVRCruWcaakynGFjP3"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Wed, 27 May 2026 03:02:27 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Jun 2025 03:02:27 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 02 Mar 2021 18:58:36 GMT
vary: Accept-Encoding
priority: u=1,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 94b4abc2d88b4da0-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 27938
server: cloudflare

GET
H3 200 script.js Show response
fontgenerator.cc/js/ Frame 1932 95 KB
20 KB 343ms
341ms Script
application/javascript 2606:4700:3031::ac43:80bd
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://fontgenerator.cc/js/script.js

Requested by

Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:80bd -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19492573e99443369d3da235c38f1a430842fce993891f89054f0c7e4e4389e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/embed

Response headers

content-encoding: gzip
cf-cache-status: REVALIDATED
etag: "67e356ca-17ae7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=puwPS0K2ag45YzDzSOW79v%2BKkm9BnFnt5veIV6YqkfGn9YHCrUOqWrgcageu4jVfW%2FYVjZfudz2F26Oe0hAX3VVLRe0qK9ADnOorXWsK3OAcB6LAU75RIO8jMPd0rSNyJ977QcpISVNSnpMMpE69"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=8739&min_rtt=6689&rtt_var=3051&sent=25&recv=18&lost=0&retrans=0&sent_bytes=14226&recv_bytes=5073&delivery_rate=541738&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=20657&unsent_bytes=0&cid=ed8ce673749994c8&ts=1280&x=92"
date: Fri, 06 Jun 2025 03:02:27 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 26 Mar 2025 01:22:18 GMT
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 94b4abc28a252be5-FRA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 functions.js Show response
fontgenerator.cc/js/ Frame 1932 5 KB
2 KB 335ms
333ms Script
application/javascript 2606:4700:3031::ac43:80bd
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://fontgenerator.cc/js/functions.js

Requested by

Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:80bd -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

69d9ac5984ab481e3a40b4b75c330920e56aa12c8d37bfaccc4ab6cedcdda50f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/embed

Response headers

content-encoding: gzip
cf-cache-status: REVALIDATED
etag: "67e34bc9-1275"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f1EawarPJtbXVCwaCpFIcmuJ7q3loDuNU4DO7JyyvpCngXgy3SXXn36zpp1K%2FFb1oVz%2B1R9IlNr5vhQNqP4Tt1drl02CvoaayXPFQjkRZ1CmnvHvhWK6aHKzCaQeVuWT%2FOIH6VPSg0XeKO%2B4Bk0r"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=8739&min_rtt=6689&rtt_var=3051&sent=19&recv=18&lost=0&retrans=0&sent_bytes=8924&recv_bytes=5073&delivery_rate=541738&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=20657&unsent_bytes=0&cid=ed8ce673749994c8&ts=1274&x=92"
date: Fri, 06 Jun 2025 03:02:27 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 26 Mar 2025 00:35:21 GMT
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 94b4abc28a262be5-FRA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 mdb.umd.min.js Show response
cdnjs.cloudflare.com/ajax/libs/mdb-ui-kit/7.1.0/ Frame 1932 123 KB
31 KB 74ms
26ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/mdb-ui-kit/7.1.0/mdb.umd.min.js

Requested by

Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea7fb526203a7e6eed35cc2fcdc98c76cb136dba25b23fae9e5fab3588877596

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "656db89f-7ae6"
age: 1307684
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a1lIBiLmv4W4%2FPmTx5fhogu6eqbj2yoMxz0ysbRspDhgcpxAUTPv70IkS0m70%2B3uyWmxejA21zoPgFGfvvUut5oEMsBPM9Hq%2BJ0%2BuxfeWQaS9EHoWVTFADc9g8px%2FN4V%2FHGFGLivomqTzKD%2Fouj6HgUJ"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Wed, 27 May 2026 03:02:27 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 06 Jun 2025 03:02:27 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 04 Dec 2023 11:31:43 GMT
vary: Accept-Encoding
priority: u=1,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 94b4abc2d88a4da0-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 31462
server: cloudflare

GET
H3 200 toastr.min.js Show response
fontgenerator.cc/js/ Frame 1932 5 KB
3 KB 341ms
340ms Script
application/javascript 2606:4700:3031::ac43:80bd
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://fontgenerator.cc/js/toastr.min.js

Requested by

Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:80bd -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddb96c25de07962ffbc0243e6e68177ce74aee9fd950cb4f5d8d3c8e6c524a09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/embed

Response headers

content-encoding: gzip
cf-cache-status: REVALIDATED
etag: "67e1e2bb-15a1"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XLw86v2SQ7OZ9%2BK8dYd0XW2Vj47DLBx8ALr5cuhwDNloEoyE8GDdr%2FD8vRTLYNETmgrOO6oQoxpyjA2d2xJn6NvkBaAXqOpGujHLJqBRef%2FntDhRrxpMNPmwOXslyPB05VwzN6M%2FKzy41R69fUiR"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=8739&min_rtt=6689&rtt_var=3051&sent=22&recv=18&lost=0&retrans=0&sent_bytes=11285&recv_bytes=5073&delivery_rate=541738&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=20657&unsent_bytes=0&cid=ed8ce673749994c8&ts=1277&x=92"
date: Fri, 06 Jun 2025 03:02:27 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 24 Mar 2025 22:54:51 GMT
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 94b4abc28a272be5-FRA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 ads.js Show response
app.tinyadz.com/scripts/ Frame 1932 9 KB
3 KB 115ms
65ms Script
text/javascript 2606:4700:3033::6815:5adc
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://app.tinyadz.com/scripts/ads.js?siteId=68323df081da95ab79451781
Requested by: Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:5adc -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 275d2dafdb1515edd8b9565c7382ecf19909a4eeeff7cd0bc13aed2afb0591be

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Origin: https://fontgenerator.cc
Referer: https://fontgenerator.cc/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=14400
content-encoding: gzip
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0zK0XsVWob1gm9DX%2BmhFd3%2Fh5L4gBrem5gvY2%2FKTlyfESpIt6eY2%2FUvU5WFQzQCly6oK62ZrTzdLfUEAESghi1E%2FcelrVmCz%2BriW4TzAboKnF1GWKjrt%2BorgfslAexcqDK48ENZEOmCNamFCEnY%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 94b4abc2daf479fb-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7580&min_rtt=7026&rtt_var=1476&sent=11&recv=10&lost=0&retrans=0&sent_bytes=3662&recv_bytes=3191&delivery_rate=321474&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=15463&unsent_bytes=0&cid=88192beeeaef5b82&ts=80&x=92"
date: Fri, 06 Jun 2025 03:02:27 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding, Origin
server: cloudflare
last-modified: Fri, 06 Jun 2025 03:02:27 GMT

GET
H3 200 home.css
gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/css/ Frame F379 1 KB
763 B 103ms
101ms Stylesheet
text/css 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/css/home.css
Requested by: Host: gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
URL: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/home/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: bfbf77facc0b33343150d420aa0f7e582e1657070c51895cdec89299922d96cc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/home/

Response headers

cache-control: public, max-age=86400, must-revalidate, public, max-age=604800
cross-origin-opener-policy: same-origin
content-encoding: gzip
etag: W/"4d2-19630f6deef"
via: 1.1 Caddy
content-length: 540
date: Fri, 06 Jun 2025 03:02:27 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
x-powered-by: Express
last-modified: Sun, 13 Apr 2025 21:03:27 GMT

GET
H2 200 themes.css
gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/css/ Frame F379 3 KB
0 2ms
2ms Stylesheet
text/css 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/css/themes.css
Requested by: Host: gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
URL: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/home/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: 92335a8a579ab20778ad116b2e403ac436989b7c6b760bd9e906d451483ddb24

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/home/

Response headers

cache-control: public, max-age=86400, must-revalidate, public, max-age=604800
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"b00-196c0828a31"
via: 1.1 Caddy
alt-svc: h3=":443"; ma=2592000
content-length: 734
date: Fri, 06 Jun 2025 03:02:24 GMT
content-type: text/css; charset=utf-8
last-modified: Sun, 11 May 2025 18:01:42 GMT
vary: Accept-Encoding
x-powered-by: Express

GET
H2 200 css2
fonts.googleapis.com/ Frame F379 2 KB
619 B 47ms
39ms Stylesheet
text/css 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:wght@400;600&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f9d8e58b6cdcdf7831511b8a69c82bc6b71c335ade7b7efa21b634e08cf9789d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Fri, 06 Jun 2025 03:02:27 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 06 Jun 2025 03:02:27 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Fri, 06 Jun 2025 01:07:28 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 ana.js Show response
gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/ Frame F379 385 KB
0 3ms
2ms Script
application/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL

https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/ana.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2b560e95e26224c6c15e5804a3f9c26444e9f0c92ac4e41c811e734ae8021729

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/home/

Response headers

content-encoding: zstd
report-to: {"group":"ascgcycc:1077:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1077:0"}],}
expires: Fri, 06 Jun 2025 03:02:24 GMT
date: Fri, 06 Jun 2025 03:02:24 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1077:0
via: 2.0 Caddy
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1077:0
content-length: 134114
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 themes.js Show response
gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/assets/js/ Frame F379 4 KB
0 4ms
4ms Script
text/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/assets/js/themes.js
Requested by: Host: gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
URL: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/home/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: e3715d1fe227e6550c249faf6362adb08c08898bc88db2192ea12b39b8be0974

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Origin: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
Referer: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/home/

Response headers

cache-control: public, max-age=86400, must-revalidate, public, max-age=604800
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"116e-19630f6df0b"
via: 1.1 Caddy
alt-svc: h3=":443"; ma=2592000
content-length: 1343
date: Fri, 06 Jun 2025 03:02:24 GMT
content-type: text/javascript; charset=utf-8
last-modified: Sun, 13 Apr 2025 21:03:27 GMT
vary: Accept-Encoding
x-powered-by: Express

GET
H3 200 plain_logo.webp
gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/assets/imgs/icons/ Frame F379 11 KB
12 KB 102ms
101ms Image
image/webp 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to Show image

Full URL: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/assets/imgs/icons/plain_logo.webp
Requested by: Host: gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
URL: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/home/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: 042a1652e0b3d20d268a194befaea0c5841026a91a14214abac003d605e0ed65

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/home/

Response headers

cache-control: public, max-age=86400, must-revalidate, public, max-age=604800
cross-origin-opener-policy: same-origin
etag: W/"2d9c-19630f6dee7"
via: 1.1 Caddy
accept-ranges: bytes
content-length: 11676
date: Fri, 06 Jun 2025 03:02:27 GMT
last-modified: Sun, 13 Apr 2025 21:03:27 GMT
content-type: image/webp
x-powered-by: Express

GET
H2 200 a
www.googletagmanager.com/ Frame F379 0
433 B 135ms
65ms Image
text/html 2a00:1450:400d:80d::2008
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-NCTSG4T1B6&v=3&t=t&pid=6881546&cv=1&rv=5641&tc=16&tag_exp=101509157~103116026~103200004~103233427~103351869~103351871~104617976~104617978~104651273~104651275~104653070~104653072~104661466~104661468~104698127~104698129&es=1&e=gtm.init&eid=2&u=AAAAAAAAAAAAAACA&h=Ag&tr=1ogt1pdatav2.1ccdgafirst.1setproductsettings.1ccdgaregscope.1ccdemdownload.1ccdemform.1ccdemoutboundclick.1ccdempageview.1ccdemscroll.1ccdemsitesearch.1ccdemvideo.1ccdconversionmarking.1ccdautoredact.1ccdgalast&ti=2ogt1pdatav2.2ccdgafirst.2setproductsettings.2ccdgaregscope.2ccdemdownload.2ccdemform.2ccdemoutboundclick.2ccdempageview.2ccdemscroll.2ccdemsitesearch.2ccdemvideo.2ccdconversionmarking.2ccdautoredact.2ccdgalast&z=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/

Response headers

report-to: {"group":"ascgcycc:893:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:893:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:893:0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:893:0
content-length: 0
date: Fri, 06 Jun 2025 03:02:27 GMT
x-xss-protection: 0
content-type: text/html
server: Google Tag Manager

GET
H2 200 a
www.googletagmanager.com/ Frame F379 0
52 B 136ms
66ms Image
text/html 2a00:1450:400d:80d::2008
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/

Response headers

report-to: {"group":"ascgcycc:893:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:893:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:893:0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:893:0
content-length: 0
date: Fri, 06 Jun 2025 03:02:27 GMT
x-xss-protection: 0
content-type: text/html
server: Google Tag Manager

GET
H2 200 a
www.googletagmanager.com/ Frame F379 0
52 B 134ms
65ms Image
text/html 2a00:1450:400d:80d::2008
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/

Response headers

report-to: {"group":"ascgcycc:893:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:893:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:893:0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:893:0
content-length: 0
date: Fri, 06 Jun 2025 03:02:27 GMT
x-xss-protection: 0
content-type: text/html
server: Google Tag Manager

GET
H3 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v23/ Frame F379 8 KB
0 55ms
8ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v23/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Origin: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
Referer: https://fonts.googleapis.com/

Response headers

age: 241912
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 03 Jun 2026 07:50:32 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 03 Jun 2025 07:50:32 GMT
last-modified: Wed, 23 Apr 2025 16:05:59 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7884
x-xss-protection: 0
server: sffe

GET
H3 200 blue.jpg
gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/assets/imgs/backgrounds/home/ Frame F379 184 KB
185 KB 96ms
95ms Image
image/jpeg 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to Show image

Full URL: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/assets/imgs/backgrounds/home/blue.jpg
Requested by: Host: gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
URL: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/css/home.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: 5eff7005425c542db2290b5ccdf4e0a65c4219273a665ce0425264274e536ea6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/css/home.css

Response headers

cache-control: public, max-age=86400, must-revalidate, public, max-age=604800
cross-origin-opener-policy: same-origin
etag: W/"2e144-19630f6dedf"
via: 1.1 Caddy
accept-ranges: bytes
content-length: 188740
date: Fri, 06 Jun 2025 03:02:27 GMT
last-modified: Sun, 13 Apr 2025 21:03:27 GMT
content-type: image/jpeg
x-powered-by: Express

POST
H2 204 collect
www.google-analytics.com/g/ Frame F379 0
0 50ms
48ms Fetch
text/plain 2a00:1450:400d:808::200e
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-NCTSG4T1B6&gtm=45je5641v9138172222za204&_p=1749178947176&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101509157~103116026~103200004~103233427~103351869~103351871~104617976~104617978~104651273~104651275~104653070~104653072~104661466~104661468~104698127~104698129&cid=338758318.1749178945&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=1&pscdl=noapi&_eu=AAAAAAQ&_s=1&sid=1749178945&sct=1&seg=1&dl=https%3A%2F%2Fgocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org%2Fhome%2F&dr=https%3A%2F%2Fgocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org%2Fpages%2Fhome.html&dt=Home&en=page_view&_ee=1&tfd=564
Requested by: Host: gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
URL: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/ana.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400d:808::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:102:0
report-to: {"group":"ascnsrsggc:102:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:102:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:102:0
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 06 Jun 2025 03:02:27 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 a
www.googletagmanager.com/ Frame F379 0
52 B 106ms
67ms Image
text/html 2a00:1450:400d:80d::2008
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-NCTSG4T1B6&v=3&t=t&pid=6881546&cv=1&rv=5641&tc=16&tag_exp=101509157~103116026~103200004~103233427~103351869~103351871~104617976~104617978~104651273~104651275~104653070~104653072~104661466~104661468~104698127~104698129&e=gtm.init&eid=2&u=AAAAAAAAAAAAACCA&h=Ag&tr=5ogt1pdatav2.5ccdgafirst.5setproductsettings.5ccdgaregscope.5ccdemdownload.5ccdemform.5ccdemoutboundclick.5ccdempageview&ti=2ogt1pdatav2.2ccdgafirst.2setproductsettings.2ccdgaregscope.2ccdemdownload.2ccdemform.2ccdemoutboundclick.2ccdempageview&z=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/

Response headers

report-to: {"group":"ascgcycc:893:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:893:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:893:0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:893:0
content-length: 0
date: Fri, 06 Jun 2025 03:02:27 GMT
x-xss-protection: 0
content-type: text/html
server: Google Tag Manager

GET
H2 200 a
www.googletagmanager.com/ Frame F379 0
52 B 143ms
105ms Image
text/html 2a00:1450:400d:80d::2008
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/

Response headers

report-to: {"group":"ascgcycc:893:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:893:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:893:0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:893:0
content-length: 0
date: Fri, 06 Jun 2025 03:02:27 GMT
x-xss-protection: 0
content-type: text/html
server: Google Tag Manager

GET
H3 200 settings_manager.js Show response
gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/assets/js/ Frame F379 4 KB
0 0ms
0ms Script
text/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/assets/js/settings_manager.js
Requested by: Host: gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
URL: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: 8b6965a87cf7118c3c59e80a39eb18dfead63c4a4b8e0a1e0134f5842cd4d8cc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Origin: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
Referer: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/assets/js/themes.js

Response headers

cache-control: public, max-age=86400, must-revalidate, public, max-age=604800
cross-origin-opener-policy: same-origin
content-encoding: gzip
etag: W/"f26-19630f6df0b"
via: 1.1 Caddy
content-length: 885
date: Fri, 06 Jun 2025 03:02:24 GMT
content-type: text/javascript; charset=utf-8
x-powered-by: Express
vary: Accept-Encoding
last-modified: Sun, 13 Apr 2025 21:03:27 GMT

GET
H3 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v23/ Frame F379 8 KB
8 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v23/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;600&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Origin: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
Referer: https://fonts.googleapis.com/

Response headers

age: 241019
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 03 Jun 2026 08:05:28 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 03 Jun 2025 08:05:28 GMT
last-modified: Wed, 23 Apr 2025 16:07:17 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 8000
x-xss-protection: 0
server: sffe

GET
H2 200 fontgenerator.js Show response
cdn4.buysellads.net/pub/ Frame 1932 724 KB
186 KB 321ms
67ms Script
application/javascript 152.42.150.143
DIGITALOCEAN-ASN

General

Check archive.org

Download Go to

Full URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1749178800000
Requested by: Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 152.42.150.143 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: srv-ams3-0 /
Resource Hash: 9974c29ebf067d0bce2d3483333926beffad66a0edfb2b4c9ab9baead1c70164

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

cache-control: public, max-age=3600, stale-while-revalidate
content-encoding: br
etag: 218dd204564830b86c8cdcd88804beba3642beb8
date: Fri, 06 Jun 2025 03:02:27 GMT
content-type: application/javascript
vary: Accept-Encoding
server: srv-ams3-0

GET
H3 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v43/ Frame 1932 18 KB
18 KB 31ms
8ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v43/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans&family=Ubuntu:wght@500&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11c09bfb0a6a92e9cbd914a5f86731118b052d2fdef2a6a0eac31b1780d3d97b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Origin: https://fontgenerator.cc
Referer: https://fonts.googleapis.com/

Response headers

age: 239896
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 03 Jun 2026 08:24:11 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 03 Jun 2025 08:24:11 GMT
last-modified: Wed, 28 May 2025 17:51:55 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18652
x-xss-protection: 0
server: sffe

GET
H3 200 F.svg
fontgenerator.cc/icons/ Frame 1932 5 KB
3 KB 351ms
350ms Image
image/svg+xml 2606:4700:3031::ac43:80bd
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://fontgenerator.cc/icons/F.svg

Requested by

Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:80bd -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d881b69841cd18f3db8831bd5f0e57149fecd4064d156cb1d3f982626903d60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/embed

Response headers

content-encoding: gzip
cf-cache-status: REVALIDATED
etag: "67e1e2bb-1516"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LUCzVAd7bb27xpwKQx%2Fb01x1LTvNaXOX8syRijLi4XPvzJHq8IBkOF9kjLCJ5NWILWiPbi8Mczuu7c9xm66wwLEeD4vEBQ6THk5F95PPMBkQTTnN5saONnC6TUe69llTTB%2BTXkFIHjozn60hIVK8"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7506&min_rtt=6029&rtt_var=908&sent=52&recv=37&lost=0&retrans=0&sent_bytes=43988&recv_bytes=6220&delivery_rate=2082378&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=37418&unsent_bytes=0&cid=ed8ce673749994c8&ts=1671&x=92"
date: Fri, 06 Jun 2025 03:02:27 GMT
content-type: image/svg+xml
last-modified: Mon, 24 Mar 2025 22:54:51 GMT
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 94b4abc4ea282be5-FRA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 GetSiteAdConfigAPI Show response
app.tinyadz.com/api/ Frame 1932 96 B
737 B 74ms
74ms Fetch
application/json 2606:4700:3033::6815:5adc
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://app.tinyadz.com/api/GetSiteAdConfigAPI?siteId=68323df081da95ab79451781&pageUrl=https%3A%2F%2Ffontgenerator.cc%2Fembed&refererUrl=https%3A%2F%2Fgocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org%2F&width=300&height=120
Requested by: Host: app.tinyadz.com
URL: https://app.tinyadz.com/scripts/ads.js?siteId=68323df081da95ab79451781
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:5adc -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: abf9bfd998405a38e5f5f61e533e4de1298162efc4409b1f161ea04e5901c366

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=0
content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b4yEs419z4RhXxUt7G9finaHHVq5NadBd%2BxTCjhqttlfQWFMRIcz9dlsJTDtTAiqZf4xCcGF%2BXvizinPg1vEv%2FhcdNdSnTpB%2BN7Ty19oNem2AgaGBQMCSxCo8Gn%2FgMDW85YBXSR5QdqybcF0cJw%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 94b4abc4fafb79fb-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7666&min_rtt=3409&rtt_var=3053&sent=15&recv=14&lost=0&retrans=0&sent_bytes=7169&recv_bytes=3801&delivery_rate=321474&ss_exit_cwnd=15463&ss_exit_reason=2&cwnd=15481&unsent_bytes=0&cid=88192beeeaef5b82&ts=431&x=92"
date: Fri, 06 Jun 2025 03:02:27 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding, Origin
server: cloudflare

GET
H3 200 manager.js Show response
app.tinyadz.com/libs/ Frame 1932 10 KB
4 KB 167ms
158ms Script
text/javascript 2606:4700:3033::6815:5adc
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://app.tinyadz.com/libs/manager.js
Requested by: Host: app.tinyadz.com
URL: https://app.tinyadz.com/scripts/ads.js?siteId=68323df081da95ab79451781
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:5adc -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff778b7b7e314753d24c58a200d7a969c32f975d38d91f71e210effda17ed235

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=14400
content-encoding: gzip
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3f1NUpcwCaT0W9E9e2rLEZcwT3z%2FuB9oY9eVaAdjkH85vFDduhQpP4ibmvXdsNEP7M4M3q6GuBUPYwg5dwkcWRtuba%2Fm0KRjgmyEoeNCzvVlomGl8q3HzG%2FXaZPYHef681vHnXIfxbwqIDC3%2BSI%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 94b4abc6dc858c52-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7002&min_rtt=6775&rtt_var=1140&sent=10&recv=10&lost=0&retrans=0&sent_bytes=3637&recv_bytes=3150&delivery_rate=391176&ss_exit_cwnd=15462&ss_exit_reason=2&cwnd=14741&unsent_bytes=0&cid=62b08280355812e1&ts=156&x=92"
date: Fri, 06 Jun 2025 03:02:27 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding, Origin
server: cloudflare
last-modified: Fri, 06 Jun 2025 03:02:27 GMT

GET
H3 200 GetAvailableWidgetsAPI Show response
app.tinyadz.com/api/ Frame 1932 93 B
736 B 379ms
379ms Fetch
application/json 2606:4700:3033::6815:5adc
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://app.tinyadz.com/api/GetAvailableWidgetsAPI?siteId=68323df081da95ab79451781&pageUrl=https%3A%2F%2Ffontgenerator.cc%2Fembed&width=300&height=120
Requested by: Host: app.tinyadz.com
URL: https://app.tinyadz.com/scripts/ads.js?siteId=68323df081da95ab79451781
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:5adc -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1af942c19d7ebd5939d7432a80513388c1020b4ed1c35e81b52ff0d7af32031

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=0
content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8h%2Fe5kIhFRGkLt%2FFCIvZy%2FVT%2FYlPRAUkNb5E%2BFKVuSPzhInTSn2ZqaRxAcvyG1VwtZZTVkPQfErswKBOrRJEKGGtgY12RR%2F00sRt0cTbH35JPaDiHnM406KO7j56eAVHt2rrTWjJKp0cXlw397M%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 94b4abc6bb0f79fb-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7922&min_rtt=3409&rtt_var=2801&sent=18&recv=16&lost=0&retrans=0&sent_bytes=7976&recv_bytes=4237&delivery_rate=321474&ss_exit_cwnd=15463&ss_exit_reason=2&cwnd=15481&unsent_bytes=0&cid=88192beeeaef5b82&ts=1013&x=92"
date: Fri, 06 Jun 2025 03:02:28 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding, Origin
server: cloudflare

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202506040101/ Frame 1932 538 KB
169 KB 33ms
22ms Script
text/javascript 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202506040101/pubads_impl.js?cb=31092854

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3701ed9a9bfca1ae0ea1eec69a1273e713b3b732fe698b0e34cf627c518e256e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

content-encoding: br
etag: 97155609782913607
age: 61269
x-content-type-options: nosniff
expires: Fri, 05 Jun 2026 10:01:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Thu, 05 Jun 2025 10:01:18 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 173205
x-xss-protection: 0
server: cafe

POST
H2 202 event Show response
stats.senty.com.au/api/ Frame 1932 2 B
220 B 400ms
144ms XHR
text/plain 104.237.132.182
AKAMAI-LINODE-AP ...

General

Check archive.org

Download Go to

Full URL: https://stats.senty.com.au/api/event
Requested by: Host: stats.senty.com.au
URL: https://stats.senty.com.au/js/script.outbound-links.pageview-props.tagged-events.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.237.132.182 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 104-237-132-182.ip.linodeusercontent.com
Software: nginx /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://fontgenerator.cc/

Response headers

x-request-id: GEZU_FftwUu5Sz6MjiWh
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 2
date: Fri, 06 Jun 2025 03:02:28 GMT
content-type: text/plain; charset=utf-8
server: nginx

GET
H3 200 gpt
securepubads.g.doubleclick.net/pagead/managed/dict/m202506050101/ Frame 1932 63 KB
23 KB 44ms
43ms Other
text/plain 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/dict/m202506050101/gpt

Requested by

Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

01da644bf62c5e6aa96638ab7eda6f1a03c07c722e690db6dcbf984ca1e790f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
etag: 3121516254080437152
age: 41483
x-content-type-options: nosniff
expires: Thu, 12 Jun 2025 15:31:04 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Thu, 05 Jun 2025 15:31:04 GMT
content-type: text/plain; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=604800, stale-while-revalidate=7200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 23424
x-xss-protection: 0
server: cafe
use-as-dictionary: match="/gampad/ads", id="m202506050101"

GET
H2 200 tag Show response
btloader.com/ Frame 1932 81 KB
26 KB 56ms
16ms Script
application/javascript 2606:4700:10::6816:4bd8
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://btloader.com/tag?o=5102648370397184&upapi=true
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1749178800000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4bd8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56bb42e59f1580d87cabe0b18e6cea0cd641c5226534719d9ea3d5bb3731c341

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

x-robots-tag: noindex, nofollow
cache-control: public, max-age=300, stale-if-error=3600, stale-while-revalidate=300
content-encoding: gzip
cf-cache-status: HIT
etag: "b802979d6c10d9eed45f57f407ecd2bf"
via: 1.1 google
cf-ray: 94b4abc7dc443f0f-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 26521
date: Fri, 06 Jun 2025 03:02:27 GMT
content-type: application/javascript
vary: Accept-Encoding
server: cloudflare
last-modified: Fri, 06 Jun 2025 02:09:52 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 75ms
17ms Preflight
application/json 2a02:2638:d::d
ASN-CRITEO-EUROPE...

General

Check archive.org

Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fgocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org%2F&domain=fontgenerator.cc&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://fontgenerator.cc
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://fontgenerator.cc
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Fri, 06 Jun 2025 03:02:27 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 281586
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

OPTIONS
H2 204 openrtb
ex.ingage.tech/v1/ Frame 0
0 148ms
109ms Preflight 2606:4700:10::6816:ac7
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://ex.ingage.tech/v1/openrtb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:ac7 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://fontgenerator.cc
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://fontgenerator.cc
access-control-max-age: 86400
cf-cache-status: DYNAMIC
cf-ray: 94b4abc8bab02c53-FRA
date: Fri, 06 Jun 2025 03:02:28 GMT
server: cloudflare
vary: Origin, Access-Control-Request-Headers

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ Frame 1932 2 KB
2 KB 46ms
16ms Fetch
application/json 2606:4700::6810:aee2
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20250606

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/saas/9343

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:aee2 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f76a58cae5fad8a8f9f7842043c128055e6c020b4a48807ac3ef484c02e04b48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://fontgenerator.cc/

Response headers

access-control-expose-headers: *
content-encoding: br
cf-cache-status: HIT
etag: W/"632-s2otNAvxipf0ad9N6CnxraOisTk"
age: 39696
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eznR%2BcIHqvKWdBn28lmVXSkGAJ1pEsjSKrySpmbc4mBi%2F%2FLvHmD3jmBXyY1SX0njhbRekDQ6tVbwSgw%2BEBFk0r%2FDfB8YO6M0DzNq22e%2FsGIP6ZjrfssoVrzeDMav%2FXSg6fXgb7qFKTIpDrocz8U%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443"; ma=86400
x-cache: HIT, HIT
date: Fri, 06 Jun 2025 03:02:27 GMT
content-type: application/json; charset=utf-8
x-served-by: cache-fra-eddf8230103-FRA, cache-lga21930-LGA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 94b4abc86c09973a-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 816
server: cloudflare
x-jsd-version: 1.0.2443

POST
H2 200 prebid Show response
id5-sync.com/api/config/ Frame 1932 167 B
449 B 71ms
8ms Fetch
application/json 141.95.33.120
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/saas/9343

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.33.120 , Germany, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ns3203256.ip-141-95-33.eu

Software

Resource Hash

3b9767e5d0bea4d284bb1e624cc6ee3244b13efedfe5424eb5140ef326511eb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://fontgenerator.cc/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: https://fontgenerator.cc
date: Fri, 06 Jun 2025 03:02:27 GMT
content-type: application/json;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-credentials: true

GET
H2 200 json Show response
gum.criteo.com/sid/ Frame 1932 2 B
375 B 52ms
18ms Fetch
application/json 2a02:2638:d::d
ASN-CRITEO-EUROPE...

General

Check archive.org

Download Go to

Full URL

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/saas/9343

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
content-type: application/json
Referer: https://fontgenerator.cc/

Response headers

strict-transport-security: max-age=31536000; preload;
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 214513
expires: 0
access-control-allow-origin: https://fontgenerator.cc
date: Fri, 06 Jun 2025 03:02:27 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
server: Kestrel

GET
H/1.1 200
OK localstore.js Show response
script.4dex.io/ Frame 1932 492 B
1 KB 49ms
18ms Script
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/9343
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 504460751d9d131dae7dcd29927c1cd147be3cb0651003de4ee6b0fea5fef6ae

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

Content-Encoding: br
CF-Cache-Status: HIT
ETag: W/"56dbef354a963eec89c1c0d552909198"
Age: 1796008
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wdb2CmKvhr0%2F0CuFuAfPn%2FIgzJlBN96VjuXEbdOKTShcaELGalUa9vMSATvgeVkHZQ6tjQBGHT0p6%2BEMC1VQgV0VlZ4lCRBG4PQats6Yzk9HoExc9Csf7jlnVm%2FUkAmqhWvj6DVE377lWCOF"}],"group":"cf-nel","max_age":604800}
server-timing: cfL4;desc="?proto=TCP&rtt=6773&min_rtt=6734&rtt_var=1442&sent=5&recv=9&lost=0&retrans=0&sent_bytes=3463&recv_bytes=2237&delivery_rate=588826&cwnd=252&unsent_bytes=0&cid=13c286cfff7457f5&ts=24&x=0"
Date: Fri, 06 Jun 2025 03:02:27 GMT
Content-Type: application/javascript
Last-Modified: Mon, 24 Mar 2025 20:04:12 GMT
Vary: Accept-Encoding
Transfer-Encoding: chunked
Cache-Control: public, max-age=1800
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
CF-RAY: 94b4abc87e8fd292-FRA
Server: cloudflare

GET
H2 200 CEADK5QI.json Show response
srv.buysellads.com/ads/ Frame 1932 0
114 B 119ms
21ms Fetch
application/json 159.65.211.77
DIGITALOCEAN-ASN

General

Check archive.org

Download Go to

Full URL: https://srv.buysellads.com/ads/CEADK5QI.json?forcebanner=589883&ignoretargeting=yes
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1749178800000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 159.65.211.77 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: srv-lon1-2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

access-control-allow-origin: *
content-length: 0
date: Fri, 06 Jun 2025 03:02:27 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
server: srv-lon1-2
access-control-allow-headers: *

POST
H2 200 openrtb Show response
ex.ingage.tech/v1/ Frame 1932 81 B
467 B 130ms
106ms Fetch
application/json 2606:4700:10::6816:ac7
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://ex.ingage.tech/v1/openrtb
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1749178800000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:ac7 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2787c8b75ad49d8a84d1060a92b67d0aedcc4135438cd87efa9b2383c7107df5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
content-type: application/json
Referer: https://fontgenerator.cc/

Response headers

content-encoding: br
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
cf-ray: 94b4abc98ab5373c-FRA
access-control-allow-origin: https://fontgenerator.cc
date: Fri, 06 Jun 2025 03:02:28 GMT
content-type: application/json; charset=utf-8
vary: Origin
server: cloudflare

POST
H2 200 v1 Show response
hb-api.omnitagjs.com/hb-api/prebid/ Frame 1932 535 B
637 B 369ms
274ms Fetch
application/json 34.1.1.166
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fgocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org%2F&PageUrl=https%3A%2F%2Fgocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org%2F&PageReferrer=https%3A%2F%2Fgocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org%2F
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1749178800000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.1.1.166 Paris, France, ASN15169 (GOOGLE, US),
Reverse DNS: 166.1.1.34.bc.googleusercontent.com
Software: fasthttp /
Resource Hash: 2bb1ceb8803e2dd686e59d61054674b915e861f9dbca7d2e0c37e891283a2e59

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://fontgenerator.cc/

Response headers

access-control-max-age: 3600
content-encoding: gzip
x-kong-request-id: fcae3c3048b0c324aea80d2548540963
access-control-allow-credentials: true
access-control-allow-methods: OPTIONS, POST
via: kong/3.6.1
x-kong-upstream-latency: 260
access-control-allow-origin: https://fontgenerator.cc
content-length: 241
date: Fri, 06 Jun 2025 03:02:27 GMT
x-kong-proxy-latency: 0
content-type: application/json; charset=utf-8
vary: Accept-Encoding
server: fasthttp
access-control-allow-headers: Accept-Encoding, Content-Type

POST
H2 200 hb-multi Show response
hb.yellowblue.io/ Frame 1932 82 B
625 B 64ms
36ms Fetch
application/json 52.222.236.91
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://hb.yellowblue.io/hb-multi
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1749178800000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-91.fra56.r.cloudfront.net
Software: istio-envoy /
Resource Hash: 33143403b3c6a89518aa4f6a80dc7d027aea55d0aa0b0f5283437fe7c15d7551

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://fontgenerator.cc/

Response headers

content-encoding: gzip
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
access-control-allow-methods: GET, OPTIONS
via: 1.1 ade2b5e2170ccd4f394b741b27bb0eec.cloudfront.net (CloudFront)
access-control-allow-origin: https://fontgenerator.cc
x-cache: Miss from cloudfront
content-length: 107
x-amz-cf-id: Fnn4HkecIKB0BTW73N72-VaOHsn_JmWi0mzFoF0uACImKtDWTp7TpQ==
date: Fri, 06 Jun 2025 03:02:27 GMT
content-type: application/json
x-amz-cf-pop: FRA56-P4
server: istio-envoy
x-reason: maxmind hosting provider
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ Frame 1932 2 B
247 B 165ms
30ms Fetch
application/json 18.201.5.241
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=8.45.0&lt=1749178947911&to=-120&aun=bsa-zone_1742380026425-9_123456&pubcid=ab717de2-3986-465e-899c-aeeb9be097bc&gpid=%2F22960212090%2C22921845643%2FFontgenerator_S2S_Leaderboard_CarbonFallback_ROS%23bsa-zone_1742380026425-9_123456&t=6dhpqjyv&pi=3&maxw=320&maxh=100&si=1296514&bf=320x50%2C320x100%2C300x50%2C300x100%2C300x75%2C300x250&schain=1.0%2C1!buysellads.com%2C19929%2C1%2C%2C%2C
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1749178800000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.201.5.241 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-201-5-241.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://fontgenerator.cc/

Response headers

cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
pragma: no-cache
access-control-allow-credentials: true
expires: 0
access-control-allow-origin: https://fontgenerator.cc
content-length: 2
date: Fri, 06 Jun 2025 03:02:28 GMT
content-type: application/json;charset=UTF-8
server: nginx

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ Frame 1932 2 B
246 B 169ms
34ms Fetch
application/json 18.201.5.241
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=8.45.0&lt=1749178947911&to=-120&aun=bsa-zone_1742380026425-9_123456&pubcid=ab717de2-3986-465e-899c-aeeb9be097bc&gpid=%2F22960212090%2C22921845643%2FFontgenerator_S2S_Leaderboard_CarbonFallback_ROS%23bsa-zone_1742380026425-9_123456&t=6dhpqjyv&pi=3&maxw=320&maxh=100&si=1296516&bf=320x50%2C320x100%2C300x50%2C300x100%2C300x75%2C300x250&schain=1.0%2C1!buysellads.com%2C19929%2C1%2C%2C%2C
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1749178800000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.201.5.241 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-201-5-241.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://fontgenerator.cc/

Response headers

cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
pragma: no-cache
access-control-allow-credentials: true
expires: 0
access-control-allow-origin: https://fontgenerator.cc
content-length: 2
date: Fri, 06 Jun 2025 03:02:28 GMT
content-type: application/json;charset=UTF-8
server: nginx

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ Frame 1932 2 B
246 B 166ms
32ms Fetch
application/json 18.201.5.241
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=8.45.0&lt=1749178947911&to=-120&aun=bsa-zone_1742380026425-9_123456&pubcid=ab717de2-3986-465e-899c-aeeb9be097bc&gpid=%2F22960212090%2C22921845643%2FFontgenerator_S2S_Leaderboard_CarbonFallback_ROS%23bsa-zone_1742380026425-9_123456&t=6dhpqjyv&pi=3&maxw=320&maxh=100&si=1296517&bf=320x50%2C320x100%2C300x50%2C300x100%2C300x75%2C300x250&schain=1.0%2C1!buysellads.com%2C19929%2C1%2C%2C%2C
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1749178800000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.201.5.241 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-201-5-241.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://fontgenerator.cc/

Response headers

cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
pragma: no-cache
access-control-allow-credentials: true
expires: 0
access-control-allow-origin: https://fontgenerator.cc
content-length: 2
date: Fri, 06 Jun 2025 03:02:28 GMT
content-type: application/json;charset=UTF-8
server: nginx

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ Frame 1932 2 B
246 B 168ms
33ms Fetch
application/json 18.201.5.241
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=8.45.0&lt=1749178947912&to=-120&aun=bsa-zone_1742380026425-9_123456&pubcid=ab717de2-3986-465e-899c-aeeb9be097bc&gpid=%2F22960212090%2C22921845643%2FFontgenerator_S2S_Leaderboard_CarbonFallback_ROS%23bsa-zone_1742380026425-9_123456&t=6dhpqjyv&pi=3&maxw=320&maxh=100&si=1296518&bf=320x50%2C320x100%2C300x50%2C300x100%2C300x75%2C300x250&schain=1.0%2C1!buysellads.com%2C19929%2C1%2C%2C%2C
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1749178800000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.201.5.241 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-201-5-241.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://fontgenerator.cc/

Response headers

cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
pragma: no-cache
access-control-allow-credentials: true
expires: 0
access-control-allow-origin: https://fontgenerator.cc
content-length: 2
date: Fri, 06 Jun 2025 03:02:28 GMT
content-type: application/json;charset=UTF-8
server: nginx

POST
H/1.1 204
No Content 65e9e879eab3382166f737dc Show response
exchange.cootlogix.com/prebid/multi/ Frame 1932 0
439 B 472ms
104ms Fetch 146.190.187.150
DIGITALOCEAN-ASN

General

Check archive.org

Download Go to

Full URL: https://exchange.cootlogix.com/prebid/multi/65e9e879eab3382166f737dc
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1749178800000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 146.190.187.150 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://fontgenerator.cc/

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control
access-control-allow-origin: https://fontgenerator.cc
cache-control: max-age=0, no-cache, must-revalidate, proxy-revalidate
date: Fri, 06 Jun 2025 03:02:28 GMT
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 1932 621 B
1 KB 205ms
88ms Fetch
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=586072&zone_id=3741866&size_id=15&alt_size_ids=19%2C43%2C44%2C117&rp_schain=1.0,1!buysellads.com,19929,1,,,&eid_pubcid.org=ab717de2-3986-465e-899c-aeeb9be097bc%5E1&rf=https%3A%2F%2Fgocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org%2F&tg_i.domain=gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org&tg_i.page=https%3A%2F%2Fgocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org%2F&tg_i.pbadslot=%2F22960212090%2C22921845643%2FFontgenerator_S2S_Leaderboard_CarbonFallback_ROS%23bsa-zone_1742380026425-9_123456&tk_flint=pbjs_lite_v8.45.0&l_pb_bid_id=17198764e9d6bb78&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F22960212090%2C22921845643%2FFontgenerator_S2S_Leaderboard_CarbonFallback_ROS%23bsa-zone_1742380026425-9_123456&m_ch_mobile=%3F0&slots=1&rand=0.4602413113831021
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1749178800000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.27.2 /
Resource Hash: ec05b3ab9c321c57aa5393d994aeaa28eb4bb4b3603d58f35a9c63339f5f654f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://fontgenerator.cc/

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin: https://fontgenerator.cc
date: Fri, 06 Jun 2025 03:02:28 GMT
content-type: application/json
vary: Accept-Encoding
server: nginx/1.27.2

GET
H2 200 trinity.json Show response
apex.go.sonobi.com/ Frame 1932 96 B
1 KB 933ms
109ms Fetch
application/json 2607:f350:3:2569:0:10:0:200a
AS-XFERNET

General

Check archive.org

Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22190dd0f1b457d008%22%3A%22fa87082a6d5773189466%7C320x50%2C320x100%2C300x50%2C300x100%2C300x75%2C300x250%7Cgpid%3D%2F22960212090%2C22921845643%2FFontgenerator_S2S_Leaderboard_CarbonFallback_ROS%23bsa-zone_1742380026425-9_123456%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fgocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org%2F&s=9aff6d70-f8f4-4272-ac05-32bfac927095&pv=98c3b8c9-e810-4593-b1e8-d156c803403c&vp=mobile&lib_name=prebid&lib_v=8.45.0&us=8&iqid=%7B%22pcid%22%3A%2239325590-7b46-49a3-9e45-7d7671de068c%22%2C%22pcidDate%22%3A1749178947918%7D&fpd=%7B%22source%22%3A%7B%7D%2C%22site%22%3A%7B%22domain%22%3A%22gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org%22%2C%22publisher%22%3A%7B%22domain%22%3A%22gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org%22%7D%2C%22page%22%3A%22https%3A%2F%2Fgocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org%2F%22%7D%2C%22device%22%3A%7B%22w%22%3A300%2C%22h%22%3A120%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F137.0.0.0%20Safari%2F537.36%22%2C%22language%22%3A%22de%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22buysellads.com%22%2C%22sid%22%3A%2219929%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22ab717de2-3986-465e-899c-aeeb9be097bc%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1749178800000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f350:3:2569:0:10:0:200a , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

739c3c21a45007bb77d9cd066e056f95b3de4cd11adb1ba9c78beee1b8a3c477

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://fontgenerator.cc/

Response headers

cache-control: no-cache, no-store, private
pragma: no-cache
access-control-allow-credentials: true
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: https://fontgenerator.cc
content-length: 96
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
date: Fri, 06 Jun 2025 03:02:28 GMT
tcn: Choice
content-type: application/json
vary: negotiate,Accept-Encoding
server: sonobi-go
x-go-server: go-iad-2-5-179
x-xss-protection: 0

POST
H2 200 adreq Show response
ads.servenobid.com/ Frame 1932 394 B
622 B 338ms
260ms Fetch
application/json 143.244.197.139
DIGITALOCEAN-ASN

General

Check archive.org

Download Go to

Full URL

https://ads.servenobid.com/adreq?cb=5564

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1749178800000

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

143.244.197.139 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

80f3013bfce24a114aa398b5bc20bbce3c86a4a39f55492e3ddba8a091c1a0ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://fontgenerator.cc/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-encoding: gzip
access-control-allow-credentials: true
amp-access-control-allow-source-origin: *
access-control-allow-origin: https://fontgenerator.cc
date: Fri, 06 Jun 2025 03:02:28 GMT
content-type: application/json
vary: accept-encoding

POST
H2 200 prebid Show response
prebid.media.net/rtb/ Frame 1932 32 B
556 B 162ms
110ms Fetch
application/json 34.120.63.153
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU18831I
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1749178800000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 153.63.120.34.bc.googleusercontent.com
Software: envoy /
Resource Hash: dbe5b7ecbb1e59ac15de1b1ea340c9540f8d1cf1764c667aeca64a1fdd3b639c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://fontgenerator.cc/

Response headers

cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: gzip
pragma: no-cache
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
x-envoy-upstream-service-time: 93
access-control-allow-credentials: true
via: 1.1 google
expires: Fri, 06 Jun 2025 03:02:27 GMT
access-control-allow-origin: https://fontgenerator.cc
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52
date: Fri, 06 Jun 2025 03:02:28 GMT
content-type: application/json;charset=utf-8
server: envoy

POST
H/1.1 200
OK buysellads Show response
direct.adsrvr.org/bid/bidder/ Frame 1932 0
420 B 237ms
34ms Fetch
application/json 52.223.6.21
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://direct.adsrvr.org/bid/bidder/buysellads
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1749178800000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.223.6.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a8c33d2b6751b365d.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://fontgenerator.cc/

Response headers

x-openrtb-version: 2.3
cache-control: private
access-control-allow-credentials: true
access-control-allow-origin: https://fontgenerator.cc
content-length: 0
date: Fri, 06 Jun 2025 03:02:27 GMT
content-type: application/json
server: Kestrel
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept, x-integration-type

POST
H2 200 prebid-request Show response
onetag-sys.com/ Frame 1932 15 B
413 B 106ms
9ms Fetch
application/json 51.38.120.206
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1749178800000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://fontgenerator.cc/

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-origin: https://fontgenerator.cc
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
content-length: 41
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 1932 0
223 B 92ms
18ms Fetch 2a02:2638:3::39
ASN-CRITEO-EUROPE...

General

Check archive.org

Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.45.0&cb=27597034204&lsavail=1

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1749178800000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::39 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://fontgenerator.cc/

Response headers

strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
observe-browsing-topics: ?1
access-control-allow-origin: https://fontgenerator.cc
date: Fri, 06 Jun 2025 03:02:27 GMT
vary: Origin
server: Kestrel

POST
H2 200 prebidjs Show response
rtb.openx.net/openrtbb/ Frame 1932 53 B
294 B 64ms
14ms Fetch
text/plain 35.186.253.211
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1749178800000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: /
Resource Hash: f1f8fd7a1e65e395a36289c410c4b293726a2f21f039d8f8cad4440ca440393d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://fontgenerator.cc/

Response headers

content-encoding: gzip
x-forwarded-for: 45.141.152.76
access-control-allow-credentials: true
observe-browsing-topics: ?1
via: 1.1 google
access-control-allow-origin: https://fontgenerator.cc
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77
date: Fri, 06 Jun 2025 03:02:27 GMT
content-type: text/plain
vary: Origin

POST
H2 200 v1 Show response
prg.smartadserver.com/prebid/ Frame 1932 196 B
441 B 474ms
326ms Fetch
application/json 217.182.178.224
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1749178800000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.182.178.224 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ip224.ip-217-182-178.eu
Software: /
Resource Hash: dc1293460e62d8f4d91ef29b9bac4f123837f7c2c840ef3a52763782c12bc682

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://fontgenerator.cc/

Response headers

cache-control: no-cache,no-store
content-encoding: br
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-origin: https://fontgenerator.cc
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date: Fri, 06 Jun 2025 03:02:28 GMT
content-type: application/json; charset=UTF-8
vary: Accept-Encoding, Origin

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ Frame 1932 19 B
583 B 80ms
11ms Fetch
application/json 37.252.171.53
ASN-APPNEX

General

Check archive.org

Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1749178800000

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://fontgenerator.cc/

Response headers

cache-control: no-store, no-cache, private
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 45.141.152.76; 45.141.152.76; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; *.adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: https://fontgenerator.cc
an-x-request-uuid: 2ca64db8-2552-4a54-b49b-d24144b99f5a
content-length: 19
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Fri, 06 Jun 2025 03:02:28 GMT
x-xss-protection: 0
content-type: application/json; charset=utf-8
server: nginx/1.23.4

GET
H2 200 dns Show response
ag.dns-finder.com/meta/ Frame 1932 2 B
233 B 190ms
121ms Fetch
text/plain 34.36.200.111
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://ag.dns-finder.com/meta/dns
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5102648370397184&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.36.200.111 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 111.200.36.34.bc.googleusercontent.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

cache-control: private, max-age=180, stale-if-error=180, stale-while-revalidate=180
access-control-expose-headers: X-Resolver
x-resolver: default
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
date: Fri, 06 Jun 2025 03:02:28 GMT
content-type: text/plain; charset=utf-8
vary: Origin

GET
H2 200 px.gif
ad-delivery.net/ Frame 1932 43 B
542 B 47ms
16ms Image
image/gif 2606:4700:10::6816:541
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:541 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

x-goog-metageneration: 5
access-control-expose-headers: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status: HIT
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
age: 1807698
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 43
date: Fri, 06 Jun 2025 03:02:28 GMT
content-type: image/gif
vary: Accept-Encoding
last-modified: Wed, 05 May 2021 19:25:32 GMT
x-guploader-uploadid: AKDAyIuUlQaOHLtCB-ZhVeUIxo8YppZ5V2nDXoWlR3n49vLY7JYsgnOhtyEo5TMX7D7YdL2l
cache-control: public, max-age=86400
x-goog-storage-class: MULTI_REGIONAL
via: 1.1 google
cf-ray: 94b4abc8f8bdd356-FRA
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1620242732037093
content-length: 43
server: cloudflare

GET
H3 200 favicon.ico
ad.doubleclick.net/ Frame 1932 1 KB
130 B 43ms
11ms Image
image/x-icon 172.217.18.6
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

content-encoding: gzip
age: 81432
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options: nosniff
expires: Fri, 06 Jun 2025 04:25:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 05 Jun 2025 04:25:15 GMT
last-modified: Tue, 08 May 2012 13:08:06 GMT
content-type: image/x-icon
vary: Accept-Encoding
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
content-length: 104
x-xss-protection: 0
server: sffe

GET
H2 200 px.gif
ad-delivery.net/ Frame 1932 43 B
111 B 49ms
19ms Image
image/gif 2606:4700:10::6816:541
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.06256683576853528
Requested by: Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:541 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

x-goog-metageneration: 5
access-control-expose-headers: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status: HIT
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
age: 1807698
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 43
date: Fri, 06 Jun 2025 03:02:28 GMT
content-type: image/gif
vary: Accept-Encoding
last-modified: Wed, 05 May 2021 19:25:32 GMT
x-guploader-uploadid: AKDAyIuUlQaOHLtCB-ZhVeUIxo8YppZ5V2nDXoWlR3n49vLY7JYsgnOhtyEo5TMX7D7YdL2l
cache-control: public, max-age=86400
x-goog-storage-class: MULTI_REGIONAL
via: 1.1 google
cf-ray: 94b4abc8f8bbd356-FRA
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1620242732037093
content-length: 43
server: cloudflare

GET
H/1.1 200
OK adagio.js Show response
script.4dex.io/a/latest/ Frame 1932 61 KB
19 KB 34ms
17ms Fetch
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://script.4dex.io/a/latest/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9de56ba22416192d18869051fdaa33876a9b6b3c7ed326abc7c8cc8503027797

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

Access-Control-Expose-Headers
Content-Encoding: br
CF-Cache-Status: HIT
ETag: W/"4ebf7042f3ba84fbe39534d4fa8c5c86"
Age: 1840807
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IHUI7Y6WhnFrV1GGVdVEtAN8BtpGIsAbD0QhHT7M3l2kdyrCNrpu%2By66JScfNCsDokm9yz3u0cmeWLPRYiBjv9ajmjkW8MLxSb0%2BnkoE6JjYaFlfiech7NBr0OksdVn9erWSpSsVZMVpDxhO"}],"group":"cf-nel","max_age":604800}
server-timing: cfL4;desc="?proto=TCP&rtt=6868&min_rtt=6806&rtt_var=1488&sent=6&recv=9&lost=0&retrans=0&sent_bytes=3464&recv_bytes=2302&delivery_rate=583650&cwnd=252&unsent_bytes=0&cid=8c4e5584a1dc01ab&ts=19&x=0"
Date: Fri, 06 Jun 2025 03:02:27 GMT
Content-Type: application/javascript
Last-Modified: Mon, 24 Mar 2025 20:04:09 GMT
Vary: Origin, Accept-Encoding
Transfer-Encoding: chunked
Cache-Control: public, max-age=1800
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
CF-RAY: 94b4abc8ed22dc95-FRA
Access-Control-Allow-Origin: *
Server: cloudflare

GET
H/1.1 200
OK adagio.js Show response
script.4dex.io/a/latest/ Frame 1932 61 KB
947 B 71ms
18ms Fetch
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://script.4dex.io/a/latest/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9de56ba22416192d18869051fdaa33876a9b6b3c7ed326abc7c8cc8503027797

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

Access-Control-Expose-Headers
Content-Encoding: br
CF-Cache-Status: HIT
ETag: W/"4ebf7042f3ba84fbe39534d4fa8c5c86"
Age: 1840808
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xhVd5WqHAFJDsy11gD2B5X7CCrYvG52w5cwiPELRLws6Fk3H2j%2Brmu9t9Zjr4BEybCSaHMFCF2nTdc1SF4BwFOdk%2FdClvTqAxes3g92%2ByXrJohWg0zbXfwIXh%2FGpjQ2aderzTnpl40rLNDgw"}],"group":"cf-nel","max_age":604800}
server-timing: cfL4;desc="?proto=TCP&rtt=6781&min_rtt=6662&rtt_var=1950&sent=4&recv=8&lost=0&retrans=0&sent_bytes=1381&recv_bytes=2580&delivery_rate=393831&cwnd=251&unsent_bytes=0&cid=bc91dfa46b19384c&ts=21&x=0"
Date: Fri, 06 Jun 2025 03:02:28 GMT
Last-Modified: Mon, 24 Mar 2025 20:04:09 GMT
Vary: Origin, Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=1800
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
CF-RAY: 94b4abc91ea84d8d-FRA
Access-Control-Allow-Origin: *
Server: cloudflare

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ Frame 1932 56 B
299 B 50ms
5ms Fetch
application/json 57.129.85.132
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/saas/9343

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

57.129.85.132 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ns3249663.ip-57-129-85.eu

Software

Resource Hash

39877576162346cba084b5dfbd13da63cc5ce2d2f1596780e2f6e264d4281538

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://fontgenerator.cc/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: https://fontgenerator.cc
date: Fri, 06 Jun 2025 03:02:27 GMT
content-type: application/json;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2 200 eruda Show response
cdn.jsdelivr.net/npm/ 464 KB
115 KB 39ms
15ms Script
application/javascript 2606:4700::6810:afe2
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://cdn.jsdelivr.net/npm/eruda

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:afe2 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6df3805da066f2dbaeaa547b4ca83fa5c7c10ca8b6ba4357b0897bf3cc3b9a1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/

Response headers

access-control-expose-headers: *
content-encoding: br
cf-cache-status: HIT
etag: W/"73eb0-Dx06OqDSMQPOVX/f6nBmzvwreY0"
age: 4675
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K2nP%2FtJ8mujid0M0bGX%2FWEbbMoTPS8VQ53hZSaFAotDfQJUYOWukmR67izuyVIlyj3l%2BSUuR9jUQ7EcyBU078yAGqRlZmK6nO690wQdcfD7G%2BeDEZNWpOBeSZO0yIx9feMnbJm5OKIO9Ok197LE%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443"; ma=86400
x-cache: HIT, HIT
date: Fri, 06 Jun 2025 03:02:28 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-eddf8230066-FRA, cache-lga21974-LGA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 94b4abc94e6edc78-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 116465
server: cloudflare
x-jsd-version: 3.4.1

GET
H3 200 home.png
gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/assets/imgs/icons/pages/ 13 KB
13 KB 96ms
94ms Image
image/png 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to Show image

Full URL: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/assets/imgs/icons/pages/home.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: 33c90221403fec4c268cf866ea954a740331d68ef1255c628a386093225ee109

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/

Response headers

cache-control: public, max-age=86400, must-revalidate, public, max-age=604800
cross-origin-opener-policy: same-origin
etag: W/"32de-19630f6df13"
via: 1.1 Caddy
accept-ranges: bytes
content-length: 13022
date: Fri, 06 Jun 2025 03:02:28 GMT
content-type: image/png
last-modified: Sun, 13 Apr 2025 21:03:27 GMT
x-powered-by: Express

GET
H3 200 favicon.ico
gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/ 15 KB
3 KB 98ms
95ms Other
image/vnd.microsoft.icon 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: 17121520efdb21823ea10bdc2115a34f772f78c0bea04cfdff41d615c520616e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/

Response headers

cache-control: public, max-age=604800
cross-origin-opener-policy: same-origin
content-encoding: gzip
etag: W/"3c2e-191c2e4c57b"
via: 1.1 Caddy
content-length: 2990
date: Fri, 06 Jun 2025 03:02:28 GMT
last-modified: Thu, 05 Sep 2024 15:54:18 GMT
vary: Accept-Encoding
x-powered-by: Express
content-type: image/vnd.microsoft.icon

POST
H2 200 481.json Show response
id5-sync.com/g/v2/ Frame 1932 385 B
645 B 24ms
8ms Fetch
application/json 141.95.33.120
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL

https://id5-sync.com/g/v2/481.json

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/saas/9343

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.33.120 , Germany, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ns3203256.ip-141-95-33.eu

Software

Resource Hash

07e462f351422c423425495a5131b1b40d263fbbda370864e4ab6af7b926c5b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://fontgenerator.cc/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: https://fontgenerator.cc
date: Fri, 06 Jun 2025 03:02:28 GMT
content-type: application/json
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true

GET
H2 200 trustedIframe.html Show response
btloader.com/ Frame A4F7 1 KB
867 B 127ms
126ms Document
text/html 2606:4700:10::6816:4bd8
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://btloader.com/trustedIframe.html?o=5102648370397184
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5102648370397184&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4bd8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a30f638a99c9ba4992888cfe0b39dba72bd670d32f975fd208ceaed04c5a80c

Request headers

Referer: https://fontgenerator.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36

Response headers

cf-cache-status: DYNAMIC
cf-ray: 94b4abca1de53f0f-FRA
content-encoding: br
content-type: text/html
date: Fri, 06 Jun 2025 03:02:28 GMT
server: cloudflare
server-timing: cfCacheStatus;desc="DYNAMIC"
vary: Origin
via: 1.1 google

GET
H2 200 country Show response
api.btloader.com/ Frame 1932 37 B
153 B 242ms
122ms Fetch
application/json 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://api.btloader.com/country?o=5102648370397184
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5102648370397184&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 04fcb3b36a8a7bdccb4d6d19f659416dbea46e4599303c362b95cc36b079c1ce

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

cache-control: private, max-age=300, stale-while-revalidate=600, stale-if-error=600
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37
date: Fri, 06 Jun 2025 03:02:28 GMT
content-type: application/json
vary: Origin

POST
H2 204 pv
api.btloader.com/ Frame 1932 0
0 235ms
120ms Fetch 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://api.btloader.com/pv?nlf=false&tid=PNt6DUMQK-MURsAowJFC-974330996f&sid=F67CmzT82-oRwemnMw1F-9743309970&cv=2.1.108-3-g82e601e&upapi=true
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5102648370397184&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

via: 1.1 google
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 06 Jun 2025 03:02:28 GMT
vary: Origin

GET
H2 200 vcd15cbe7772f49c399c6a5babf22c1241717689176015 Show response
static.cloudflareinsights.com/beacon.min.js/ Frame A4F7 19 KB
7 KB 34ms
15ms Script
text/javascript 2606:4700::6810:5049
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by: Host: btloader.com
URL: https://btloader.com/trustedIframe.html?o=5102648370397184
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5049 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Origin: https://btloader.com
Referer: https://btloader.com/

Response headers

cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"2024.6.1"
cross-origin-resource-policy: cross-origin
cf-ray: 94b4abcb08663554-FRA
access-control-allow-origin: *
date: Fri, 06 Jun 2025 03:02:28 GMT
content-type: text/javascript;charset=UTF-8
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
vary: Accept-Encoding
server: cloudflare

POST
H2 204 rum Show response
btloader.com/cdn-cgi/ Frame A4F7 0
173 B 14ms
12ms XHR
text/plain 2606:4700:10::6816:4bd8
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://btloader.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4bd8 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
content-type: application/json
Referer: https://btloader.com/trustedIframe.html?o=5102648370397184

Response headers

access-control-max-age: 86400
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-methods: POST,OPTIONS
cf-ray: 94b4abcb3ec13f0f-FRA
access-control-allow-origin: https://btloader.com
date: Fri, 06 Jun 2025 03:02:28 GMT
vary: Origin
server: cloudflare
x-frame-options: DENY

GET
H3 200 sodar Show response
ep1.adtrafficquality.google/getconfig/ Frame 1932 17 KB
13 KB 54ms
34ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gpt&tv=m202506040101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202506040101/pubads_impl.js?cb=31092854

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0cd1e69a6ab3c62325d7dafd3e4d7cdb1628913ad0bec28816a4422eb36de2a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 13151
date: Fri, 06 Jun 2025 03:02:29 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ Frame 1932 654 B
352 B 54ms
34ms Fetch
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=2495326643020258&correlator=3278799070491787&eid=31092804%2C95353385%2C95361093%2C31092854&output=ldjh&gdfp_req=1&vrg=202506040101&ptt=17&impl=fifs&iu_parts=22960212090%3A22921845643%2CFontgenerator_S2S_Leaderboard_CarbonFallback_ROS&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C320x50%7C320x100%7C300x50%7C300x100%7C300x75%7C300x250&fluid=height&ifi=1&didk=1335524158&dids=bsa-zone_1742380026425-9_12345&adfs=4189537219&sfv=1-0-45&eri=1&sc=1&cdm=fontgenerator.cc&abxe=1&dt=1749178948967&lmt=1749178948&adxs=30&adys=225&biw=-12245933&bih=-12245933&isw=300&ish=120&scr_x=-12245933&scr_y=-12245933&ucis=cutor681ucqk&oid=2&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=1&url=https%3A%2F%2Ffontgenerator.cc%2Fembed&ref=https%3A%2F%2Fgocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org%2F&top=https%3A%2F%2Fgocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org%2F&vis=1&psz=233x224&msz=240x40&fws=260&ohw=300&topics=5&tps=5&htps=5&a3p=EhMKDGlkNS1zeW5jLmNvbRIBMFgBEjQKCnB1YmNpZC5vcmcSJDBlYjg4ODhjLWFlNjctNGM0MC1hMWM1LTYwNTMyMmVhN2ExMlgB&nt=1&psd=WzMxLFtdLG51bGwsM10.&dlt=1749178946948&idt=873&ppid=0eb8888cae674c40a1c5605322ea7a12&prev_scp=optimize_auction_id%3D1%26optimize_upstreams%3DPrebid%26optimize_ad_unit_id%3Dbsa-zone_1742380026425-9_123456%26optimize_imp_id%3D1749178948937-1bb2c649%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0&cust_params=origin%3Dunknown%26ECT%3D4g%26hb_rf%3D0%26optimize_acceptable%3Dfalse%26optimize_adl_debug%3Dfalse%26optimize_ctv_debug%3Dfalse%26optimize_debug%3Dfalse%26optimize%3Dtrue%26optimize_adl_id%3D%26optimize_amp%3Dfalse%26optimize_audience%3Ddesign%26optimize_env%3Dprod%26optimize_pub%3Dfontgenerator%26optimize_xp%3Da%26optimize_refreshed%3Dfalse%26optimize_pathname%3D%252Fembed%26optimize_pv_id%3D1749178947944-31d1ff69&adks=400283343&frm=24&eoidce=1&pbbce=1&td=1&egid=1407&tan=f1878bd0-05c1-4db0-b516-2a5eeaa40e4f&tdf=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202506040101/pubads_impl.js?cb=31092854

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8702b13ab6fb44f2027bfd0667fa985d82813df0041d5912e446dce583706894

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

content-encoding: br
google-lineitem-id: -2
x-content-type-options: nosniff
google-mediationtag-id: -2
google-mediationgroup-id: -2
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Fri, 06 Jun 2025 03:02:29 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: -2
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://fontgenerator.cc
content-length: 323
x-xss-protection: 0
server: cafe

GET
H3 200 container.html Show response
44a2a511f66f192a5aa6fa455f77babc.safeframe.googlesyndication.com/safeframe/1-0-45/html/ Frame F868 7 KB
3 KB 107ms
16ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://44a2a511f66f192a5aa6fa455f77babc.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202506040101/pubads_impl.js?cb=31092854

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1a68bf826c55985468304f4284a09cb8a68e82503d764166e611a7c58a85a4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fontgenerator.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 3121
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 06 Jun 2025 03:02:29 GMT
expires: Fri, 06 Jun 2025 03:02:29 GMT
last-modified: Thu, 08 May 2025 23:15:48 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
ep2.adtrafficquality.google/sodar/ Frame 1932 20 KB
7 KB 82ms
15ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202506040101/pubads_impl.js?cb=31092854

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7f65c0446b6cac3175458f6388304d0c23e70d11fa0db20920a619f1bc18623

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

content-encoding: gzip
etag: "1747411493688989"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options: nosniff
expires: Fri, 06 Jun 2025 03:02:29 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 06 Jun 2025 03:02:29 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: private, max-age=3000
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 7188
x-xss-protection: 0
server: sffe

GET
H2 200 runner.html Show response
ep2.adtrafficquality.google/sodar/sodar2/237/ Frame 67BE 13 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14b660a511e14a9a481c6fe43c576f36c61b656cfd379728c54f1128e1855966

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fontgenerator.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 2578
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000
content-encoding: gzip
content-length: 5044
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 06 Jun 2025 02:19:31 GMT
expires: Fri, 06 Jun 2025 03:09:31 GMT
last-modified: Tue, 13 May 2025 23:17:50 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 9EEy8ZQeoFRgEmcDjf2Je-n7wBgcE263nH-zUJ5dJeg.js Show response
pagead2.googlesyndication.com/bg/ Frame 67BE 54 KB
21 KB 19ms
17ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/9EEy8ZQeoFRgEmcDjf2Je-n7wBgcE263nH-zUJ5dJeg.js

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f44132f1941ea054601267038dfd897be9fbc0181c136eb79c7fb3509e5d25e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://ep2.adtrafficquality.google/

Response headers

content-encoding: br
age: 63375
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
x-content-type-options: nosniff
expires: Fri, 05 Jun 2026 09:26:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 05 Jun 2025 09:26:14 GMT
last-modified: Mon, 19 May 2025 09:28:00 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
accept-ranges: bytes
content-length: 21041
x-xss-protection: 0
server: sffe

POST rum
btloader.com/cdn-cgi/ Frame A4F7 0
0

GET
H3 204 generate_204
ep2.adtrafficquality.google/ Frame 67BE 0
10 B 8ms
8ms Image
text/plain 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL: https://ep2.adtrafficquality.google/generate_204?K5o-Bg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Fri, 06 Jun 2025 03:02:29 GMT
cross-origin-resource-policy: cross-origin

GET
H3 204 sodar
ep1.adtrafficquality.google/pagead/ Frame 1932 0
17 B 28ms
26ms Image
image/ 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=237&t=2&li=gpt_m202506040101&jk=2495326643020258&bg=!fH-lfzDNAAYA59AtIOc7ADQBe5WfOMi1fouE0zHzwTNM4IYoElcPa8QaFMNIEsr7hBPzdFuc8vD_bAVslms8kPlB_tvIAgAAADxSAAAAA2gBB34ANrrWOwVUKlnX73pTyvzW1UguYtENaPGkXaW9TvNKwi_VVZh3E6XwA5UVXUN_pwaT5GJE-9ToTJkCxjyGtNDS8z3XYAPYlsPFUmatkH0fZexAAaK1LI-RvxLBQk0zyLIXyw8MwQv2LqNshDkqXd0f60ZpS43OwJWE9berFFKvQemVwml7LHvmvzNti6uc3l-P1L2doHqeCKK9Rqlfcabfja5Su30pSCNgAojkkrDEJhT3-ijNWvUIqEEdE-h3PAFiTZGp0n5JBuOvzzkDlSy3IXiY4YMWtMtC0njM2KKSmVRVBUAWMeVdUX6FkJQPTqp6ls0yzH1tMhjgyVAQiB6G4emc1owffuO6jrwDhCtZCg3E05c64usvfqJNDXa-ru1LogBCJP0iINOJF10TV1U7pBaYQ7q_2EJ4nl2D9TjxciEnH_OY-uJ6vi1QfHfNU3BgwwlpBtQi0ap4vUbQsjK1NKzAqqHYVdQoOHLO38q0sufCCtpwVbgZCY1cXaUX4mmZv0gLotfybgRajHO9fXNylh2u33y2pC0sM7-4epsHiONPkkUeNIzmm1desCDL0UViR5Kqgpt2gMKxsco4dfKw_oH36jrI1X-BxmUNwsGnzNQMwTOhoS-Ul6XbRR2UPN_1pcDGzDlEH-68Nk-kTzLcYlOpY7nECE21-e2DtgTm0xdBc8MACQc1YpzbH_nwhbGkhL7Fuaub9oCuBSEtgwZ7yWq_u-p8ckkrVbN7qzhlKEnLcPta0ZgDZV-2fGxKKR41Yn0fCuOwCBkUWuesgQA_A9EOeLiUEPm8kKBxBoDAHULSrarCqSd2b75y4rIQe94uncx1-In0y_qkfZkGzt532Ql00-dMW7Xd0DJ6B8cxx1xnTmR2OQYudj2_Lxh7_553ay5jxYa2WXKXOJxUKl8poiDe6bolQTi_Xc64Raumk1HsMih-KbhjxQS5VFVKYiLL1cQEN1hAFfd1cdAnPCD0Fk2lYama7GuHMZBu3sqhHpBwWSIkfrdXe-NVl0UXTDfI

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Fri, 06 Jun 2025 03:02:29 GMT
x-xss-protection: 0
content-type: image/
server: cafe

POST
H3 204 collect Show response
www.google-analytics.com/g/ 0
20 B 44ms
43ms Fetch
text/plain 2a00:1450:400d:808::200e
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-NCTSG4T1B6&gtm=45je5641v9138172222za204&_p=1749178944754&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101509157~103116026~103200004~103233427~103351869~103351871~104617976~104617978~104651273~104651275~104653070~104653072~104661466~104661468~104698127~104698129&cid=338758318.1749178945&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEAAAAQ&_s=2&sid=1749178945&sct=1&seg=0&dl=https%3A%2F%2Fgocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org%2F&dt=Shadow&en=scroll&epn.percent_scrolled=90&_et=7&tfd=6212
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/eruda
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:808::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:102:0
report-to: {"group":"ascnsrsggc:102:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:102:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:102:0
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 06 Jun 2025 03:02:30 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 home.png
gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/assets/imgs/icons/pages/ 13 KB
0 0ms
0ms Image
image/png 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to Show image

Full URL: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/assets/imgs/icons/pages/home.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: 33c90221403fec4c268cf866ea954a740331d68ef1255c628a386093225ee109

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/

Response headers

cache-control: public, max-age=86400, must-revalidate, public, max-age=604800
cross-origin-opener-policy: same-origin
etag: W/"32de-19630f6df13"
via: 1.1 Caddy
accept-ranges: bytes
content-length: 13022
date: Fri, 06 Jun 2025 03:02:28 GMT
content-type: image/png
last-modified: Sun, 13 Apr 2025 21:03:27 GMT
x-powered-by: Express

GET
H2 200 publishertag.prebid.144.js Show response
static.criteo.net/js/ld/ Frame 1932 96 KB
31 KB 390ms
29ms Script
text/javascript 2a02:2638:3::28

General

Check archive.org

Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.144.js

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1749178800000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::28 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

strict-transport-security: max-age=31536000; preload;
cache-control: max-age=86400, public
timing-allow-origin: *
content-encoding: gzip
etag: W/"653b5c0e-1811e"
cross-origin-resource-policy: cross-origin
expires: Sat, 07 Jun 2025 03:02:31 GMT
access-control-allow-origin: *
date: Fri, 06 Jun 2025 03:02:31 GMT
content-type: text/javascript
last-modified: Fri, 27 Oct 2023 06:43:26 GMT
server: nginx

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame E492 16 KB
6 KB 19ms
19ms Document
text/html 2a02:2638:d::d
ASN-CRITEO-EUROPE...

General

Check archive.org

Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.144.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

0aca0059858b2523732cf689da636105ef00c1bb99207b5aefe01ecb3cc1ce42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://fontgenerator.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 06 Jun 2025 03:02:31 GMT
server: Kestrel
server-processing-duration-in-ticks: 304621
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2 200 publishertag.prebid.144.js Show response
static.criteo.net/js/ld/ Frame 1932 96 KB
0 0ms
0ms XHR
text/javascript 2a02:2638:3::28

General

Check archive.org

Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.144.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.144.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:3::28 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

cache-control: max-age=86400, public
timing-allow-origin: *
content-encoding: gzip
etag: W/"653b5c0e-1811e"
cross-origin-resource-policy: cross-origin
expires: Sat, 07 Jun 2025 03:02:31 GMT
access-control-allow-origin: *
date: Fri, 06 Jun 2025 03:02:31 GMT
content-type: text/javascript
last-modified: Fri, 27 Oct 2023 06:43:26 GMT
server: nginx

GET
H2

200

sid Show response
mug.criteo.com/ Frame E492
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=fontgenerator.cc&sn=ChromeSyncframe&so=0&topUrl=gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdn...
https://mug.criteo.com/sid?cpp=STPFaHxIVTgwaEtjTFZrWnRId0NHaUZlSnk0TWh4TkdkS1hjUzN5RUZRSy80d3Q4d2VBQWFabUFOaGhlOGxDRVZkdmFONUh5UkdESzVCNCtYM05SV2RQVENpNllSSFVJSmpKNFp5cnBpTXFDYUFLam1KWXl0cUVYNmhSeV...

481 B
1 KB

133ms
15ms

Fetch
application/json

178.250.1.11

General

Check archive.org

Download Go to

Full URL

https://mug.criteo.com/sid?cpp=STPFaHxIVTgwaEtjTFZrWnRId0NHaUZlSnk0TWh4TkdkS1hjUzN5RUZRSy80d3Q4d2VBQWFabUFOaGhlOGxDRVZkdmFONUh5UkdESzVCNCtYM05SV2RQVENpNllSSFVJSmpKNFp5cnBpTXFDYUFLam1KWXl0cUVYNmhSeVRIVEpyVEZlM2pBRzJpcGRrNzJRaHEzTzNMUlRxSkx0d0EvTmplVllHaW9hZ0g4N0x2TGhmTnJTeUc0SDUyZlIzK1RmL0tLZWtCQ3B3TXZxdGt6WVczdytMU3lYSTNYWFl0eHhJSlhkWTR0TjhFaGYzaXFFT084M0g1WFlVYUZyemllalRPVFNncTE5MjVwZDdKdWI0WEFiWk5YY1lLMUd5dnB1RTkyVmFWUmJZemM2aU9rSVJxRkRrVTlSNUlwQWVrbmo0ditmL0VIUk96UU5aSHUrK05tVXU5bHJHNVVveldNMWpVaHdwdFR5NmpJNy9vckU9fA&cppv=2

Protocol

Server

178.250.1.11 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

784b93afba40b40483bdbdc3c9e3d5228d713336518d280baf84627a38f856de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://gum.criteo.com/

Response headers

strict-transport-security: max-age=31536000; preload;
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1137475
expires: 0
access-control-allow-origin: https://gum.criteo.com
date: Fri, 06 Jun 2025 03:02:31 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
server: Kestrel

Redirect headers

strict-transport-security: max-age=31536000; preload;
cache-control: no-cache, no-store, must-revalidate
location: https://mug.criteo.com/sid?cpp=STPFaHxIVTgwaEtjTFZrWnRId0NHaUZlSnk0TWh4TkdkS1hjUzN5RUZRSy80d3Q4d2VBQWFabUFOaGhlOGxDRVZkdmFONUh5UkdESzVCNCtYM05SV2RQVENpNllSSFVJSmpKNFp5cnBpTXFDYUFLam1KWXl0cUVYNmhSeVRIVEpyVEZlM2pBRzJpcGRrNzJRaHEzTzNMUlRxSkx0d0EvTmplVllHaW9hZ0g4N0x2TGhmTnJTeUc0SDUyZlIzK1RmL0tLZWtCQ3B3TXZxdGt6WVczdytMU3lYSTNYWFl0eHhJSlhkWTR0TjhFaGYzaXFFT084M0g1WFlVYUZyemllalRPVFNncTE5MjVwZDdKdWI0WEFiWk5YY1lLMUd5dnB1RTkyVmFWUmJZemM2aU9rSVJxRkRrVTlSNUlwQWVrbmo0ditmL0VIUk96UU5aSHUrK05tVXU5bHJHNVVveldNMWpVaHdwdFR5NmpJNy9vckU9fA&cppv=2
pragma: no-cache
server-processing-duration-in-ticks: 234208
expires: 0
content-length: 0
date: Fri, 06 Jun 2025 03:02:31 GMT
server: Kestrel

GET
H2 200 / Show response
sync.cootlogix.com/api/sync/iframe/ Frame A3E2 109 B
422 B 420ms
103ms Document
text/html 147.182.222.40

General

Check archive.org

Download Go to

Full URL: https://sync.cootlogix.com/api/sync/iframe/?cid=&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1749178800000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 147.182.222.40 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a1aa01f31d4087317f5d4e5ef4ea70a73e38124a45f1553dbe8968ea16068b84

Request headers

Referer: https://fontgenerator.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
access-control-allow-methods: GET, HEAD, OPTIONS, POST
access-control-allow-origin: *
content-length: 109
content-type: text/html
date: Fri, 06 Jun 2025 03:02:32 GMT
p3p: CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV ADMa"

GET
H2 200 usync.html Show response
eus.rubiconproject.com/ Frame 3C54 269 B
379 B 171ms
8ms Document
text/html 184.30.22.30

General

Check archive.org

Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1749178800000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 -, , ASN (),
Reverse DNS
Software: Apache/2.4.62 (Debian) /
Resource Hash: e4df52d49c57bc3e7158cb052cc05c60f1258c24de5c5728dac5d43272943ad9

Request headers

Referer: https://fontgenerator.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 224
content-type: text/html
date: Fri, 06 Jun 2025 03:02:32 GMT
etag: "10d-629840acea280-gzip"
last-modified: Wed, 18 Dec 2024 04:42:34 GMT
server: Apache/2.4.62 (Debian)
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame B3F3 52 KB
17 KB 52ms
8ms Document
text/html 23.32.238.112

General

Check archive.org

Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1749178800000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.238.112 -, , ASN (),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://fontgenerator.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Fri, 06 Jun 2025 03:02:32 GMT
ETag: "623de86a-cf34"
Expires: Sat, 07 Jun 2025 03:02:34 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding

GET
H2 204 /
onetag-sys.com/usync/ Frame 5562 0
0 8ms
8ms Document
text/plain 51.38.120.206
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1749178948035

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1749178800000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://fontgenerator.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 200 sync.html Show response
public.servenobid.com/ Frame C66A 9 KB
4 KB 176ms
13ms Document
text/html 54.230.228.68

General

Check archive.org

Download Go to

Full URL: https://public.servenobid.com/sync.html
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1749178800000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.228.68 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d1f0cd63b4d32aa9ea0975c70ec80a51afc78227e121f2e3994ef8c9ce7d06d3

Request headers

Referer: https://fontgenerator.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36

Response headers

age: 52488
cache-control: max-age=86400
content-encoding: br
content-type: text/html
date: Thu, 05 Jun 2025 12:27:45 GMT
etag: W/"ee5a228ed26b25eba533061e372a78de"
last-modified: Mon, 10 Mar 2025 17:55:26 GMT
server: AmazonS3
vary: accept-encoding Origin
via: 1.1 b87d7a7588235c761c8602f922d332f4.cloudfront.net (CloudFront)
x-amz-cf-id: sYTFiBnEtyVZvBXDrttZpGFD_3haybEelblPSkWhA4veLAdYo49jrA==
x-amz-cf-pop: MUC50-P5
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:12c7a56c-3d1e-4c7b-99b7-ff02ea3f2d40
x-amz-meta-codebuild-content-md5: 7e54bf2818360b18921c120b0820c006
x-amz-meta-codebuild-content-sha256: 1a888b321ba7e7f4a8dfcc92ee11e2b63c55a3e583d8282cfbf800057fef3637
x-amz-server-side-encryption: AES256
x-amz-version-id: null
x-cache: Hit from cloudfront

GET
H2 200 isync Show response
visitor.omnitagjs.com/visitor/ Frame 1013 12 KB
3 KB 66ms
21ms Document
text/html 34.1.1.166
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1749178800000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.1.1.166 Paris, France, ASN15169 (GOOGLE, US),
Reverse DNS: 166.1.1.34.bc.googleusercontent.com
Software: fasthttp /
Resource Hash: c73e63e34213cfd943d6ba3bd733b43fc65a9aa9777eef69f768b3a31747500d

Request headers

Referer: https://fontgenerator.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-length: 2787
content-type: text/html; charset=UTF-8
date: Fri, 06 Jun 2025 03:02:31 GMT
p3p: CP="CAO PSA OUR"
server: fasthttp
vary: Accept-Encoding
via: kong/3.6.1
x-kong-proxy-latency: 0
x-kong-request-id: 05e38b26c3f49b5cf0ba1069b9b61f79
x-kong-upstream-latency: 5

GET
H2 200 pd Show response
buysellads-d.openx.net/w/1.0/ Frame 967E 199 B
424 B 179ms
16ms Document
text/html 35.244.159.8

General

Check archive.org

Download Go to

Full URL: https://buysellads-d.openx.net/w/1.0/pd
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1749178800000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e

Request headers

Referer: https://fontgenerator.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0, no-cache
content-length: 199
content-type: text/html
date: Fri, 06 Jun 2025 03:02:32 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
vary: Accept, Accept-Encoding
via: 1.1 google
x-forwarded-for: 45.141.152.76

GET
H2 200 usersync
match.adsrvr.org/track/ Frame 1932 70 B
149 B 111ms
34ms Image
image/gif 35.71.131.137

General

Check archive.org

Download Go to Show image

Full URL: https://match.adsrvr.org/track/usersync?us_privacy=&gdpr=0&gdpr_consent=undefined&ust=image
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 -, , ASN (),
Reverse DNS
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

content-length: 70
date: Fri, 06 Jun 2025 03:02:32 GMT
content-type: image/gif
server: Kestrel

GET getuid
secure.adnxs.com/ Frame 1013 0
0

GET
H2

200

sync
visitor.omnitagjs.com/visitor/ Frame 1013
Redirect Chain

https://creativecdn.com/cm-notify?pi=adyoulike&gdpr=1&gdpr_consent=
https://creativecdn.com/cm-notify?pi=adyoulike&gdpr=1&gdpr_consent=&tc=1
https://visitor.omnitagjs.com/visitor/sync?uid=094e13e3a08b6f25e4d4f7b1fba0b26b&visitor=ZpmPeFdqDORdT-5LCTVRM7qjU6OZtSsdm-5rFR8Q_Y8&name=RTB_HOUSE&pi=adyoulike&gdpr=1&gdpr_consent=&tc=1

49 B
339 B

30ms
25ms

Image
image/gif

34.1.1.166
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL: https://visitor.omnitagjs.com/visitor/sync?uid=094e13e3a08b6f25e4d4f7b1fba0b26b&visitor=ZpmPeFdqDORdT-5LCTVRM7qjU6OZtSsdm-5rFR8Q_Y8&name=RTB_HOUSE&pi=adyoulike&gdpr=1&gdpr_consent=&tc=1
Requested by: Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol: H2
Server: 34.1.1.166 Paris, France, ASN15169 (GOOGLE, US),
Reverse DNS: 166.1.1.34.bc.googleusercontent.com
Software: fasthttp /
Resource Hash: d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://visitor.omnitagjs.com/

Response headers

x-kong-request-id: 5b65b742a169830cf6cff32dc153f550
via: kong/3.6.1
x-kong-upstream-latency: 9
x-kong-proxy-latency: 0
content-length: 49
p3p: CP="CAO PSA OUR"
date: Fri, 06 Jun 2025 03:02:32 GMT
content-type: image/gif
server: fasthttp

Redirect headers

expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
location: https://visitor.omnitagjs.com/visitor/sync?uid=094e13e3a08b6f25e4d4f7b1fba0b26b&visitor=ZpmPeFdqDORdT-5LCTVRM7qjU6OZtSsdm-5rFR8Q_Y8&name=RTB_HOUSE&pi=adyoulike&gdpr=1&gdpr_consent=&tc=1
content-length: 0
date: Fri, 06 Jun 2025 03:02:32 GMT, Fri, 06 Jun 2025 03:02:32 GMT
pragma: no-cache
vary: Accept-Encoding

GET
H2 200 sync
x.bidswitch.net/ Frame 1013 43 B
183 B 120ms
23ms Image
image/gif 35.214.136.108

General

Check archive.org

Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=adyoulike&gdpr=1&gdpr_consent=
Requested by: Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.214.136.108 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://visitor.omnitagjs.com/

Response headers

via: 1.1 google
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
date: Fri, 06 Jun 2025 03:02:32 GMT
content-type: image/gif

GET
H2

200

sync
visitor.omnitagjs.com/visitor/ Frame 1013
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=adyoulike&gdpr=1&gdpr_consent=
https://visitor.omnitagjs.com/visitor/sync?name=NEXXEN&ttl=720&uid=146e9da1fca8f0ce5e1ef0b5909cc4cd&visitor=OPTOUT

49 B
338 B

25ms
24ms

Image
image/gif

34.1.1.166
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL: https://visitor.omnitagjs.com/visitor/sync?name=NEXXEN&ttl=720&uid=146e9da1fca8f0ce5e1ef0b5909cc4cd&visitor=OPTOUT
Requested by: Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol: H2
Server: 34.1.1.166 Paris, France, ASN15169 (GOOGLE, US),
Reverse DNS: 166.1.1.34.bc.googleusercontent.com
Software: fasthttp /
Resource Hash: d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://visitor.omnitagjs.com/

Response headers

x-kong-request-id: b2c5e108124c3f477a1cfd185c48206e
via: kong/3.6.1
x-kong-upstream-latency: 4
x-kong-proxy-latency: 0
content-length: 49
p3p: CP="CAO PSA OUR"
date: Fri, 06 Jun 2025 03:02:32 GMT
content-type: image/gif
server: fasthttp

Redirect headers

expires: 0
cache-control: no-store, no-cache, must-revalidate
location: https://visitor.omnitagjs.com/visitor/sync?name=NEXXEN&ttl=720&uid=146e9da1fca8f0ce5e1ef0b5909cc4cd&visitor=OPTOUT
date: Fri, 06 Jun 2025 03:02:32 GMT
pragma: no-cache
content-type: text/html
etag: OPTOUT

GET
H2 204 /
sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/ Frame 1013 0
129 B 163ms
19ms Image
text/plain 162.55.236.224

General

Check archive.org

Download Go to Show image

Full URL: https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=JAHJ4YZq4O&r=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DRichAudience%26ttl%3D720%26uid%3De33590f6de70f789c6aa5ba72b5e547c%26visitor%3D%5BPDID%5D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
Requested by: Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.55.236.224 -, , ASN (),
Reverse DNS
Software: nginx/1.14.1 / PHP/8.2.4
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://visitor.omnitagjs.com/

Response headers

p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Fri, 06 Jun 2025 03:01:38 GMT
x-powered-by: PHP/8.2.4
server: nginx/1.14.1

GET
H2 204 ayl_pixel
api-ssp.spot.im/pixels/ Frame 1013 0
192 B 143ms
102ms Image
text/plain 18.244.18.85

General

Check archive.org

Download Go to Show image

Full URL: https://api-ssp.spot.im/pixels/ayl_pixel?ayl_id=ba85f291b0df8d8d75a24e927bfe93b6
Requested by: Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.18.85 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://visitor.omnitagjs.com/

Response headers

via: 1.1 cbad29402e4e90baabe7151c3f1203b6.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-amz-cf-id: gWRhc7uUftPBbxlDxkGDj8RPLzQtMKYTIFDB8OJENfrxJdOHQjNLUA==
date: Fri, 06 Jun 2025 03:02:32 GMT
x-amz-cf-pop: FRA56-P11

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 1013 70 B
148 B 39ms
35ms Image
image/gif 35.71.131.137

General

Check archive.org

Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=k2j3gqp&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by: Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 -, , ASN (),
Reverse DNS
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://visitor.omnitagjs.com/

Response headers

content-length: 70
date: Fri, 06 Jun 2025 03:02:32 GMT
content-type: image/gif
server: Kestrel

GET /
csync.loopme.me/ Frame 1013 0
0

GET
H2 200 ImgSync
image8.pubmatic.com/AdServer/ Frame 1013 0
42 B 59ms
8ms Image
text/plain 103.231.98.106

General

Check archive.org

Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?p=156813&pu=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DOW_PUBMATIC%26ttl%3D720%26uid%3D873f14ee249cfcabb9bfa17d23686d63%26visitor%3D%23PMUID%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
Requested by: Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.231.98.106 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://visitor.omnitagjs.com/

Response headers

date: Fri, 06 Jun 2025 03:02:32 GMT
content-length: 0

GET
H2 200 ImgSync
image8.pubmatic.com/AdServer/ Frame 1013 0
39 B 27ms
9ms Image
text/plain 103.231.98.106

General

Check archive.org

Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?p=159706&pu=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DPUBMATIC%26ttl%3D720%26uid%3D2fe1084ffe44c28350116ec0a0a1c2d1%26visitor%3D%23PMUID%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
Requested by: Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.231.98.106 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://visitor.omnitagjs.com/

Response headers

date: Fri, 06 Jun 2025 03:02:32 GMT
content-length: 0

GET
H2 204 v1
match.sharethrough.com/universal/ Frame 1013 0
58 B 63ms
7ms Image
text/plain 18.195.234.25

General

Check archive.org

Download Go to Show image

Full URL

https://match.sharethrough.com/universal/v1?supply_id=wldemn0V&gdpr=1&gdpr_consent=

Requested by

Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.195.234.25 -, , ASN (),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://visitor.omnitagjs.com/

Response headers

strict-transport-security: max-age=16000000; includeSubDomains; preload;

GET
H/1.1 200
OK /
b1sync.zemanta.com/usersync/adyoulike/ Frame 1013 26 B
200 B 438ms
103ms Image
image/gif 64.74.236.159

General

Check archive.org

Download Go to Show image

Full URL

https://b1sync.zemanta.com/usersync/adyoulike/?cb=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DZEMANTA_NATIVE_1_2%26ttl%3D720%26uid%3Df2d9136cf53dede7f83ba16171a37fdd%26visitor%3D__ZUID__%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=

Requested by

Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.74.236.159 -, , ASN (),

Reverse DNS

Software

Resource Hash

3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://visitor.omnitagjs.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 26
date: Fri, 06 Jun 2025 03:02:32 GMT
content-type: image/gif

GET
H2 200 getuid
eb2.3lift.com/ Frame 1013 37 B
140 B 59ms
16ms Image
image/gif 76.223.111.18

General

Check archive.org

Download Go to Show image

Full URL: https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DOW_TRIPLELIFT%26ttl%3D720%26uid%3De217d8a485cb4bc1c2854b511ca26ae8%26visitor%3D%24UID%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
Requested by: Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 76.223.111.18 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://visitor.omnitagjs.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
date: Fri, 06 Jun 2025 03:02:32 GMT
content-type: image/gif

GET
H2

200

sync
visitor.omnitagjs.com/visitor/ Frame 1013
Redirect Chain

https://hb.trustedstack.com/cksync.php?cs=66&type=opw&redirect=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3F%26uid%3D6a4186b759e18e574be0648ddd5e766a%26visitor%3D%3Cvsid%3E&gdpr=1&gdpr_co...
https://visitor.omnitagjs.com/visitor/sync?&uid=6a4186b759e18e574be0648ddd5e766a&visitor=0000EEA

49 B
338 B

22ms
22ms

Image
image/gif

34.1.1.166
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL: https://visitor.omnitagjs.com/visitor/sync?&uid=6a4186b759e18e574be0648ddd5e766a&visitor=0000EEA
Requested by: Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol: H2
Server: 34.1.1.166 Paris, France, ASN15169 (GOOGLE, US),
Reverse DNS: 166.1.1.34.bc.googleusercontent.com
Software: fasthttp /
Resource Hash: d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://visitor.omnitagjs.com/

Response headers

x-kong-request-id: 7fae2c5d60fdc60908a07f1ecffb4021
via: kong/3.6.1
x-kong-upstream-latency: 5
x-kong-proxy-latency: 0
content-length: 49
p3p: CP="CAO PSA OUR"
date: Fri, 06 Jun 2025 03:02:32 GMT
content-type: image/gif
server: fasthttp

Redirect headers

strict-transport-security: max-age=86400 ; includeSubDomains, max-age=604800
cache-control: max-age=0, no-cache, no-store
location: https://visitor.omnitagjs.com/visitor/sync?&uid=6a4186b759e18e574be0648ddd5e766a&visitor=0000EEA
timing-allow-origin: *
pragma: no-cache
expires: Fri, 06 Jun 2025 03:02:32 GMT
x-mnet-hl2: E
content-length: 154
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
date: Fri, 06 Jun 2025 03:02:32 GMT
content-type: text/html
server: Apache

GET
H2

200

sync
visitor.omnitagjs.com/visitor/ Frame 1013
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=33&gdpr=1&gdpr_consent=
https://visitor.omnitagjs.com/visitor/sync?uid=74a1ec3b61e72925193cfceeea1b0608&visitor=0-0860521f-cbfc-5ec9-6269-906ff5c8e9b4$ip$45.141.152.76&name=STACKADAPT&gdpr=1&gdpr_consent=

49 B
339 B

22ms
22ms

Image
image/gif

34.1.1.166
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL: https://visitor.omnitagjs.com/visitor/sync?uid=74a1ec3b61e72925193cfceeea1b0608&visitor=0-0860521f-cbfc-5ec9-6269-906ff5c8e9b4$ip$45.141.152.76&name=STACKADAPT&gdpr=1&gdpr_consent=
Requested by: Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol: H2
Server: 34.1.1.166 Paris, France, ASN15169 (GOOGLE, US),
Reverse DNS: 166.1.1.34.bc.googleusercontent.com
Software: fasthttp /
Resource Hash: d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://visitor.omnitagjs.com/

Response headers

x-kong-request-id: 92f8ab72f8fa795f6026f24069099d1f
via: kong/3.6.1
x-kong-upstream-latency: 4
x-kong-proxy-latency: 0
content-length: 49
p3p: CP="CAO PSA OUR"
date: Fri, 06 Jun 2025 03:02:32 GMT
content-type: image/gif
server: fasthttp

Redirect headers

Location: https://visitor.omnitagjs.com/visitor/sync?uid=74a1ec3b61e72925193cfceeea1b0608&visitor=0-0860521f-cbfc-5ec9-6269-906ff5c8e9b4$ip$45.141.152.76&name=STACKADAPT&gdpr=1&gdpr_consent=
Content-Length: 219
Date: Fri, 06 Jun 2025 03:02:32 GMT
Content-Type: text/html; charset=utf-8
Connection: keep-alive

GET sync
rtb.bid.com/ Frame 1013 0
0

GET
H2 204 pixel
ap.lijit.com/ Frame 1013 0
193 B 155ms
30ms Image
text/plain 54.76.253.58

General

Check archive.org

Download Go to Show image

Full URL: https://ap.lijit.com/pixel?redir=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DSOVRN%26ttl%3D720%26uid%3D4b30a0b1f289a261ab592e1e53c126eb%26visitor%3D%24UID%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
Requested by: Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.76.253.58 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://visitor.omnitagjs.com/

Response headers

access-control-allow-headers: X-Requested-With, Content-Type
access-control-allow-origin: *
date: Fri, 06 Jun 2025 03:02:32 GMT
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, DELETE, PUT

GET
H2 204 pixel
ap.lijit.com/ Frame 1013 0
192 B 136ms
32ms Image
text/plain 54.76.253.58

General

Check archive.org

Download Go to Show image

Full URL: https://ap.lijit.com/pixel?redir=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DOW_SOVRN%26ttl%3D720%26uid%3D27349c3c4b4c5a48c7c7f4938ab918e6%26visitor%3D%24UID%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
Requested by: Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.76.253.58 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://visitor.omnitagjs.com/

Response headers

access-control-allow-headers: X-Requested-With, Content-Type
access-control-allow-origin: *
date: Fri, 06 Jun 2025 03:02:32 GMT
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, DELETE, PUT

GET 9933ca8fbb5437507921373139bb00a0.gif
usync.smxconv.com/ Frame 1013 0
0

GET
H2 200 cm
u.openx.net/w/1.0/ Frame 1013 43 B
96 B 74ms
19ms Image
image/gif 35.244.159.8

General

Check archive.org

Download Go to Show image

Full URL: https://u.openx.net/w/1.0/cm?id=5c25ba01-8014-471d-b115-9488b0bab07b&ph=bb3dfa1e-28f2-4379-aa01-73e27cdce2ee&r=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DOW_OPENX%26ttl%3D720%26uid%3Dfbb8afe8eeaca30016588a1cebad4210%26visitor%3D%7BOPENX_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
Requested by: Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://visitor.omnitagjs.com/

Response headers

cache-control: private, max-age=0, no-cache
pragma: no-cache
x-forwarded-for: 45.141.152.76
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
p3p: CP="CUR ADM OUR NOR STA NID"
date: Fri, 06 Jun 2025 03:02:31 GMT
content-type: image/gif
vary: Accept, Accept-Encoding

GET
H/1.1 200
OK sync.html
sync.contextualadv.com/ Frame 1013 0
236 B 289ms
89ms Image
text/plain 204.62.12.186

General

Check archive.org

Download Go to Show image

Full URL: https://sync.contextualadv.com/sync.html?pubid=197&pubuid=${UID}&gdpr=1&gdpr_consent=
Requested by: Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 204.62.12.186 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://visitor.omnitagjs.com/

Response headers

Transfer-Encoding: chunked
Access-Control-Allow-Origin: https://visitor.omnitagjs.com
Keep-Alive: timeout=5
Date: Fri, 06 Jun 2025 03:02:32 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true

GET
H2 204 pixel
ap.lijit.com/ Frame 1013 0
192 B 85ms
30ms Image
text/plain 54.76.253.58

General

Check archive.org

Download Go to Show image

Full URL: https://ap.lijit.com/pixel?redir=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DSOVRN_APP%26ttl%3D720%26uid%3Dcf7670e1d20b737804cf859fa1318914%26visitor%3D%24UID%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
Requested by: Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.76.253.58 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://visitor.omnitagjs.com/

Response headers

access-control-allow-headers: X-Requested-With, Content-Type
access-control-allow-origin: *
date: Fri, 06 Jun 2025 03:02:32 GMT
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, DELETE, PUT

GET
H2 204 pixel
ap.lijit.com/ Frame 1013 0
192 B 33ms
32ms Image
text/plain 54.76.253.58

General

Check archive.org

Download Go to Show image

Full URL: https://ap.lijit.com/pixel?redir=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DSOVRN_VIDEO%26ttl%3D720%26uid%3D14b8487cccb69ed1c7083f34af9c9c7f%26visitor%3D%24UID%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
Requested by: Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.76.253.58 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://visitor.omnitagjs.com/

Response headers

access-control-allow-headers: X-Requested-With, Content-Type
access-control-allow-origin: *
date: Fri, 06 Jun 2025 03:02:32 GMT
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, DELETE, PUT

GET
H2

200

sync
visitor.europe-west9.gcp.omnitagjs.com/visitor/ Frame 1013
Redirect Chain

https://jadserve.postrelease.com/suid/101967?ntv_r=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DNATIVO%26ttl%3D720%26uid%3D0544850a0778385701c6899403bef718%26visit...
https://visitor.europe-west9.gcp.omnitagjs.com/visitor/sync?name=NATIVO&ttl=720&uid=0544850a0778385701c6899403bef718&visitor=NTV_USER_ID&gdpr=1&gdpr_consent=

49 B
338 B

485ms
23ms

Image
image/gif

34.1.1.166
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL: https://visitor.europe-west9.gcp.omnitagjs.com/visitor/sync?name=NATIVO&ttl=720&uid=0544850a0778385701c6899403bef718&visitor=NTV_USER_ID&gdpr=1&gdpr_consent=
Requested by: Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol: H2
Server: 34.1.1.166 Paris, France, ASN15169 (GOOGLE, US),
Reverse DNS: 166.1.1.34.bc.googleusercontent.com
Software: fasthttp /
Resource Hash: d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://visitor.omnitagjs.com/

Response headers

x-kong-request-id: af8971219199001e3c741b4fe05f1071
via: kong/3.6.1
x-kong-upstream-latency: 5
x-kong-proxy-latency: 0
content-length: 49
p3p: CP="CAO PSA OUR"
date: Fri, 06 Jun 2025 03:02:33 GMT
content-type: image/gif
server: fasthttp

Redirect headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
location: https://visitor.europe-west9.gcp.omnitagjs.com/visitor/sync?name=NATIVO&ttl=720&uid=0544850a0778385701c6899403bef718&visitor=NTV_USER_ID&gdpr=1&gdpr_consent=
pragma: no-cache
expires: Mon, 1 Jan 1990 12:00:00 GMT
access-control-allow-origin: *
content-length: 0
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Fri, 06 Jun 2025 03:02:32 GMT
server: nginx

GET
H2

200

sync
visitor.europe-west9.gcp.omnitagjs.com/visitor/ Frame 1013
Redirect Chain

https://csync.copper6.com/3ccb4268afab0c2b1373a8a8fdc5011f.gif?redir=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DOW_COPPER6%26ttl%3D720%26uid%3D28acaf13e408a52aee...
https://visitor.europe-west9.gcp.omnitagjs.com/visitor/sync?name=OW_COPPER6&ttl=720&uid=28acaf13e408a52aee4358368b1d9f0b&visitor=f00f7a8e-7933-425a-a891-2c8d75019523&gdpr=1&gdpr_consent=

49 B
338 B

409ms
24ms

Image
image/gif

34.1.1.166
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL: https://visitor.europe-west9.gcp.omnitagjs.com/visitor/sync?name=OW_COPPER6&ttl=720&uid=28acaf13e408a52aee4358368b1d9f0b&visitor=f00f7a8e-7933-425a-a891-2c8d75019523&gdpr=1&gdpr_consent=
Requested by: Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol: H2
Server: 34.1.1.166 Paris, France, ASN15169 (GOOGLE, US),
Reverse DNS: 166.1.1.34.bc.googleusercontent.com
Software: fasthttp /
Resource Hash: d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://visitor.omnitagjs.com/

Response headers

x-kong-request-id: 687ad920a0e31c1221c3bf37585e2e0a
via: kong/3.6.1
x-kong-upstream-latency: 4
x-kong-proxy-latency: 0
content-length: 49
p3p: CP="CAO PSA OUR"
date: Fri, 06 Jun 2025 03:02:33 GMT
content-type: image/gif
server: fasthttp

Redirect headers

Cache-Control: no-cache, no-store, must-revalidate
Location: https://visitor.europe-west9.gcp.omnitagjs.com/visitor/sync?name=OW_COPPER6&ttl=720&uid=28acaf13e408a52aee4358368b1d9f0b&visitor=f00f7a8e-7933-425a-a891-2c8d75019523&gdpr=1&gdpr_consent=
Pragma: no-cache
Connection: keep-alive
Expires: 0
Content-Length: 0
Date: Fri, 06 Jun 2025 03:02:32 GMT
Server: nginx/1.20.2

GET
H2 200 cookiesync
bttrack.com/pixel/ Frame 1013 35 B
163 B 989ms
159ms Image
image/gif 64.38.119.44

General

Check archive.org

Download Go to Show image

Full URL

https://bttrack.com/pixel/cookiesync?source=6b2595d5-cf4e-4298-a4ac-bcc34433eaad&secure=1&gdpr=1&gdpr_consent=

Requested by

Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

64.38.119.44 -, , ASN (),

Reverse DNS

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://visitor.omnitagjs.com/

Response headers

strict-transport-security: max-age=31536000;
cache-control: private,no-cache
x-servername: track004-sjc
pragma: no-cache
expires: -1
content-length: 35
date: Fri, 06 Jun 2025 03:02:33 GMT
content-type: image/gif

GET
H2

200

sync
visitor.omnitagjs.com/visitor/ Frame 1013
Redirect Chain

https://csync.copper6.com/f3c49daf592d06bab39258cac72c0de9.gif?redir=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D0fccaa3ff6e0f9ec339e7eb753458ab3%26visitor%3D%5BUID%5D&gdpr=1&gdpr_...
https://visitor.omnitagjs.com/visitor/sync?uid=0fccaa3ff6e0f9ec339e7eb753458ab3&visitor=db499ea4-09ad-4fa6-9737-2f4f2b0684c2

49 B
339 B

22ms
22ms

Image
image/gif

34.1.1.166
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL: https://visitor.omnitagjs.com/visitor/sync?uid=0fccaa3ff6e0f9ec339e7eb753458ab3&visitor=db499ea4-09ad-4fa6-9737-2f4f2b0684c2
Requested by: Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol: H2
Server: 34.1.1.166 Paris, France, ASN15169 (GOOGLE, US),
Reverse DNS: 166.1.1.34.bc.googleusercontent.com
Software: fasthttp /
Resource Hash: d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://visitor.omnitagjs.com/

Response headers

x-kong-request-id: b0c69b1ac06eb570425c1652dd97667e
via: kong/3.6.1
x-kong-upstream-latency: 3
x-kong-proxy-latency: 0
content-length: 49
p3p: CP="CAO PSA OUR"
date: Fri, 06 Jun 2025 03:02:32 GMT
content-type: image/gif
server: fasthttp

Redirect headers

Cache-Control: no-cache, no-store, must-revalidate
Location: https://visitor.omnitagjs.com/visitor/sync?uid=0fccaa3ff6e0f9ec339e7eb753458ab3&visitor=db499ea4-09ad-4fa6-9737-2f4f2b0684c2
Pragma: no-cache
Connection: keep-alive
Expires: 0
Content-Length: 0
Date: Fri, 06 Jun 2025 03:02:32 GMT
Server: nginx/1.20.2

GET
H2

200

sync
visitor.omnitagjs.com/visitor/ Frame 1013
Redirect Chain

https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3Dcc74a90418053c5e5c118472fd8c7507%26visitor%3D
https://visitor.omnitagjs.com/visitor/sync?uid=cc74a90418053c5e5c118472fd8c7507&visitor=

49 B
226 B

18ms
17ms

Image
image/gif

34.1.1.166
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL: https://visitor.omnitagjs.com/visitor/sync?uid=cc74a90418053c5e5c118472fd8c7507&visitor=
Requested by: Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol: H2
Server: 34.1.1.166 Paris, France, ASN15169 (GOOGLE, US),
Reverse DNS: 166.1.1.34.bc.googleusercontent.com
Software: fasthttp /
Resource Hash: d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://visitor.omnitagjs.com/

Response headers

x-kong-request-id: 7d6e8558085fc74588ed0134d853da64
via: kong/3.6.1
x-kong-upstream-latency: 1
x-kong-proxy-latency: 0
content-length: 49
date: Fri, 06 Jun 2025 03:02:32 GMT
content-type: image/gif
server: fasthttp

Redirect headers

cache-control: max-age=0, private, must-revalidate
location: https://visitor.omnitagjs.com/visitor/sync?uid=cc74a90418053c5e5c118472fd8c7507&visitor=
content-length: 0
date: Fri, 06 Jun 2025 03:02:31 GMT
x-envoy-upstream-service-time: 0
vary: accept-encoding
server: envoy

GET /
sync.screencore.io/adyoulike_2/ Frame 1013 0
0

GET
H2 451 711333.gif
id.rlcdn.com/ Frame 1013 0
98 B 96ms
17ms Image
text/plain 35.244.174.68

General

Check archive.org

Download Go to Show image

Full URL: https://id.rlcdn.com/711333.gif?
Requested by: Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://visitor.omnitagjs.com/

Response headers

via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Fri, 06 Jun 2025 03:02:32 GMT

GET
H2

200

sync
visitor.omnitagjs.com/visitor/ Frame 1013
Redirect Chain

https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D642b2fc65afcd5ddddcf2d0e96254052%26visitor%3D
https://visitor.omnitagjs.com/visitor/sync?uid=642b2fc65afcd5ddddcf2d0e96254052&visitor=

49 B
225 B

18ms
18ms

Image
image/gif

34.1.1.166
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL: https://visitor.omnitagjs.com/visitor/sync?uid=642b2fc65afcd5ddddcf2d0e96254052&visitor=
Requested by: Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol: H2
Server: 34.1.1.166 Paris, France, ASN15169 (GOOGLE, US),
Reverse DNS: 166.1.1.34.bc.googleusercontent.com
Software: fasthttp /
Resource Hash: d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://visitor.omnitagjs.com/

Response headers

x-kong-request-id: 23ed3026c8663b32dd1f5f21033f1912
via: kong/3.6.1
x-kong-upstream-latency: 1
x-kong-proxy-latency: 0
content-length: 49
date: Fri, 06 Jun 2025 03:02:31 GMT
content-type: image/gif
server: fasthttp

Redirect headers

cache-control: max-age=0, private, must-revalidate
location: https://visitor.omnitagjs.com/visitor/sync?uid=642b2fc65afcd5ddddcf2d0e96254052&visitor=
content-length: 0
date: Fri, 06 Jun 2025 03:02:31 GMT
x-envoy-upstream-service-time: 0
vary: accept-encoding
server: envoy

GET
H2

200

sync
visitor.europe-west9.gcp.omnitagjs.com/visitor/ Frame 1013
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=190532&cb=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DOW_INDEX%26ttl%3D720%26uid%3D6b882ebc903fbdf00a60398f542a5...
https://visitor.europe-west9.gcp.omnitagjs.com/visitor/sync?name=OW_INDEX&ttl=720&uid=6b882ebc903fbdf00a60398f542a5c35&visitor={userId}&gdpr=1&gdpr_consent=aEJaSFVbLSMAEaTQAIU3kQAA%265121

49 B
340 B

636ms
21ms

Image
image/gif

34.1.1.166
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL: https://visitor.europe-west9.gcp.omnitagjs.com/visitor/sync?name=OW_INDEX&ttl=720&uid=6b882ebc903fbdf00a60398f542a5c35&visitor={userId}&gdpr=1&gdpr_consent=aEJaSFVbLSMAEaTQAIU3kQAA%265121
Requested by: Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol: H2
Server: 34.1.1.166 Paris, France, ASN15169 (GOOGLE, US),
Reverse DNS: 166.1.1.34.bc.googleusercontent.com
Software: fasthttp /
Resource Hash: d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://visitor.omnitagjs.com/

Response headers

x-kong-request-id: 9b08111c8585676a417ba16541bb3d0f
via: kong/3.6.1
x-kong-upstream-latency: 4
x-kong-proxy-latency: 0
content-length: 49
p3p: CP="CAO PSA OUR"
date: Fri, 06 Jun 2025 03:02:33 GMT
content-type: image/gif
server: fasthttp

Redirect headers

cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EY5bDIyU7vDtPLWojvgImVBT4ijnUclFDe%2B7nUdiXq8jFUUk33u64Pvlfkl0BeoT28MxegwcuxAd9KHXY1XSXRKskFlhvmMZNNeBdkPURXoLSyfnV%2B44%2BwjjZTQ61Ywprd1N9t25bPPSHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: 0
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date: Fri, 06 Jun 2025 03:02:32 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: no-cache
location: https://visitor.europe-west9.gcp.omnitagjs.com/visitor/sync?name=OW_INDEX&ttl=720&uid=6b882ebc903fbdf00a60398f542a5c35&visitor={userId}&gdpr=1&gdpr_consent=aEJaSFVbLSMAEaTQAIU3kQAA%265121
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
cf-ray: 94b4abe5f95c6997-FRA
content-length: 0
server: cloudflare

GET
H2 204 pbsync
ads.yieldmo.com/ Frame 1013 0
42 B 649ms
30ms Image
text/plain 54.170.123.81

General

Check archive.org

Download Go to Show image

Full URL: https://ads.yieldmo.com/pbsync?is=adyl&redirectUri=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DYIELDMO%26ttl%3D720%26uid%3D3ee5cefc896f9db66dd131a32a91d57f%26visitor%3D%24UID&gdpr=1&gdpr_consent=
Requested by: Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.170.123.81 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://visitor.omnitagjs.com/

Response headers

date: Fri, 06 Jun 2025 03:02:33 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame B3F3 0
482 B 32ms
31ms Script
text/html 37.252.171.53
ASN-APPNEX

General

Check archive.org

Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://acdn.adnxs.com/

Response headers

cache-control: no-store, no-cache, private
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
x-proxy-origin: 45.141.152.76; 45.141.152.76; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; *.adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
an-x-request-uuid: 2710b848-2443-4337-b44c-2e5f22666fcb
content-length: 0
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Fri, 06 Jun 2025 03:02:32 GMT
x-xss-protection: 0
content-type: text/html; charset=utf-8
server: nginx/1.23.4

GET
H2 200 usync.js Show response
eus.rubiconproject.com/ Frame 3C54 44 KB
11 KB 15ms
9ms Script
text/html 184.30.22.30

General

Check archive.org

Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 -, , ASN (),
Reverse DNS
Software: Apache/2.4.62 (Debian) / PHP/8.3.13
Resource Hash: c1eb03b802019d4f6ab1b6b7c2cfd98a215aee89b60a9d47523430790808db89

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://eus.rubiconproject.com/usync.html

Response headers

cache-control: max-age=15780
content-encoding: gzip
expires: Fri, 06 Jun 2025 07:25:32 GMT
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
content-length: 11434
date: Fri, 06 Jun 2025 03:02:32 GMT
last-modified: Thu, 05 Jun 2025 07:25:32 GMT
x-powered-by: PHP/8.3.13
server: Apache/2.4.62 (Debian)
content-type: text/html;charset=UTF-8
vary: Accept-Encoding

GET ortb_sync
gum.aidemsrv.com/ Frame 0BBC 0
0

GET
H2

200

usync.html Show response
eus.rubiconproject.com/ Frame 1434
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu&gdpr=1&gdpr_consent=
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=1&gdpr_consent=

269 B
379 B

11ms
10ms

Document
text/html

184.30.22.30

General

Check archive.org

Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=1&gdpr_consent=
Requested by: Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 -, , ASN (),
Reverse DNS
Software: Apache/2.4.62 (Debian) /
Resource Hash: e4df52d49c57bc3e7158cb052cc05c60f1258c24de5c5728dac5d43272943ad9

Request headers

Referer: https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 224
content-type: text/html
date: Fri, 06 Jun 2025 03:02:32 GMT
etag: "10d-629840acea280-gzip"
last-modified: Wed, 18 Dec 2024 04:42:34 GMT
server: Apache/2.4.62 (Debian)
vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Fri, 06 Jun 2025 03:02:32 GMT
location: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=1&gdpr_consent=
server: AkamaiGHost

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame F26F 0
0 372ms
107ms Document
text/plain 67.202.105.21

General

Check archive.org

Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
Requested by: Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.21 -, , ASN (),
Reverse DNS
Software: 33XP001 /
Resource Hash

Request headers

Referer: https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36

Response headers

date: Fri, 06 Jun 2025 03:02:31 GMT
server: 33XP001
x-33x-status: 6000208

GET
H/1.1 200
OK user-sync Show response
sync.adkernel.com/ Frame 2B31 0
134 B 115ms
28ms Document
text/plain 103.67.200.72

General

Check archive.org

Download Go to

Full URL: https://sync.adkernel.com/user-sync?zone=261976&r=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DADSOLUT%26ttl%3D720%26uid%3D1914a28ad9f7cf23695694b8008de71e%26visitor%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
Requested by: Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.67.200.72 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36

Response headers

Cache-Control: no-store
Connection: close
Content-Length: 0
Date: Fri, 06 Jun 2025 03:02:32 GMT
Server: nginx

GET
H2

200

usync.html Show response
eus.rubiconproject.com/ Frame 57CB
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu&gdpr=1&gdpr_consent=
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=1&gdpr_consent=

269 B
0

15ms
15ms

Document
text/html

184.30.22.30

General

Check archive.org

Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=1&gdpr_consent=
Requested by: Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 -, , ASN (),
Reverse DNS
Software: Apache/2.4.62 (Debian) /
Resource Hash: e4df52d49c57bc3e7158cb052cc05c60f1258c24de5c5728dac5d43272943ad9

Request headers

Referer: https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 224
content-type: text/html
date: Fri, 06 Jun 2025 03:02:32 GMT
etag: "10d-629840acea280-gzip"
last-modified: Wed, 18 Dec 2024 04:42:34 GMT
server: Apache/2.4.62 (Debian)
vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Fri, 06 Jun 2025 03:02:32 GMT
location: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=1&gdpr_consent=
server: AkamaiGHost

GET
H2 200 sync-iframe Show response
cs-server-s2s.yellowblue.io/ Frame 78A7 0
404 B 297ms
94ms Document
text/html 52.71.16.161

General

Check archive.org

Download Go to

Full URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DRISE_CODES%26ttl%3D720%26uid%3D48b439bcf2930e6408d6e795f7f1cdd2%26visitor%3D%7BpartnerId%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
Requested by: Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.71.16.161 -, , ASN (),
Reverse DNS
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://visitor.omnitagjs.com/
access-control-expose-headers: X-Reason
content-length: 0
content-type: text/html
date: Fri, 06 Jun 2025 03:02:32 GMT
server: istio-envoy
x-envoy-upstream-service-time: 1
x-reason: could not perform CS due to compliance policy: consent string is empty

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame 8490 0
0 368ms
107ms Document
text/plain 67.202.105.21

General

Check archive.org

Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS_VIDEO%26ttl%3D720%26uid%3D0e36e8655c40248fb8d2e311b5db1153%26visitor%3D33XUSERID33X%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
Requested by: Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.21 -, , ASN (),
Reverse DNS
Software: 33XP019 /
Resource Hash

Request headers

Referer: https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36

Response headers

date: Fri, 06 Jun 2025 03:02:32 GMT
server: 33XP019
x-33x-status: 6000208

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame BE2D 0
0 368ms
108ms Document
text/plain 67.202.105.21

General

Check archive.org

Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DOW_33ACROSS%26ttl%3D720%26uid%3D25492590fe216b332ae998485e25beb4%26visitor%3D33XUSERID33X%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
Requested by: Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.21 -, , ASN (),
Reverse DNS
Software: 33XP004 /
Resource Hash

Request headers

Referer: https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36

Response headers

date: Fri, 06 Jun 2025 03:02:32 GMT
server: 33XP004
x-33x-status: 6000208

GET
H2 200 usync.html Show response
eus.rubiconproject.com/ Frame 12CA 269 B
379 B 13ms
13ms Document
text/html 184.30.22.30

General

Check archive.org

Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=adyoulike_2&endpoint=eu&gdpr=1&gdpr_consent=
Requested by: Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 -, , ASN (),
Reverse DNS
Software: Apache/2.4.62 (Debian) /
Resource Hash: e4df52d49c57bc3e7158cb052cc05c60f1258c24de5c5728dac5d43272943ad9

Request headers

Referer: https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 224
content-type: text/html
date: Fri, 06 Jun 2025 03:02:32 GMT
etag: "10d-629840acea280-gzip"
last-modified: Wed, 18 Dec 2024 04:42:34 GMT
server: Apache/2.4.62 (Debian)
vary: Accept-Encoding

GET iframe
audienceexposure.com/ Frame 0597 0
0

GET
H2 204 /
onetag-sys.com/usync/ Frame 5580 0
0 13ms
13ms Document
text/plain 51.38.120.206
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&us_privacy=${US_PRIVACY}

Requested by

Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control: no-store
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK ssync.html Show response
player.aniview.com/ssync/62f53b2c7850d0786f227f64/ Frame AF33 5 KB
3 KB 123ms
11ms Document
text/html 2a02:26f0:7100::213:c669

General

Check archive.org

Download Go to

Full URL: https://player.aniview.com/ssync/62f53b2c7850d0786f227f64/ssync.html?pid=62f53b2c7850d0786f227f64&r=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DANIVIEW%26ttl%3D720%26uid%3De8ecb87ff2ef3a3b16ba16c51e7986ac%26visitor%3D%5BAV_UID%5D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
Requested by: Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::213:c669 -, , ASN (),
Reverse DNS
Software: UploadServer /
Resource Hash: 8cecad7988c322f2c35c14e99a4b936bd643cdaaa9216e9174bb1a442ff841dd

Request headers

Referer: https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type
Alt-Svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,quic=":443"; ma=93600; v="43"
Cache-Control: public, max-age=900
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1683
Content-Type: text/html
Date: Fri, 06 Jun 2025 03:02:32 GMT
ETag: "15a46f2f4450880eb635e62a551bbd04"
Expires: Fri, 06 Jun 2025 03:17:32 GMT
Last-Modified: Thu, 25 Jul 2024 11:37:12 GMT
Server: UploadServer
Vary: Accept-Encoding
X-GUploader-UploadID: AHxI1nMN2Zxh0ij3WSnB3YPDLN17s1xHpSbb9R1-mW8J70W2bnKQsyBohGuOcWujHWdn5fI0uGE
x-goog-generation: 1721907432551634
x-goog-hash: crc32c=X7Uy+Q== md5=FaRvL0RQiA62NeYqVRu9BA==
x-goog-metageneration: 1
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 5380

GET
H2 200 sync Show response
ittpx.eskimi.com/ Frame E8B4 13 B
160 B 97ms
13ms Document
text/html 188.40.16.220

General

Check archive.org

Download Go to

Full URL: https://ittpx.eskimi.com/sync?sp_id=14&gdpr=1&gdpr_consent=
Requested by: Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.40.16.220 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628

Request headers

Referer: https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Fri, 06 Jun 2025 03:02:32 GMT
x-empty-response-reason: No GDPR consent (de: 45.141.152.76)

GET
H2 200 sync Show response
ssbsync.smartadserver.com/api/ Frame D7BE 0
45 B 226ms
15ms Document
text/plain 5.196.111.69

General

Check archive.org

Download Go to

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=1&gdpr_consent=
Requested by: Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.196.111.69 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36

Response headers

content-length: 0
date: Fri, 06 Jun 2025 03:02:31 GMT

GET
H2 200 sync Show response
ssbsync.smartadserver.com/api/ Frame DB4D 0
44 B 248ms
16ms Document
text/plain 5.196.111.69

General

Check archive.org

Download Go to

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=1&gdpr_consent=
Requested by: Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.196.111.69 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36

Response headers

content-length: 0
date: Fri, 06 Jun 2025 03:02:31 GMT

GET
H/1.1 200
OK user-sync Show response
sync.adkernel.com/ Frame 0C10 0
134 B 120ms
32ms Document
text/plain 103.67.200.72

General

Check archive.org

Download Go to

Full URL: https://sync.adkernel.com/user-sync?zone=260835&r=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DSTRONGMETRICS%26ttl%3D720%26uid%3D84e758200d24051d4c62795c5b9604bd%26visitor%3D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
Requested by: Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.67.200.72 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36

Response headers

Cache-Control: no-store
Connection: close
Content-Length: 0
Date: Fri, 06 Jun 2025 03:02:32 GMT
Server: nginx

GET
H2 200 13926 Show response
g2.gumgum.com/usync/ Frame 9D35 3 KB
1 KB 35ms
28ms Document
text/html 18.201.5.241
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.201.5.241 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-201-5-241.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b975e578f2e163f7483c794669cda739fd4dcd46be5e11a47a75634e2d3a91aa

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Fri, 06 Jun 2025 03:02:32 GMT
etag: W/"06398f79037c7a7f63ab6de65239d17ba"
server: nginx
timing-allow-origin: *

GET
H2 204 ps
pixel.33across.com/ Frame E849 0
0 367ms
114ms Document
text/plain 67.202.105.23

General

Check archive.org

Download Go to

Full URL: https://pixel.33across.com/ps?m=xch&rt=html&id=0010b00002Mq2FYAAZ&ru=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D304%26uid%3D33XUSERID33X
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.23 -, , ASN (),
Reverse DNS
Software: 33XP019 /
Resource Hash

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36

Response headers

date: Fri, 06 Jun 2025 03:02:32 GMT
server: 33XP019
x-33x-status: 6000208

GET
H2 204 /
onetag-sys.com/usync/ Frame B825 0
0 13ms
7ms Document
text/plain 51.38.120.206
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D

Requested by

Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 200 sync Show response
ssbsync.smartadserver.com/api/ Frame 9EA1 847 B
1 KB 208ms
16ms Document
text/html 5.196.111.69

General

Check archive.org

Download Go to

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.196.111.69 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ae6e9c45ddcb928a6f3b3e111d1deac3c3768f930c91fa06f945aa99e4284257

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36

Response headers

cache-control: no-cache,no-store
content-length: 847
content-type: text/html
date: Fri, 06 Jun 2025 03:02:31 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
pragma: no-cache

GET
H3

200

usermatch Show response
ssum-sec.casalemedia.com/ Frame 1934
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1

2 KB
1 KB

42ms
42ms

Document
text/html

104.18.26.193

General

Check archive.org

Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.26.193 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: b279e06d9ad548689b253a070f969c04f097704094f0f9ef9083eaab15e72a5d

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 94b4abe3c8ea6997-FRA
content-encoding: br
content-type: text/html
date: Fri, 06 Jun 2025 03:02:32 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JRkXmCUprRuocwnIpq%2Bqu4O0ftwJrpa36UwVoZkYhq32AENanooNPcrSMXoa2rqOGziFHBLcHYxK%2BHxTo8BDUuvJEzo4AxbOJpGbJjspVZyv2%2Fy880hwiMN8xGgCO9dgnbAl3h4ddCbAbw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfExtPri
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 94b4abe398e06997-FRA
content-length: 0
date: Fri, 06 Jun 2025 03:02:32 GMT
expires: 0
location: /usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nCcQvjnbnfiSvQMVo5Dqsygu6sCC69Yd0HJxzuE1%2BCmwzEJI12P5MaS2QnYLNs8QVz6Ncp%2FxMGBr1yiL%2FjZS76Sg%2FCmSFYPB8FqZQrOmJVmOFb5yGf0E7%2B3B4O8lH3u%2Fc3PWdSkeA5ofSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfExtPri
vary: Accept-Encoding

GET
H2

200

usync.html Show response
eus.rubiconproject.com/ Frame E0EB
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east

269 B
379 B

8ms
7ms

Document
text/html

184.30.22.30

General

Check archive.org

Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 -, , ASN (),
Reverse DNS
Software: Apache/2.4.62 (Debian) /
Resource Hash: e4df52d49c57bc3e7158cb052cc05c60f1258c24de5c5728dac5d43272943ad9

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 224
content-type: text/html
date: Fri, 06 Jun 2025 03:02:32 GMT
etag: "10d-629840acea280-gzip"
last-modified: Wed, 18 Dec 2024 04:42:34 GMT
server: Apache/2.4.62 (Debian)
vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Fri, 06 Jun 2025 03:02:32 GMT
location: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server: AkamaiGHost

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 92F2 20 KB
7 KB 65ms
8ms Document
text/html 184.30.17.43

General

Check archive.org

Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.17.43 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: a88123f7890e58349e3a64226c716be9d346a42ba76e542a8ebdd30026a89604

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: max-age=112961
content-encoding: gzip
content-length: 6694
content-type: text/html
date: Fri, 06 Jun 2025 03:02:32 GMT
expires: Sat, 07 Jun 2025 10:25:13 GMT
last-modified: Wed, 13 Nov 2024 05:14:24 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 sync-iframe Show response
cs-server-s2s.yellowblue.io/ Frame 053D 0
403 B 266ms
93ms Document
text/html 52.71.16.161

General

Check archive.org

Download Go to

Full URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.71.16.161 -, , ASN (),
Reverse DNS
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://public.servenobid.com/
access-control-expose-headers: X-Reason
content-length: 0
content-type: text/html
date: Fri, 06 Jun 2025 03:02:32 GMT
server: istio-envoy
x-envoy-upstream-service-time: 0
x-reason: could not perform CS due to compliance policy: gdpr is not applied

GET getuid
ib.adnxs.com/ Frame C66A 0
0

GET
H2

200

sync
ads.servenobid.com/ Frame C66A
Redirect Chain

https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
https://ads.servenobid.com/sync?pid=310&uid=KyKWARZHn3bGIscyRYC-TsVz

0
396 B

24ms
23ms

Image
image/avif

143.244.197.139
DIGITALOCEAN-ASN

General

Check archive.org

Download Go to Show image

Full URL

https://ads.servenobid.com/sync?pid=310&uid=KyKWARZHn3bGIscyRYC-TsVz

Requested by

Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html

Protocol

Server

143.244.197.139 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://public.servenobid.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
amp-access-control-allow-source-origin: *
access-control-allow-origin: *
content-length: 0
date: Fri, 06 Jun 2025 03:02:32 GMT
content-type: image/avif;charset=ISO-8859-1

Redirect headers

cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
location: https://ads.servenobid.com/sync?pid=310&uid=KyKWARZHn3bGIscyRYC-TsVz
pragma: no-cache
expires: Fri, 20 Mar 2009 00:00:00 GMT
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Fri, 06 Jun 2025 03:02:32 GMT
vary: Accept-Encoding

GET
H2 204 pixel
ap.lijit.com/ Frame C66A 0
192 B 250ms
33ms Image
text/plain 54.76.253.58

General

Check archive.org

Download Go to Show image

Full URL: https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.76.253.58 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://public.servenobid.com/

Response headers

access-control-allow-headers: X-Requested-With, Content-Type
access-control-allow-origin: *
date: Fri, 06 Jun 2025 03:02:32 GMT
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, DELETE, PUT

GET
H2

200

sync
ads.servenobid.com/ Frame C66A
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1749178952223
https://ad.turn.com/r/cs?pid=45&id=RX-fb86baa9-e2d9-4882-8885-6cca131e0cba-003&rndcb=8830845690
https://sync.1rx.io/usersync/turn/3297876935822924026?dspret=1&gdpr=&gdpr_consent=&us_privacy=
https://sync.targeting.unrulymedia.com/csync/RX-fb86baa9-e2d9-4882-8885-6cca131e0cba-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-fb86baa9-e2d9-4882-8885-6cca131e0cba-003
https://ads.servenobid.com/sync?pid=321&uid=RX-fb86baa9-e2d9-4882-8885-6cca131e0cba-003

0
407 B

22ms
21ms

Image
image/avif

143.244.197.139
DIGITALOCEAN-ASN

General

Check archive.org

Download Go to Show image

Full URL

https://ads.servenobid.com/sync?pid=321&uid=RX-fb86baa9-e2d9-4882-8885-6cca131e0cba-003

Requested by

Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html

Protocol

Server

143.244.197.139 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://public.servenobid.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
amp-access-control-allow-source-origin: *
access-control-allow-origin: *
content-length: 0
date: Fri, 06 Jun 2025 03:02:32 GMT
content-type: image/avif;charset=ISO-8859-1

Redirect headers

location: https://ads.servenobid.com/sync?pid=321&uid=RX-fb86baa9-e2d9-4882-8885-6cca131e0cba-003
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
date: Fri, 06 Jun 2025 03:02:32 GMT
etag: RXfb86baa9e2d9488288856cca131e0cba003
content-type: text/html

GET
H2

200

sync
ads.servenobid.com/ Frame C66A
Redirect Chain

https://p.rfihub.com/cm?pub=44007&in=1
https://ads.servenobid.com/sync?pid=324&uid=5131077719815679379

0
390 B

22ms
21ms

Image
image/avif

143.244.197.139
DIGITALOCEAN-ASN

General

Check archive.org

Download Go to Show image

Full URL

https://ads.servenobid.com/sync?pid=324&uid=5131077719815679379

Requested by

Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html

Protocol

Server

143.244.197.139 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://public.servenobid.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
amp-access-control-allow-source-origin: *
access-control-allow-origin: *
content-length: 0
date: Fri, 06 Jun 2025 03:02:32 GMT
content-type: image/avif;charset=ISO-8859-1

Redirect headers

Location: https://ads.servenobid.com/sync?pid=324&uid=5131077719815679379
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Date: Fri, 06 Jun 2025 03:02:32 GMT
Server: Jetty(9.4.51.v20230217)

GET
H2 200 usa
sync.go.sonobi.com/ Frame C66A 0
401 B 384ms
103ms Image
text/plain 2607:f350:3:2569:0:10:0:200d

General

Check archive.org

Download Go to Show image

Full URL

https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D

Requested by

Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f350:3:2569:0:10:0:200d -, , ASN (),

Reverse DNS

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://public.servenobid.com/

Response headers

cache-control: no-cache, no-store, private
pragma: no-cache
expires: Sat, 26 Jul 1997 05:00:00 GMT
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
date: Fri, 06 Jun 2025 03:02:32 GMT
tcn: Choice
content-type: text/plain; charset=utf8
vary: negotiate,Accept-Encoding
server: sonobi-go
x-go-server: go-iad-2-5-179
x-xss-protection: 0

GET
H2

200

sync
ads.servenobid.com/ Frame C66A
Redirect Chain

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0

0
298 B

21ms
21ms

Image
image/avif

143.244.197.139
DIGITALOCEAN-ASN

General

Check archive.org

Download Go to Show image

Full URL

https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0

Requested by

Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html

Protocol

Server

143.244.197.139 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://public.servenobid.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
amp-access-control-allow-source-origin: *
access-control-allow-origin: *
content-length: 0
date: Fri, 06 Jun 2025 03:02:32 GMT
content-type: image/avif;charset=ISO-8859-1

Redirect headers

cache-control: max-age=0, private, must-revalidate
location: https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
content-length: 0
date: Fri, 06 Jun 2025 03:02:31 GMT
x-envoy-upstream-service-time: 0
vary: accept-encoding
server: envoy

GET
H2 204 redirectuser
ssp.disqus.com/ Frame C66A 0
41 B 417ms
94ms Image
text/plain 34.224.66.164

General

Check archive.org

Download Go to Show image

Full URL: https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.224.66.164 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://public.servenobid.com/

Response headers

pragma: no-cache
expires: 0
cache-control: no-store

GET
H2 204 v1
match.sharethrough.com/universal/ Frame C66A 0
57 B 68ms
11ms Image
text/plain 18.195.234.25

General

Check archive.org

Download Go to Show image

Full URL

https://match.sharethrough.com/universal/v1?supply_id=KW3eSFMR&gdpr=0&gdpr_consent=&us_privacy=1YN-&

Requested by

Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.195.234.25 -, , ASN (),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://public.servenobid.com/

Response headers

strict-transport-security: max-age=16000000; includeSubDomains; preload;

GET
H2

200

sync
ads.servenobid.com/ Frame C66A
Redirect Chain

https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E
https://ads.servenobid.com/sync?pid=353&uid=0000EEA

0
382 B

21ms
21ms

Image
image/avif

143.244.197.139
DIGITALOCEAN-ASN

General

Check archive.org

Download Go to Show image

Full URL

https://ads.servenobid.com/sync?pid=353&uid=0000EEA

Requested by

Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html

Protocol

Server

143.244.197.139 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://public.servenobid.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
amp-access-control-allow-source-origin: *
access-control-allow-origin: *
content-length: 0
date: Fri, 06 Jun 2025 03:02:32 GMT
content-type: image/avif;charset=ISO-8859-1

Redirect headers

strict-transport-security: max-age=86400 ; includeSubDomains, max-age=604800
cache-control: max-age=0, no-cache, no-store
location: https://ads.servenobid.com/sync?pid=353&uid=0000EEA
timing-allow-origin: *
pragma: no-cache
expires: Fri, 06 Jun 2025 03:02:32 GMT
x-mnet-hl2: E
alt-svc: h3=":443"; ma=93600
content-length: 154
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
date: Fri, 06 Jun 2025 03:02:32 GMT
content-type: text/html
server: Apache

GET
H2

200

sync
ads.servenobid.com/ Frame C66A
Redirect Chain

https://ads.servedxk.com/rsync?redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D369%26uid%3D%24UID
https://ads.servenobid.com/sync?pid=369&uid=v2d1698572-e681-49b2-9c3e-05637d018975

0
404 B

21ms
20ms

Image
image/avif

143.244.197.139
DIGITALOCEAN-ASN

General

Check archive.org

Download Go to Show image

Full URL

https://ads.servenobid.com/sync?pid=369&uid=v2d1698572-e681-49b2-9c3e-05637d018975

Requested by

Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html

Protocol

Server

143.244.197.139 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://public.servenobid.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
amp-access-control-allow-source-origin: *
access-control-allow-origin: *
content-length: 0
date: Fri, 06 Jun 2025 03:02:32 GMT
content-type: image/avif;charset=ISO-8859-1

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
location: https://ads.servenobid.com/sync?pid=369&uid=v2d1698572-e681-49b2-9c3e-05637d018975
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
amp-access-control-allow-source-origin: *
access-control-allow-origin: *
content-length: 0
date: Fri, 06 Jun 2025 03:02:32 GMT
content-type: image/avif;charset=ISO-8859-1

GET
H2

451

712910.gif
idsync.rlcdn.com/ Frame C66A
Redirect Chain

https://ads.servedxk.com/rsync?redirect=https%3A%2F%2Fidsync.rlcdn.com%2F712910.gif%3Fpartner_uid%3D%24UID
https://idsync.rlcdn.com/712910.gif?partner_uid=v2c5e09d2e-96f5-4d65-970c-4ef3784d00ad

0
98 B

208ms
16ms

Image
text/plain

35.244.174.68

General

Check archive.org

Download Go to Show image

Full URL: https://idsync.rlcdn.com/712910.gif?partner_uid=v2c5e09d2e-96f5-4d65-970c-4ef3784d00ad
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 35.244.174.68 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://public.servenobid.com/

Response headers

via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Fri, 06 Jun 2025 03:02:32 GMT

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
location: https://idsync.rlcdn.com/712910.gif?partner_uid=v2c5e09d2e-96f5-4d65-970c-4ef3784d00ad
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
amp-access-control-allow-source-origin: *
access-control-allow-origin: *
content-length: 0
date: Fri, 06 Jun 2025 03:02:32 GMT
content-type: image/avif;charset=ISO-8859-1

GET
H2 200 usync.js Show response
eus.rubiconproject.com/ Frame 12CA 44 KB
0 0ms
0ms Script
text/html 184.30.22.30

General

Check archive.org

Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adyoulike_2&endpoint=eu&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 -, , ASN (),
Reverse DNS
Software: Apache/2.4.62 (Debian) / PHP/8.3.13
Resource Hash: c1eb03b802019d4f6ab1b6b7c2cfd98a215aee89b60a9d47523430790808db89

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://eus.rubiconproject.com/usync.html?p=adyoulike_2&endpoint=eu&gdpr=1&gdpr_consent=

Response headers

cache-control: max-age=15780
content-encoding: gzip
expires: Fri, 06 Jun 2025 07:25:32 GMT
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
content-length: 11434
date: Fri, 06 Jun 2025 03:02:32 GMT
last-modified: Thu, 05 Jun 2025 07:25:32 GMT
x-powered-by: PHP/8.3.13
server: Apache/2.4.62 (Debian)
content-type: text/html;charset=UTF-8
vary: Accept-Encoding

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame 3C54 7 B
380 B 124ms
13ms XHR
application/json 69.173.144.138

General

Check archive.org

Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.138 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://eus.rubiconproject.com/

Response headers

Cache-Control: no-cache,no-store,must-revalidate
Pragma: no-cache
access-control-allow-credentials: true
Expires: 0
access-control-allow-origin: https://eus.rubiconproject.com
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
content-length: 7
content-type: application/json; charset=UTF-8

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame 12CA 7 B
380 B 113ms
9ms XHR
application/json 69.173.144.138

General

Check archive.org

Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?gdpr=1
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.138 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://eus.rubiconproject.com/

Response headers

Cache-Control: no-cache,no-store,must-revalidate
Pragma: no-cache
access-control-allow-credentials: true
Expires: 0
access-control-allow-origin: https://eus.rubiconproject.com
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
content-length: 7
content-type: application/json; charset=UTF-8

GET getuid
secure.adnxs.com/ Frame 9D35 0
0

GET
H2

200

sync
x.bidswitch.net/ Frame 9D35
Redirect Chain

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_593eba0d-0aad-4ae6-af82-39e0e61bb20b&gdpr=0&gdpr_consent=&us_privacy=1---
https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_593eba0d-0aad-4ae6-af82-39e0e61bb20b&gdpr=0&gdpr_consent=&us_privacy=1---
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=52891df3-7211-4f2c-9765-e6ed239400b8
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=52891df3-7211-4f2c-9765-e6ed239400b8
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=e9377b90-b196-4dd7-8b3c-c65f72d9d3fd&user_group=1&ssp=gumgum2&bsw_param=52891df3-7211-4f2c-9765-e6ed239400b8

43 B
92 B

19ms
17ms

Image
image/gif

35.214.136.108

General

Check archive.org

Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=e9377b90-b196-4dd7-8b3c-c65f72d9d3fd&user_group=1&ssp=gumgum2&bsw_param=52891df3-7211-4f2c-9765-e6ed239400b8
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Server: 35.214.136.108 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://g2.gumgum.com/

Response headers

via: 1.1 google
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
date: Fri, 06 Jun 2025 03:02:32 GMT
content-type: image/gif

Redirect headers

via: 1.1 google
cache-control: no-cache, no-store, must-revalidate
location: //x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=e9377b90-b196-4dd7-8b3c-c65f72d9d3fd&user_group=1&ssp=gumgum2&bsw_param=52891df3-7211-4f2c-9765-e6ed239400b8
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 06 Jun 2025 03:02:32 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 9D35 43 B
107 B 38ms
16ms Image
image/gif 35.244.159.8

General

Check archive.org

Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://g2.gumgum.com/

Response headers

cache-control: private, max-age=0, no-cache
pragma: no-cache
x-forwarded-for: 45.141.152.76
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
p3p: CP="CUR ADM OUR NOR STA NID"
date: Fri, 06 Jun 2025 03:02:31 GMT
content-type: image/gif
vary: Accept, Accept-Encoding

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 9D35
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
https://usersync.gumgum.com/usersync?b=sta&i=CGBSH8v8XsliaZBv9cjptC2NmEw

35 B
250 B

35ms
34ms

Image
image/gif

34.247.233.198

General

Check archive.org

Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=sta&i=CGBSH8v8XsliaZBv9cjptC2NmEw
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.233.198 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://g2.gumgum.com/

Response headers

Expires: 0
Cache-Control: private, no-store, must-revalidate, max-age=0
Content-Length: 35
Date: Fri, 06 Jun 2025 03:02:32 GMT
Pragma: no-cache
Content-Type: image/gif
Connection: keep-alive

Redirect headers

Location: https://usersync.gumgum.com/usersync?b=sta&i=CGBSH8v8XsliaZBv9cjptC2NmEw
Content-Length: 99
Date: Fri, 06 Jun 2025 03:02:32 GMT
Content-Type: text/html; charset=utf-8
Connection: keep-alive

GET
H2 200 gumgum
pr-bh.ybp.yahoo.com/sync/ Frame 9D35 43 B
343 B 373ms
32ms Image
image/gif 2a05:d018:d29:3602:6b69:5262:77c9:d976

General

Check archive.org

Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=

Requested by

Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3602:6b69:5262:77c9:d976 -, , ASN (),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=dsp
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://g2.gumgum.com/

Response headers

strict-transport-security: max-age=31536000
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=dsp
age: 0
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-length: 43
date: Fri, 06 Jun 2025 03:02:32 GMT
content-type: image/gif
server: ATS
x-frame-options: DENY

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 9D35
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
https://usersync.gumgum.com/usersync?b=vnt&i=db1c80c9-0802-484a-bebc-7b22dc12cb8d

35 B
250 B

34ms
34ms

Image
image/gif

34.247.233.198

General

Check archive.org

Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=vnt&i=db1c80c9-0802-484a-bebc-7b22dc12cb8d
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.233.198 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://g2.gumgum.com/

Response headers

Expires: 0
Cache-Control: private, no-store, must-revalidate, max-age=0
Content-Length: 35
Date: Fri, 06 Jun 2025 03:02:32 GMT
Pragma: no-cache
Content-Type: image/gif
Connection: keep-alive

Redirect headers

X-CI-RTID: d7660711-aa4b-486c-b985-6da4d3b0b05f
Location: https://usersync.gumgum.com/usersync?b=vnt&i=db1c80c9-0802-484a-bebc-7b22dc12cb8d
Content-Length: 108
Date: Fri, 06 Jun 2025 03:02:32 GMT
Content-Type: text/html; charset=utf-8
Connection: keep-alive

GET
H2 200 142
match.deepintent.com/usersync/ Frame 9D35 0
44 B 459ms
99ms Image
text/plain 169.197.150.8

General

Check archive.org

Download Go to Show image

Full URL: https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.197.150.8 -, , ASN (),
Reverse DNS
Software: b /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://g2.gumgum.com/

Response headers

date: Fri, 06 Jun 2025 03:02:32 GMT
server: b
content-length: 0

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 9D35
Redirect Chain

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_593eba0d-0aad-4ae6-af82-39e0e61bb20b&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
https://b1sync.outbrain.com/usersync/gumgum/?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__&gdpr=0&gdpr_consent=&puid=e_593eba0d-0aad-4ae6-af82-39e0e61bb20b&s=2&us_privacy...
https://b1sync.zemanta.com/usersync/gumgum/?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__&gdpr=0&gdpr_consent=&obuid=61d8319a-b174-4707-89d1-ff4dbfe33b3f&puid=e_593eba0d-...
https://usersync.gumgum.com/usersync?b=zem&i=61d8319a-b174-4707-89d1-ff4dbfe33b3f&gdpr=0&us_privacy=1---

35 B
250 B

34ms
33ms

Image
image/gif

34.247.233.198

General

Check archive.org

Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=zem&i=61d8319a-b174-4707-89d1-ff4dbfe33b3f&gdpr=0&us_privacy=1---
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.233.198 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://g2.gumgum.com/

Response headers

Expires: 0
Cache-Control: private, no-store, must-revalidate, max-age=0
Content-Length: 35
Date: Fri, 06 Jun 2025 03:02:33 GMT
Pragma: no-cache
Content-Type: image/gif
Connection: keep-alive

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, no-store, must-revalidate
location: https://usersync.gumgum.com/usersync?b=zem&i=61d8319a-b174-4707-89d1-ff4dbfe33b3f&gdpr=0&us_privacy=1---
pragma: no-cache
expires: Thu, 01 Dec 1994 16:00:00 GMT
p3p: CP="We do not support P3P header."
content-length: 139
date: Fri, 06 Jun 2025 03:02:33 GMT
content-type: text/html; charset=utf-8

GET
H2

200

usersync
rtb.gumgum.com/ Frame 9D35
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&us_privacy=1---&gpp=&gpp_sid=&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
https://rtb.gumgum.com/usersync?b=pln&i=bM4OVpK9nReC&ev=1&gpp_sid=&gpp=&us_privacy=1---&pid=558355

35 B
208 B

137ms
32ms

Image
image/gif

18.201.5.241
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=pln&i=bM4OVpK9nReC&ev=1&gpp_sid=&gpp=&us_privacy=1---&pid=558355
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Server: 18.201.5.241 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-201-5-241.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://g2.gumgum.com/

Response headers

cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
pragma: no-cache
expires: 0
content-length: 35
date: Fri, 06 Jun 2025 03:02:32 GMT
content-type: image/gif;charset=UTF-8
server: nginx

Redirect headers

cache-control: private, max-age=0, no-cache, no-store
location: https://rtb.gumgum.com/usersync?b=pln&i=bM4OVpK9nReC&ev=1&gpp_sid=&gpp=&us_privacy=1---&pid=558355
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cw-server: bh-deployment-948577bbb-vx7rt
expires: -1
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: de-DE
server: Jetty(12.0.17)

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 9D35
Redirect Chain

https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
https://usersync.gumgum.com/usersync?b=sad&i=9117802501659367042

35 B
250 B

139ms
34ms

Image
image/gif

34.247.233.198

General

Check archive.org

Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=sad&i=9117802501659367042
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.233.198 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://g2.gumgum.com/

Response headers

Expires: 0
Cache-Control: private, no-store, must-revalidate, max-age=0
Content-Length: 35
Date: Fri, 06 Jun 2025 03:02:32 GMT
Pragma: no-cache
Content-Type: image/gif
Connection: keep-alive

Redirect headers

cache-control: no-cache,no-store
location: https://usersync.gumgum.com/usersync?b=sad&i=9117802501659367042
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date: Fri, 06 Jun 2025 03:02:31 GMT
pragma: no-cache

GET
H2 200 sync
ads.servenobid.com/ Frame 9D35 0
403 B 24ms
22ms Image
image/avif 143.244.197.139
DIGITALOCEAN-ASN

General

Check archive.org

Download Go to Show image

Full URL

https://ads.servenobid.com/sync?pid=309&uid=e_593eba0d-0aad-4ae6-af82-39e0e61bb20b

Requested by

Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

143.244.197.139 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://g2.gumgum.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
amp-access-control-allow-source-origin: *
access-control-allow-origin: *
content-length: 0
date: Fri, 06 Jun 2025 03:02:32 GMT
content-type: image/avif;charset=ISO-8859-1

POST
H3 204 collect
www.google-analytics.com/g/ Frame F379 0
0 44ms
43ms Fetch
text/plain 2a00:1450:400d:808::200e
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-NCTSG4T1B6&gtm=45je5641v9138172222za204&_p=1749178947176&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101509157~103116026~103200004~103233427~103351869~103351871~104617976~104617978~104651273~104651275~104653070~104653072~104661466~104661468~104698127~104698129&cid=338758318.1749178945&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=1&pscdl=noapi&_eu=AEAAAAQ&_s=2&sid=1749178945&sct=1&seg=1&dl=https%3A%2F%2Fgocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org%2Fhome%2F&dr=https%3A%2F%2Fgocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org%2Fpages%2Fhome.html&dt=Home&en=scroll&epn.percent_scrolled=90&tfd=5676
Requested by: Host: gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
URL: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/ana.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:808::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:102:0
report-to: {"group":"ascnsrsggc:102:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:102:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:102:0
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 06 Jun 2025 03:02:32 GMT
content-type: text/plain
server: Golfe2

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame 47F7
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent=
https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent=
https://usersync.gumgum.com/usersync?b=adf&i=780600566577439202&gdpr=0&gdpr_consent=

35 B
250 B

59ms
35ms

Document
image/gif

34.247.233.198

General

Check archive.org

Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=adf&i=780600566577439202&gdpr=0&gdpr_consent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.247.233.198 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Fri, 06 Jun 2025 03:02:32 GMT
Expires: 0
Pragma: no-cache

Redirect headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 0
date: Fri, 06 Jun 2025 03:02:32 GMT
expires: -1
location: https://usersync.gumgum.com/usersync?b=adf&i=780600566577439202&gdpr=0&gdpr_consent=
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

pixel Show response
cm.g.doubleclick.net/ Frame 6ED4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV81OTNlYmEwZC0wYWFkLTRhZTYtYWY4Mi0zOWUwZTYxYmIyMGI=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersyn...
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV81OTNlYmEwZC0wYWFkLTRhZTYtYWY4Mi0zOWUwZTYxYmIyMGI=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersyn...

170 B
243 B

18ms
17ms

Document
image/png

216.58.206.66

General

Check archive.org

Download Go to

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV81OTNlYmEwZC0wYWFkLTRhZTYtYWY4Mi0zOWUwZTYxYmIyMGI=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv&google_tc=

Requested by

Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.66 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 170
content-type: image/png
cross-origin-resource-policy: cross-origin
date: Fri, 06 Jun 2025 03:02:32 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: HTTP server (unknown)
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 436
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 06 Jun 2025 03:02:32 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
location: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV81OTNlYmEwZC0wYWFkLTRhZTYtYWY4Mi0zOWUwZTYxYmIyMGI=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv&google_tc=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: HTTP server (unknown)
x-xss-protection: 0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame ACC6 20 KB
7 KB 8ms
8ms Document
text/html 184.30.17.43

General

Check archive.org

Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.17.43 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: a88123f7890e58349e3a64226c716be9d346a42ba76e542a8ebdd30026a89604

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: max-age=112961
content-encoding: gzip
content-length: 6694
content-type: text/html
date: Fri, 06 Jun 2025 03:02:32 GMT
expires: Sat, 07 Jun 2025 10:25:13 GMT
last-modified: Wed, 13 Nov 2024 05:14:24 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 generic Show response
match.adsrvr.org/track/cmf/ Frame AD2A 70 B
148 B 33ms
32ms Document
image/gif 35.71.131.137

General

Check archive.org

Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 -, , ASN (),
Reverse DNS
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36

Response headers

content-length: 70
content-type: image/gif
date: Fri, 06 Jun 2025 03:02:32 GMT
server: Kestrel

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame 4A33
Redirect Chain

https://tg.socdm.com/aux/idsync?proto=gumgum
https://usersync.gumgum.com/usersync?b=sus&i=aEJaScCo8JEAACgfoqkAAAAA

35 B
250 B

33ms
33ms

Document
image/gif

34.247.233.198

General

Check archive.org

Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=sus&i=aEJaScCo8JEAACgfoqkAAAAA
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.247.233.198 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Fri, 06 Jun 2025 03:02:33 GMT
Expires: 0
Pragma: no-cache

Redirect headers

Cache-Control: private
Connection: keep-alive
Content-Length: 0
Date: Fri, 06 Jun 2025 03:02:33 GMT
Location: https://usersync.gumgum.com/usersync?b=sus&i=aEJaScCo8JEAACgfoqkAAAAA
P3P: CP="See also http://www.scaleout.jp/privacy/"
Server: nginx
X-SO-Ads-Time: 2
X-SO-Cluster-ID: 0
X-SO-HostName: m-ad244.dc4p.scaleout.jp
X-SO-IP: 45.141.152.76
X-SO-Key: aEJaScCo8JEAACgfoqkAAAAA
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"aEJaScCo8JEAACgfoqkAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad244"}
X-SO-LB-Hostname: m-ng45.dc4p.scaleout.jp
X-SO-Upstream-ID: m-ad244

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame 718A
Redirect Chain

https://creativecdn.com/cm-notify?pi=gumgum
https://usersync.gumgum.com/usersync?b=rth&i=ZpmPeFdqDORdT-5LCTVRM7qjU6OZtSsdm-5rFR8Q_Y8&pi=gumgum

35 B
250 B

139ms
34ms

Document
image/gif

34.247.233.198

General

Check archive.org

Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=rth&i=ZpmPeFdqDORdT-5LCTVRM7qjU6OZtSsdm-5rFR8Q_Y8&pi=gumgum
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.247.233.198 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Fri, 06 Jun 2025 03:02:32 GMT
Expires: 0
Pragma: no-cache

Redirect headers

cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
date: Fri, 06 Jun 2025 03:02:32 GMT Fri, 06 Jun 2025 03:02:32 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://usersync.gumgum.com/usersync?b=rth&i=ZpmPeFdqDORdT-5LCTVRM7qjU6OZtSsdm-5rFR8Q_Y8&pi=gumgum
pragma: no-cache
vary: Accept-Encoding

GET
H2

200

usync.html Show response
eus.rubiconproject.com/ Frame 0660
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
https://eus.rubiconproject.com/usync.html?p=gumgum

269 B
379 B

12ms
12ms

Document
text/html

184.30.22.30

General

Check archive.org

Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 -, , ASN (),
Reverse DNS
Software: Apache/2.4.62 (Debian) /
Resource Hash: e4df52d49c57bc3e7158cb052cc05c60f1258c24de5c5728dac5d43272943ad9

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 224
content-type: text/html
date: Fri, 06 Jun 2025 03:02:32 GMT
etag: "10d-629840acea280-gzip"
last-modified: Wed, 18 Dec 2024 04:42:34 GMT
server: Apache/2.4.62 (Debian)
vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Fri, 06 Jun 2025 03:02:32 GMT
location: https://eus.rubiconproject.com/usync.html?p=gumgum
server: AkamaiGHost

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 92F2 0
42 B 105ms
13ms Script
text/plain 198.47.127.19

General

Check archive.org

Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=9298828&p=162412&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YN-&gpp=&gpp_sid=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.19 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

date: Fri, 06 Jun 2025 03:02:32 GMT
content-length: 0

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 1934 70 B
148 B 38ms
36ms Image
image/gif 35.71.131.137

General

Check archive.org

Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 -, , ASN (),
Reverse DNS
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://ssum-sec.casalemedia.com/

Response headers

content-length: 70
date: Fri, 06 Jun 2025 03:02:32 GMT
content-type: image/gif
server: Kestrel

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1934
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=aEJaSFVbLSMAEaTQAIU3kQAA

170 B
188 B

17ms
16ms

Image
image/png

216.58.206.66

General

Check archive.org

Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=aEJaSFVbLSMAEaTQAIU3kQAA

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1

Protocol

Server

216.58.206.66 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://ssum-sec.casalemedia.com/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
date: Fri, 06 Jun 2025 03:02:32 GMT
x-xss-protection: 0
content-type: image/png
server: HTTP server (unknown)

Redirect headers

cache-control: no-cache
location: https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=aEJaSFVbLSMAEaTQAIU3kQAA
cf-cache-status: DYNAMIC
pragma: no-cache
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3EFaeEZ4QjW94KwZdlHqzecRZoquNSqnhwpZtBQi4KoDqj1LQszQDdDhtGE%2BKSSb%2FQnD5GOoTyEfc4s%2BBvSS4ML3QKAdZhlzGLnIRotaxU%2FfRq5E2gnkRAF0aB7jmHUnXztTF%2Bi1m63Ddw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 94b4abe4e840d368-FRA
expires: 0
alt-svc: h3=":443"; ma=86400
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date: Fri, 06 Jun 2025 03:02:32 GMT
vary: Accept-Encoding
server: cloudflare

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 1934
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=aEJaSFVbLSMAEaTQAIU3kQAAFAEAAAAB&gpp=&gpp_sid=
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=aEJaSFVbLSMAEaTQAIU3kQAAFAEAAAAB&gpp=&gpp_sid=&dcc=t

43 B
855 B

120ms
120ms

Image
image/gif

98.82.158.241

General

Check archive.org

Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=aEJaSFVbLSMAEaTQAIU3kQAAFAEAAAAB&gpp=&gpp_sid=&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1

Protocol

HTTP/1.1

Server

98.82.158.241 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://ssum-sec.casalemedia.com/

Response headers

Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:00 GMT
x-amz-rid: TW8NG5H98VR8WYX5GCNX
Content-Length: 43
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Date: Fri, 06 Jun 2025 03:02:32 GMT
Content-Type: image/gif
Vary: Content-Type,Accept-Encoding,User-Agent
Server: Server

Redirect headers

Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=aEJaSFVbLSMAEaTQAIU3kQAAFAEAAAAB&gpp=&gpp_sid=&dcc=t
Pragma: no-cache
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:00 GMT
x-amz-rid: HWC2KX8AKG0KJ2DEMHSM
Content-Length: 0
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Date: Fri, 06 Jun 2025 03:02:32 GMT
Vary: Content-Type,Accept-Encoding,User-Agent
Server: Server

GET
H/1.1 200
OK 31327
i.liadm.com/s/ Frame 1934 0
208 B 501ms
95ms Image
text/plain 44.210.49.252

General

Check archive.org

Download Go to Show image

Full URL

https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=aEJaSFVbLSMAEaTQAIU3kQAA%265121&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.210.49.252 -, , ASN (),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://ssum-sec.casalemedia.com/

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 0
Date: Fri, 06 Jun 2025 03:02:32 GMT
trace-id: ed51de5a3ac92b74
Request-Time: 0
Connection: keep-alive

GET
H2

200

crum
dsum-sec.casalemedia.com/ Frame 1934
Redirect Chain

https://p.rfihub.com/cm?in=1&pub=2079
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5131077719815679379

43 B
772 B

78ms
21ms

Image
image/gif

104.18.26.193

General

Check archive.org

Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5131077719815679379
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: H2
Server: 104.18.26.193 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://ssum-sec.casalemedia.com/

Response headers

cache-control: no-cache
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x0nbjpwu15Qv5c4UGVlxV%2BJ07%2FLXV1f4bF%2FoHT3MLFLivKF5vgdYHbu6vjTOxc2U0qIuetFZusU2BMI56%2ForWnkjczCmJjxbsKdncpfwW8v7bQ3f1p30dIYCFFM36619u85%2B4qmlAlWFRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 94b4abe4e842d368-FRA
expires: 0
alt-svc: h3=":443"; ma=86400
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date: Fri, 06 Jun 2025 03:02:32 GMT
content-type: image/gif
vary: Accept-Encoding
server: cloudflare

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5131077719815679379
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Date: Fri, 06 Jun 2025 03:02:32 GMT
Server: Jetty(9.4.51.v20230217)

GET
H2

200

crum
dsum-sec.casalemedia.com/ Frame 1934
Redirect Chain

https://trace.mediago.io/ju/cs/indexexchange
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=cd5d5f3fbf78ceb3275vbr00mbk7zibo

43 B
551 B

22ms
21ms

Image
image/gif

104.18.26.193

General

Check archive.org

Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=cd5d5f3fbf78ceb3275vbr00mbk7zibo
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: H2
Server: 104.18.26.193 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://ssum-sec.casalemedia.com/

Response headers

cache-control: no-cache
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NMaFch18YaTz0wNeEjMye%2FlOfb4l3QPha6edcMODg%2BTnIeO2MqDBSpzYTXH9aSsExoiDdDZgKgr7%2BIJjytWq73SZg0b65QtlccskD%2FYo58G6xGUkHrdJrlubhBEc8gaNLI6WF8p%2F%2FkNBuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 94b4abeadea4d368-FRA
expires: 0
alt-svc: h3=":443"; ma=86400
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date: Fri, 06 Jun 2025 03:02:33 GMT
content-type: image/gif
vary: Accept-Encoding
server: cloudflare

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=cd5d5f3fbf78ceb3275vbr00mbk7zibo
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8
date: Fri, 06 Jun 2025 03:02:33 GMT
content-type: text/plain; charset=utf-8
access-control-allow-headers: Content-Type

GET
H2

200

crum
dsum-sec.casalemedia.com/ Frame 1934
Redirect Chain

https://cm.ctnsnet.com/int/cm?exc=19
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=068e9da6b7db4831bef128dab3088cca&expiration=1751770952

43 B
331 B

20ms
20ms

Image
image/gif

104.18.26.193

General

Check archive.org

Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=068e9da6b7db4831bef128dab3088cca&expiration=1751770952
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: H2
Server: 104.18.26.193 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://ssum-sec.casalemedia.com/

Response headers

cache-control: no-cache
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2nBm9zLbZwGf2i5c7tj%2BHMfoxV5iBY%2B3QZ%2F7%2Be2QNSY33c8w4TTlTYDx2BT5iL3cSiV%2FUZrkrvPpj5GC8M%2BdMsBDMbqCHF6BOgzMdptSlGVpQE1HDhjjhO0dlsW6TSCYW8GprFYYITkgYA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 94b4abe4e84bd368-FRA
expires: 0
alt-svc: h3=":443"; ma=86400
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date: Fri, 06 Jun 2025 03:02:32 GMT
content-type: image/gif
vary: Accept-Encoding
server: cloudflare

Redirect headers

cache-control: no-cache, must-revalidate
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=068e9da6b7db4831bef128dab3088cca&expiration=1751770952
pragma: no-cache
via: 1.1 google
expires: Fri, 01 Jan 1990 00:00:00 GMT
status: 302
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: CP="NOI DSP COR NID CUR OUR NOR"
content-length: 0
x-xss-protection: 1; mode=block
date: Fri, 06 Jun 2025 03:02:32 GMT
content-type: text/html;charset=UTF-8

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 1934
Redirect Chain

https://s.c.appier.net/index?userId=aEJaSFVbLSMAEaTQAIU3kQAA%265121&gdpr=&us_privacy=
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=203&external_user_id=Yk2L69FsBzitCptwSVpCaA&gdpr=1

43 B
329 B

20ms
19ms

Image
image/gif

104.18.26.193

General

Check archive.org

Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=203&external_user_id=Yk2L69FsBzitCptwSVpCaA&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: H2
Server: 104.18.26.193 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://ssum-sec.casalemedia.com/

Response headers

cache-control: no-cache
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LUD5NKWRr15vsYIGMvBXK0mCiAvEIV6DRsuN5rgKeOKV4gXgnWmHgvbiajx%2BKDDvBmQFsSBoDN80vujV%2BLCmNj%2BtVlCl%2BcFChUhQFmVqE1es7S9ngk8dsTbF%2FhMODom0zVWfUeZ9w11EUw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 94b4abebaf85d368-FRA
expires: 0
alt-svc: h3=":443"; ma=86400
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date: Fri, 06 Jun 2025 03:02:33 GMT
content-type: image/gif
vary: Accept-Encoding
server: cloudflare

Redirect headers

Cache-Control: no-store
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=203&external_user_id=Yk2L69FsBzitCptwSVpCaA&gdpr=1
Accept-Ch: Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
Connection: keep-alive
Content-Length: 0
P3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Date: Fri, 06 Jun 2025 03:02:33 GMT
Server: nginx

GET
H2 200 sync
ads.servenobid.com/ Frame 1934 0
403 B 28ms
27ms Image
image/avif 143.244.197.139
DIGITALOCEAN-ASN

General

Check archive.org

Download Go to Show image

Full URL

https://ads.servenobid.com/sync?pid=333&uid=aEJaSFVbLSMAEaTQAIU3kQAAFAEAAAAB

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

143.244.197.139 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://ssum-sec.casalemedia.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
amp-access-control-allow-source-origin: *
access-control-allow-origin: *
content-length: 0
date: Fri, 06 Jun 2025 03:02:32 GMT
content-type: image/avif;charset=ISO-8859-1

GET
H2

200

sync
visitor.europe-west9.gcp.omnitagjs.com/visitor/ Frame AF33
Redirect Chain

https://sync.aniview.com/ssync?pid=62f53b2c7850d0786f227f64&r=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DANIVIEW%26ttl%3D720%26uid%3De8ecb87ff2ef3a3b16ba16c51e79...
https://visitor.europe-west9.gcp.omnitagjs.com/visitor/sync?name=ANIVIEW&ttl=720&uid=e8ecb87ff2ef3a3b16ba16c51e7986ac&visitor=b39a1a59-c340-44b6-8c97-2a5fc0834f7b&gdpr=1&gdpr_consent=

49 B
339 B

21ms
20ms

Image
image/gif

34.1.1.166
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL: https://visitor.europe-west9.gcp.omnitagjs.com/visitor/sync?name=ANIVIEW&ttl=720&uid=e8ecb87ff2ef3a3b16ba16c51e7986ac&visitor=b39a1a59-c340-44b6-8c97-2a5fc0834f7b&gdpr=1&gdpr_consent=
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/ssync/62f53b2c7850d0786f227f64/ssync.html?pid=62f53b2c7850d0786f227f64&r=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DANIVIEW%26ttl%3D720%26uid%3De8ecb87ff2ef3a3b16ba16c51e7986ac%26visitor%3D%5BAV_UID%5D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
Protocol: H2
Server: 34.1.1.166 Paris, France, ASN15169 (GOOGLE, US),
Reverse DNS: 166.1.1.34.bc.googleusercontent.com
Software: fasthttp /
Resource Hash: d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://player.aniview.com/

Response headers

x-kong-request-id: 5cbd2f30f73ee40aeec7d808474b2a0b
via: kong/3.6.1
x-kong-upstream-latency: 4
x-kong-proxy-latency: 0
content-length: 49
p3p: CP="CAO PSA OUR"
date: Fri, 06 Jun 2025 03:02:33 GMT
content-type: image/gif
server: fasthttp

Redirect headers

location: https://visitor.europe-west9.gcp.omnitagjs.com/visitor/sync?name=ANIVIEW&ttl=720&uid=e8ecb87ff2ef3a3b16ba16c51e7986ac&visitor=b39a1a59-c340-44b6-8c97-2a5fc0834f7b&gdpr=1&gdpr_consent=
content-length: 226
date: Fri, 06 Jun 2025 03:02:33 GMT
x-envoy-upstream-service-time: 0
content-type: text/html; charset=utf-8
server: istio-envoy

GET
DATA 200
OK truncated
/ Frame 0BBC 3 KB
0 Image
image/png

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 04d05978fdb111358073ab0524e5c1fafc0826615c206987618416b8bd8a4747

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 0BBC 5 KB
0 Image
image/png

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e4222715b556e7d99622c83e620d2f8e090047e56adb07923047f95828d561f2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H2 200 sync
ads.servenobid.com/ Frame 9EA1 0
390 B 27ms
23ms Image
image/avif 143.244.197.139
DIGITALOCEAN-ASN

General

Check archive.org

Download Go to Show image

Full URL

https://ads.servenobid.com/sync?pid=317&uid=3344815557560178246&gdpr=0&gdpr_consent=

Requested by

Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

143.244.197.139 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://ssbsync.smartadserver.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
amp-access-control-allow-source-origin: *
access-control-allow-origin: *
content-length: 0
date: Fri, 06 Jun 2025 03:02:32 GMT
content-type: image/avif;charset=ISO-8859-1

GET
H/1.1 200
OK /
b1sync.zemanta.com/usersync/smart/ Frame 9EA1 26 B
200 B 156ms
103ms Image
image/gif 64.74.236.159

General

Check archive.org

Download Go to Show image

Full URL

https://b1sync.zemanta.com/usersync/smart/?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D116%26partneruserid%3D__ZUID__&gdpr=0&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.74.236.159 -, , ASN (),

Reverse DNS

Software

Resource Hash

3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://ssbsync.smartadserver.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 26
date: Fri, 06 Jun 2025 03:02:32 GMT
content-type: image/gif

GET
H2

200

RX-fb86baa9-e2d9-4882-8885-6cca131e0cba-003
sync.targeting.unrulymedia.com/csync/ Frame 9EA1
Redirect Chain

https://sync.1rx.io/usersync2/smartadserver?gdpr=0&gdpr_consent=
https://ad.turn.com/r/cs?pid=45&id=RX-fb86baa9-e2d9-4882-8885-6cca131e0cba-003&rndcb=2053699255
https://sync.1rx.io/usersync/turn/3297876935822924026?dspret=1&gdpr=&gdpr_consent=&us_privacy=
https://sync.targeting.unrulymedia.com/csync/RX-fb86baa9-e2d9-4882-8885-6cca131e0cba-003

43 B
378 B

223ms
15ms

Image
image/gif

46.228.174.117

General

Check archive.org

Download Go to Show image

Full URL: https://sync.targeting.unrulymedia.com/csync/RX-fb86baa9-e2d9-4882-8885-6cca131e0cba-003
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol: H2
Server: 46.228.174.117 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://ssbsync.smartadserver.com/

Response headers

p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
date: Fri, 06 Jun 2025 03:02:32 GMT
content-length: 43

Redirect headers

expires: 0
cache-control: no-store, no-cache, must-revalidate
location: https://sync.targeting.unrulymedia.com/csync/RX-fb86baa9-e2d9-4882-8885-6cca131e0cba-003
date: Fri, 06 Jun 2025 03:02:32 GMT
pragma: no-cache
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9EA1
Redirect Chain

https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=134&partneruserid=OB_OK&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmart_adserver_eb%26google_hm%3DSMART_USER_ID_...
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=OTExNzgwMjUwMTY1OTM2NzA0Mg==&gdpr=0&gdpr_consent=

170 B
188 B

19ms
19ms

Image
image/png

216.58.206.66

General

Check archive.org

Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=OTExNzgwMjUwMTY1OTM2NzA0Mg==&gdpr=0&gdpr_consent=

Requested by

Protocol

Server

216.58.206.66 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://ssbsync.smartadserver.com/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
date: Fri, 06 Jun 2025 03:02:32 GMT
x-xss-protection: 0
content-type: image/png
server: HTTP server (unknown)

Redirect headers

cache-control: no-cache,no-store
location: https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=OTExNzgwMjUwMTY1OTM2NzA0Mg==&gdpr=0&gdpr_consent=
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date: Fri, 06 Jun 2025 03:02:32 GMT
pragma: no-cache

GET
H2

200

/
rtb-csync.smartadserver.com/redir/ Frame 9EA1
Redirect Chain

https://pxl.iqm.com/i/ck/equativ?cid=SMART_USER_ID&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D154%26partneruserid%3D%7BIQM_COOKIE%7D&gdpr=0&gdpr_consent=
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=154&partneruserid=5e51d4b8-4020-4033-9aa2-bb0574accddb

43 B
113 B

16ms
16ms

Image
image/gif

89.149.192.200

General

Check archive.org

Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=154&partneruserid=5e51d4b8-4020-4033-9aa2-bb0574accddb
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol: H2
Server: 89.149.192.200 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://ssbsync.smartadserver.com/

Response headers

date: Fri, 06 Jun 2025 03:02:31 GMT
content-type: image/gif

Redirect headers

Location: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=154&partneruserid=5e51d4b8-4020-4033-9aa2-bb0574accddb
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Content-Length: 114
Date: Fri, 06 Jun 2025 03:02:32 GMT
Content-Type: image/avif;charset=UTF-8
Server: openresty
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 usync.js Show response
eus.rubiconproject.com/ Frame E0EB 44 KB
0 0ms
0ms Script
text/html 184.30.22.30

General

Check archive.org

Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 -, , ASN (),
Reverse DNS
Software: Apache/2.4.62 (Debian) / PHP/8.3.13
Resource Hash: c1eb03b802019d4f6ab1b6b7c2cfd98a215aee89b60a9d47523430790808db89

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east

Response headers

cache-control: max-age=15780
content-encoding: gzip
expires: Fri, 06 Jun 2025 07:25:32 GMT
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
content-length: 11434
date: Fri, 06 Jun 2025 03:02:32 GMT
last-modified: Thu, 05 Jun 2025 07:25:32 GMT
x-powered-by: PHP/8.3.13
server: Apache/2.4.62 (Debian)
content-type: text/html;charset=UTF-8
vary: Accept-Encoding

GET
H2 200 usync.js Show response
eus.rubiconproject.com/ Frame 1434 44 KB
0 0ms
0ms Script
text/html 184.30.22.30

General

Check archive.org

Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 -, , ASN (),
Reverse DNS
Software: Apache/2.4.62 (Debian) / PHP/8.3.13
Resource Hash: c1eb03b802019d4f6ab1b6b7c2cfd98a215aee89b60a9d47523430790808db89

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=1&gdpr_consent=

Response headers

cache-control: max-age=15780
content-encoding: gzip
expires: Fri, 06 Jun 2025 07:25:32 GMT
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
content-length: 11434
date: Fri, 06 Jun 2025 03:02:32 GMT
last-modified: Thu, 05 Jun 2025 07:25:32 GMT
x-powered-by: PHP/8.3.13
server: Apache/2.4.62 (Debian)
content-type: text/html;charset=UTF-8
vary: Accept-Encoding

GET
H2 200 usync.js Show response
eus.rubiconproject.com/ Frame 0660 44 KB
0 0ms
0ms Script
text/html 184.30.22.30

General

Check archive.org

Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 -, , ASN (),
Reverse DNS
Software: Apache/2.4.62 (Debian) / PHP/8.3.13
Resource Hash: c1eb03b802019d4f6ab1b6b7c2cfd98a215aee89b60a9d47523430790808db89

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://eus.rubiconproject.com/usync.html?p=gumgum

Response headers

cache-control: max-age=15780
content-encoding: gzip
expires: Fri, 06 Jun 2025 07:25:32 GMT
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
content-length: 11434
date: Fri, 06 Jun 2025 03:02:32 GMT
last-modified: Thu, 05 Jun 2025 07:25:32 GMT
x-powered-by: PHP/8.3.13
server: Apache/2.4.62 (Debian)
content-type: text/html;charset=UTF-8
vary: Accept-Encoding

GET
H2 200 usync.js Show response
eus.rubiconproject.com/ Frame 57CB 44 KB
0 0ms
0ms Script
text/html 184.30.22.30

General

Check archive.org

Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 -, , ASN (),
Reverse DNS
Software: Apache/2.4.62 (Debian) / PHP/8.3.13
Resource Hash: c1eb03b802019d4f6ab1b6b7c2cfd98a215aee89b60a9d47523430790808db89

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=1&gdpr_consent=

Response headers

cache-control: max-age=15780
content-encoding: gzip
expires: Fri, 06 Jun 2025 07:25:32 GMT
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
content-length: 11434
date: Fri, 06 Jun 2025 03:02:32 GMT
last-modified: Thu, 05 Jun 2025 07:25:32 GMT
x-powered-by: PHP/8.3.13
server: Apache/2.4.62 (Debian)
content-type: text/html;charset=UTF-8
vary: Accept-Encoding

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame E0EB 7 B
380 B 10ms
9ms XHR
application/json 69.173.144.138

General

Check archive.org

Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.138 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://eus.rubiconproject.com/

Response headers

Cache-Control: no-cache,no-store,must-revalidate
Pragma: no-cache
access-control-allow-credentials: true
Expires: 0
access-control-allow-origin: https://eus.rubiconproject.com
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
content-length: 7
content-type: application/json; charset=UTF-8

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame 1434 7 B
380 B 9ms
9ms XHR
application/json 69.173.144.138

General

Check archive.org

Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?gdpr=1
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.138 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://eus.rubiconproject.com/

Response headers

Cache-Control: no-cache,no-store,must-revalidate
Pragma: no-cache
access-control-allow-credentials: true
Expires: 0
access-control-allow-origin: https://eus.rubiconproject.com
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
content-length: 7
content-type: application/json; charset=UTF-8

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame 0660 7 B
380 B 14ms
8ms XHR
application/json 69.173.144.138

General

Check archive.org

Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.138 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://eus.rubiconproject.com/

Response headers

Cache-Control: no-cache,no-store,must-revalidate
Pragma: no-cache
access-control-allow-credentials: true
Expires: 0
access-control-allow-origin: https://eus.rubiconproject.com
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
content-length: 7
content-type: application/json; charset=UTF-8

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame 57CB 7 B
380 B 14ms
9ms XHR
application/json 69.173.144.138

General

Check archive.org

Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?gdpr=1
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.138 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://eus.rubiconproject.com/

Response headers

Cache-Control: no-cache,no-store,must-revalidate
Pragma: no-cache
access-control-allow-credentials: true
Expires: 0
access-control-allow-origin: https://eus.rubiconproject.com
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
content-length: 7
content-type: application/json; charset=UTF-8

GET
H2 400 getuid Show response
secure.adnxs.com/ Frame 26EC 146 B
294 B 22ms
22ms Document
text/html 37.252.171.53
ASN-APPNEX

General

Check archive.org

Download Go to

Full URL: https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D%26biddername%3D55%26key%3D%24UID
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/ssync/62f53b2c7850d0786f227f64/ssync.html?pid=62f53b2c7850d0786f227f64&r=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DANIVIEW%26ttl%3D720%26uid%3De8ecb87ff2ef3a3b16ba16c51e7986ac%26visitor%3D%5BAV_UID%5D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software: nginx/1.23.4 /
Resource Hash: bfb16f2d35702077ef9d8416d9eef53d688ff16e6faf73d5b9913d76e1144d9a

Request headers

Referer: https://player.aniview.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36

Response headers

content-length: 146
content-type: text/html
date: Fri, 06 Jun 2025 03:02:33 GMT
server: nginx/1.23.4
x-proxy-origin: 45.141.152.76; 45.141.152.76; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; *.adnxs.com

GET
H2

200

usync.html Show response
eus.rubiconproject.com/ Frame 59EC
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east

269 B
379 B

8ms
8ms

Document
text/html

184.30.22.30

General

Check archive.org

Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/ssync/62f53b2c7850d0786f227f64/ssync.html?pid=62f53b2c7850d0786f227f64&r=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DANIVIEW%26ttl%3D720%26uid%3De8ecb87ff2ef3a3b16ba16c51e7986ac%26visitor%3D%5BAV_UID%5D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 -, , ASN (),
Reverse DNS
Software: Apache/2.4.62 (Debian) /
Resource Hash: e4df52d49c57bc3e7158cb052cc05c60f1258c24de5c5728dac5d43272943ad9

Request headers

Referer: https://player.aniview.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 224
content-type: text/html
date: Fri, 06 Jun 2025 03:02:33 GMT
etag: "10d-629840acea280-gzip"
last-modified: Wed, 18 Dec 2024 04:42:34 GMT
server: Apache/2.4.62 (Debian)
vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Fri, 06 Jun 2025 03:02:33 GMT
location: https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
server: AkamaiGHost

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 9C0E 0
0 58ms
17ms Document
text/plain 34.36.216.150

General

Check archive.org

Download Go to

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=117&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D%26biddername%3D72%26pid%3D62f53b2c7850d0786f227f64%26key%3D%7BuserId%7D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/ssync/62f53b2c7850d0786f227f64/ssync.html?pid=62f53b2c7850d0786f227f64&r=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DANIVIEW%26ttl%3D720%26uid%3De8ecb87ff2ef3a3b16ba16c51e7986ac%26visitor%3D%5BAV_UID%5D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.36.216.150 -, , ASN (),
Reverse DNS
Software: A /
Resource Hash

Request headers

Referer: https://player.aniview.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: max-age=0,no-cache,no-store
date: Fri, 06 Jun 2025 03:02:33 GMT
expires: Tue, 11 Oct 1977 12:34:56 GMT
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
server: A
via: 1.1 google

GET
H2 200 sync
x.bidswitch.net/ Frame AF33 43 B
92 B 20ms
19ms Image
image/gif 35.214.136.108

General

Check archive.org

Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=&user_id=&gdpr=1&gdpr_consent=&us_privacy=
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/ssync/62f53b2c7850d0786f227f64/ssync.html?pid=62f53b2c7850d0786f227f64&r=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DANIVIEW%26ttl%3D720%26uid%3De8ecb87ff2ef3a3b16ba16c51e7986ac%26visitor%3D%5BAV_UID%5D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.214.136.108 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://player.aniview.com/

Response headers

via: 1.1 google
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
date: Fri, 06 Jun 2025 03:02:32 GMT
content-type: image/gif

GET
H2 200 https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D%26biddername%3D24%26pid%3D62f53b2c7850d0786f227f64%26key%3D%24%7BBSW_UUID%7D
x.bidswitch.net/check_uuid/ Frame AF33 43 B
92 B 19ms
18ms Image
image/gif 35.214.136.108

General

Check archive.org

Download Go to Show image

Full URL: https://x.bidswitch.net/check_uuid/https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D%26biddername%3D24%26pid%3D62f53b2c7850d0786f227f64%26key%3D%24%7BBSW_UUID%7D?gdpr=1&gdpr_consent=&us_privacy=
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/ssync/62f53b2c7850d0786f227f64/ssync.html?pid=62f53b2c7850d0786f227f64&r=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DANIVIEW%26ttl%3D720%26uid%3De8ecb87ff2ef3a3b16ba16c51e7986ac%26visitor%3D%5BAV_UID%5D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.214.136.108 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://player.aniview.com/

Response headers

via: 1.1 google
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
date: Fri, 06 Jun 2025 03:02:32 GMT
content-type: image/gif

GET
H2 200 cookiesyncredir
bttrack.com/pixel/ Frame AF33 35 B
80 B 563ms
161ms Image
image/gif 64.38.119.44

General

Check archive.org

Download Go to Show image

Full URL

https://bttrack.com/pixel/cookiesyncredir?rurl=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D%26biddername%3D204%26pid%3D62f53b2c7850d0786f227f64%26key%3D%7Bglobalid%7D

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/ssync/62f53b2c7850d0786f227f64/ssync.html?pid=62f53b2c7850d0786f227f64&r=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DANIVIEW%26ttl%3D720%26uid%3De8ecb87ff2ef3a3b16ba16c51e7986ac%26visitor%3D%5BAV_UID%5D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

64.38.119.44 -, , ASN (),

Reverse DNS

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://player.aniview.com/

Response headers

strict-transport-security: max-age=31536000;
cache-control: private,no-cache
x-servername: BT-Track003-SJC
pragma: no-cache
expires: -1
content-length: 35
date: Fri, 06 Jun 2025 03:02:33 GMT
content-type: image/gif

GET
H2 204 pixel
ap.lijit.com/ Frame AF33 0
192 B 32ms
32ms Image
text/plain 54.76.253.58

General

Check archive.org

Download Go to Show image

Full URL: https://ap.lijit.com/pixel?us_privacy=&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D%26biddername%3D18%26key%3D%24UID
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/ssync/62f53b2c7850d0786f227f64/ssync.html?pid=62f53b2c7850d0786f227f64&r=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DANIVIEW%26ttl%3D720%26uid%3De8ecb87ff2ef3a3b16ba16c51e7986ac%26visitor%3D%5BAV_UID%5D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.76.253.58 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://player.aniview.com/

Response headers

access-control-allow-headers: X-Requested-With, Content-Type
access-control-allow-origin: *
date: Fri, 06 Jun 2025 03:02:32 GMT
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, DELETE, PUT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame B3F3 0
482 B 23ms
23ms Script
text/html 37.252.171.53
ASN-APPNEX

General

Check archive.org

Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://acdn.adnxs.com/

Response headers

cache-control: no-store, no-cache, private
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
x-proxy-origin: 45.141.152.76; 45.141.152.76; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; *.adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
an-x-request-uuid: 4c53eaa2-1b6c-472a-9c2b-546f2f3482b3
content-length: 0
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Fri, 06 Jun 2025 03:02:33 GMT
x-xss-protection: 0
content-type: text/html; charset=utf-8
server: nginx/1.23.4

GET
H2 200 usync.js Show response
eus.rubiconproject.com/ Frame 59EC 44 KB
0 0ms
0ms Script
text/html 184.30.22.30

General

Check archive.org

Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 -, , ASN (),
Reverse DNS
Software: Apache/2.4.62 (Debian) / PHP/8.3.13
Resource Hash: c1eb03b802019d4f6ab1b6b7c2cfd98a215aee89b60a9d47523430790808db89

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east

Response headers

cache-control: max-age=15780
content-encoding: gzip
expires: Fri, 06 Jun 2025 07:25:32 GMT
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
content-length: 11434
date: Fri, 06 Jun 2025 03:02:32 GMT
last-modified: Thu, 05 Jun 2025 07:25:32 GMT
x-powered-by: PHP/8.3.13
server: Apache/2.4.62 (Debian)
content-type: text/html;charset=UTF-8
vary: Accept-Encoding

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame 59EC 7 B
380 B 9ms
8ms XHR
application/json 69.173.144.138

General

Check archive.org

Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.138 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://eus.rubiconproject.com/

Response headers

Cache-Control: no-cache,no-store,must-revalidate
Pragma: no-cache
access-control-allow-credentials: true
Expires: 0
access-control-allow-origin: https://eus.rubiconproject.com
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
content-length: 7
content-type: application/json; charset=UTF-8

GET
H3 200 home.png
gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/assets/imgs/icons/pages/ 13 KB
0 0ms
0ms Image
image/png 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to Show image

Full URL: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/assets/imgs/icons/pages/home.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: 33c90221403fec4c268cf866ea954a740331d68ef1255c628a386093225ee109

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/

Response headers

cache-control: public, max-age=86400, must-revalidate, public, max-age=604800
cross-origin-opener-policy: same-origin
etag: W/"32de-19630f6df13"
via: 1.1 Caddy
accept-ranges: bytes
content-length: 13022
date: Fri, 06 Jun 2025 03:02:28 GMT
content-type: image/png
last-modified: Sun, 13 Apr 2025 21:03:27 GMT
x-powered-by: Express

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
URL: https://gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org/baremux/worker.js

Domain: btloader.com
URL: https://btloader.com/cdn-cgi/rum?

Domain: secure.adnxs.com
URL: https://secure.adnxs.com/getuid?https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DOW_XANDR%26ttl%3D720%26uid%3Dfc1c60cd86bc9d21889d1f9cc47ab50f%26visitor%3D%24UID%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=

Domain: secure.adnxs.com
URL: https://secure.adnxs.com/getuid?https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DXandr%2B%25E2%2580%2593%2BInvest%2BDSP%2B-%2BBanner%26ttl%3D720%26uid%3D75d56568a11564bfb79a01d2fa9fdb29%26visitor%3D%24UID%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=

Domain: secure.adnxs.com
URL: https://secure.adnxs.com/getuid?https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DXandr%2B%25E2%2580%2593%2BInvest%2BDSP%26ttl%3D720%26uid%3D48d5713d5c563cba2049f505b2d944b6%26visitor%3D%24UID%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=

Domain: csync.loopme.me
URL: https://csync.loopme.me/?pubid=11480&redirect=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D68c72dd412a8d0f3f6d2276db2509939%26name%3DLOOPME%26visitor%3D%7Bdevice_id%7D&gdpr=1&gdpr_consent=

Domain: rtb.bid.com
URL: https://rtb.bid.com/sync?ssp=adyoulike&gdpr=1&gdpr_consent=

Domain: usync.smxconv.com
URL: https://usync.smxconv.com/9933ca8fbb5437507921373139bb00a0.gif?redir=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DSMOOT_AI%26ttl%3D720%26uid%3De53a38d880e1279a98bf1a6cf9d7d373%26visitor%3D%5BUID%5D

Domain: sync.screencore.io
URL: https://sync.screencore.io/adyoulike_2/?redir=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DSCREENCORE%26ttl%3D720%26uid%3Dfcd9c35818897da4008055222b308399%26visitor%3DUID

Domain: gum.aidemsrv.com
URL: https://gum.aidemsrv.com/ortb_sync?gdpr={GDPR}&consent={GDPR_CONSENT}&us_privacy={US_PRIVACY}&redirect=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DAIDEM%26ttl%3D720%26uid%3Db2f604635d0b9abde52139fc8a8034be%26visitor%3D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=

Domain: audienceexposure.com
URL: https://audienceexposure.com/iframe?redirect=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DBRAVE_IO%26ttl%3D720%26uid%3D1dd849eac6b255853660ea3ed55cb2b4%26visitor%3D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=

Domain: ib.adnxs.com
URL: https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID

Domain: secure.adnxs.com
URL: https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID

Verdicts & Comments Add Verdict or Comment

43 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.proxy-creator-shadow-browser-1.duckdns.org/	1970-01-21 15:28:58	Name: _ga Value: GA1.1.338758318.1749178945
.proxy-creator-shadow-browser-1.duckdns.org/	1970-01-21 15:28:58	Name: _ga_NCTSG4T1B6 Value: GS2.1.s1749178945$o1$g1$t1749178947$j58$l0$h0
prebid.media.net/	1970-01-21 10:12:10	Name: receive-cookie-deprecation Value: 1
.rubiconproject.com/	1970-01-21 14:38:34	Name: khaos Value: MBK7ZE8E-1D-6XIW
.rubiconproject.com/	1970-01-21 14:38:34	Name: audit Value: 1\|naVuGyos1qoKr7cfC77qsyAkF7RiBdb4AgvEG2sPPZoBTtFTMmWoLMgPNZyPHf8DXmjlQzN7a7UJX/MUP3Ja9u7nKGkmEk2xPcZYvzqJ8J4UlnSr9lUCjtEIE5WOJC2jwOv+rEOwLxH5fhusj8sthgCaUw7qGZ9F0KJN177ZIB5EXE9nWWAudkRdY1yaidAe4HEYI5ehIrUK5jqLjWb/8L7FQD2yB//hvsVAPbIH/+G+xUA9sgf/4b7FQD2yB//hsqlSNZOaaDQ=
.ingage.tech/	1970-01-21 08:02:34	Name: instUid Value: 9b81a373-9cdd-46fd-8841-d667f57d6548
.ingage.tech/	1970-01-21 08:02:34	Name: cookieRegion Value: wdc
.go.sonobi.com/	1970-01-21 14:38:34	Name: __uis Value: 29119af7-92c3-44b8-87d6-72670fd40690
.go.sonobi.com/	1970-01-21 05:54:25	Name: _usd_gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org Value: 98c3b8c9-e810-4593-b1e8-d156c803403c
apex.go.sonobi.com/	1969-12-31 23:59:59	Name: Value: receive-cookie-deprecation: 1
.go.sonobi.com/	1970-01-21 05:52:59	Name: __uih Value: 1
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8G Value: s85179\|aEJaR
fontgenerator.cc/	1970-01-21 05:52:59	Name: TESTCOOKIESENABLED Value: 1
.fontgenerator.cc/	1970-01-21 10:12:10	Name: __eoi Value: ID=1bdeac6e80402edb:T=1749178949:RT=1749178949:S=AA-AfjaVNhQZH2rxj8FMiS0DYfo1

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://bnalk&size=24 Message: Failed to load resource: the server responded with a status of 404 ()
rendering	warning	URL: https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html Message: [GroupMarkerNotSet(crbug.com/242999)!:A070470E542A0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
network	error	URL: https://rtb.bid.com/sync?ssp=adyoulike&gdpr=1&gdpr_consent= Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://idsync.rlcdn.com/712910.gif?partner_uid=v2c5e09d2e-96f5-4d65-970c-4ef3784d00ad Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://id.rlcdn.com/711333.gif? Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D%26biddername%3D55%26key%3D%24UID Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

44a2a511f66f192a5aa6fa455f77babc.safeframe.googlesyndication.com
acdn.adnxs.com
acscdn.com
ad-delivery.net
ad.doubleclick.net
ad.turn.com
ads.pubmatic.com
ads.servedxk.com
ads.servenobid.com
ads.yieldmo.com
ag.dns-finder.com
ap.lijit.com
apex.go.sonobi.com
api-ssp.spot.im
api.btloader.com
app.tinyadz.com
audienceexposure.com
b1sync.outbrain.com
b1sync.zemanta.com
bh.contextweb.com
bidder.criteo.com
btloader.com
bttrack.com
buysellads-d.openx.net
c1.adform.net
cdn.jsdelivr.net
cdn4.buysellads.net
cdnjs.cloudflare.com
ce.lijit.com
cm.ctnsnet.com
cm.g.doubleclick.net
creativecdn.com
cs-server-s2s.yellowblue.io
csync.copper6.com
csync.loopme.me
direct.adsrvr.org
dsum-sec.casalemedia.com
eb2.3lift.com
ep1.adtrafficquality.google
ep2.adtrafficquality.google
eus.rubiconproject.com
ex.ingage.tech
exchange.cootlogix.com
fastlane.rubiconproject.com
fontgenerator.cc
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
gum.aidemsrv.com
gum.criteo.com
hb-api.omnitagjs.com
hb.trustedstack.com
hb.yellowblue.io
hbx.media.net
i.liadm.com
ib.adnxs.com
id.rlcdn.com
id5-sync.com
idsync.rlcdn.com
image6.pubmatic.com
image8.pubmatic.com
ittpx.eskimi.com
jadserve.postrelease.com
lb.eu-1-id5-sync.com
match.adsrvr.org
match.deepintent.com
match.sharethrough.com
mug.criteo.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
partner.senty.com.au
pixel-sync.sitescout.com
pixel.33across.com
player.aniview.com
pool.admedo.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prebid.media.net
prg.smartadserver.com
public.servenobid.com
pubtrky.com
pxl.iqm.com
rtb-csync.smartadserver.com
rtb.bid.com
rtb.gumgum.com
rtb.openx.net
s.amazon-adsystem.com
s.c.appier.net
script.4dex.io
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
srv.buysellads.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssp.disqus.com
ssum-sec.casalemedia.com
static.cloudflareinsights.com
static.criteo.net
stats.senty.com.au
stpd.cloud
sync.1rx.io
sync.adkernel.com
sync.aniview.com
sync.contextualadv.com
sync.cootlogix.com
sync.go.sonobi.com
sync.ipredictive.com
sync.richaudience.com
sync.screencore.io
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
t2.gstatic.com
tg.socdm.com
token.rubiconproject.com
trace.mediago.io
u.openx.net
us-u.openx.net
usersync.gumgum.com
usync.smxconv.com
visitor.europe-west9.gcp.omnitagjs.com
visitor.omnitagjs.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
x.bidswitch.net
youradexchange.com
audienceexposure.com
btloader.com
csync.loopme.me
gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org
gum.aidemsrv.com
ib.adnxs.com
rtb.bid.com
secure.adnxs.com
sync.screencore.io
usync.smxconv.com
103.231.98.106
103.67.200.72
104.18.26.193
104.237.132.182
104.243.38.18
124.146.153.162
130.211.23.194
141.95.33.120
143.244.197.139
146.190.187.150
147.182.222.40
152.42.150.143
159.65.211.77
162.55.236.224
163.5.194.32
169.197.150.8
172.105.213.147
172.217.18.6
172.240.45.96
178.250.1.11
18.195.234.25
18.201.5.241
18.244.18.85
184.30.17.43
184.30.22.30
184.30.24.22
185.184.8.90
188.40.16.220
193.0.160.130
198.47.127.19
2001:678:cb4:bbbb::11
204.62.12.186
208.93.169.131
216.58.206.66
217.182.178.224
23.212.211.47
23.32.238.112
2600:1f18:765:4800:4c61:7155:4e03:8f9f
2602:803:c003:200::21
2606:4700:10::6816:4bd8
2606:4700:10::6816:541
2606:4700:10::6816:ac7
2606:4700:20::ac43:4bf1
2606:4700:3031::ac43:80bd
2606:4700:3033::6815:5adc
2606:4700:3034::6815:86c
2606:4700::6810:5049
2606:4700::6810:aee2
2606:4700::6810:afe2
2606:4700::6811:190e
2606:4700::6812:10c9
2606:4700::6812:1962
2606:4700::6812:1f31
2607:f350:3:2569:0:10:0:200a
2607:f350:3:2569:0:10:0:200d
2a00:1450:4001:806::2002
2a00:1450:4001:808::2001
2a00:1450:4001:810::2001
2a00:1450:4001:829::2004
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2003
2a00:1450:4001:830::2004
2a00:1450:400d:805::2002
2a00:1450:400d:808::200e
2a00:1450:400d:80c::200a
2a00:1450:400d:80d::2008
2a02:2638:3::28
2a02:2638:3::39
2a02:2638:d::d
2a02:26f0:7100::213:c669
2a05:d018:d29:3602:6b69:5262:77c9:d976
2a06:98c1:3120::3
3.224.137.85
34.1.1.166
34.120.63.153
34.224.66.164
34.247.233.198
34.36.200.111
34.36.216.150
35.186.193.173
35.186.253.211
35.206.140.87
35.208.249.213
35.214.136.108
35.244.159.8
35.244.174.68
35.71.131.137
37.157.6.230
37.252.171.53
44.210.49.252
44.220.122.200
45.55.125.114
46.228.174.117
5.196.111.69
50.31.142.127
51.38.120.206
52.222.236.91
52.223.6.21
52.71.16.161
54.154.115.68
54.170.123.81
54.230.228.68
54.76.253.58
54.85.8.8
57.129.85.132
64.38.119.44
64.74.236.159
67.202.105.21
67.202.105.23
69.173.144.138
76.223.111.18
80.77.84.96
89.149.192.200
95.100.146.58
98.82.158.241
01da644bf62c5e6aa96638ab7eda6f1a03c07c722e690db6dcbf984ca1e790f9
042a1652e0b3d20d268a194befaea0c5841026a91a14214abac003d605e0ed65
04d05978fdb111358073ab0524e5c1fafc0826615c206987618416b8bd8a4747
04fcb3b36a8a7bdccb4d6d19f659416dbea46e4599303c362b95cc36b079c1ce
07e462f351422c423425495a5131b1b40d263fbbda370864e4ab6af7b926c5b9
0aca0059858b2523732cf689da636105ef00c1bb99207b5aefe01ecb3cc1ce42
0b11eecfa382b1f2092d94e727a0145c9f6c2866e04419eef89e9bc381c7a787
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0cd1e69a6ab3c62325d7dafd3e4d7cdb1628913ad0bec28816a4422eb36de2a1
10d159adb573ca535b8275f1d27dc8d60fffd9678ee3b5f1a0f7b4be4a77342f
11c09bfb0a6a92e9cbd914a5f86731118b052d2fdef2a6a0eac31b1780d3d97b
14b660a511e14a9a481c6fe43c576f36c61b656cfd379728c54f1128e1855966
1562c1b6966919f59dad5ce26d7ce05a4ecdfc4e6f7f9b8d1d6fa826508794cc
17121520efdb21823ea10bdc2115a34f772f78c0bea04cfdff41d615c520616e
19492573e99443369d3da235c38f1a430842fce993891f89054f0c7e4e4389e7
217bef43e1ece84e8dc9eb6f2e6629b6d24d8738c663f47f33edc697b9a097a5
24c817c4fef658a57754e07c2c89b185e9de3a2bc4261d7e863b345f27df82c4
25a678a9086e5aebb05b825278fe3af7e27e4321617427c41624f3fec41bcd37
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
275d2dafdb1515edd8b9565c7382ecf19909a4eeeff7cd0bc13aed2afb0591be
2787c8b75ad49d8a84d1060a92b67d0aedcc4135438cd87efa9b2383c7107df5
28a2e66d41b018bf27fbf4e3434b298b0b9afaf920f9e8a49dd60ded1e1ae903
2b560e95e26224c6c15e5804a3f9c26444e9f0c92ac4e41c811e734ae8021729
2bb1ceb8803e2dd686e59d61054674b915e861f9dbca7d2e0c37e891283a2e59
2e4ee300bdad8af8327f220761ec667053b8185fc361ce96495461e27f63569b
33143403b3c6a89518aa4f6a80dc7d027aea55d0aa0b0f5283437fe7c15d7551
33c90221403fec4c268cf866ea954a740331d68ef1255c628a386093225ee109
3701ed9a9bfca1ae0ea1eec69a1273e713b3b732fe698b0e34cf627c518e256e
39877576162346cba084b5dfbd13da63cc5ce2d2f1596780e2f6e264d4281538
3a30f638a99c9ba4992888cfe0b39dba72bd670d32f975fd208ceaed04c5a80c
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3b9767e5d0bea4d284bb1e624cc6ee3244b13efedfe5424eb5140ef326511eb7
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3ff4e107901c810062910e50a956b5ad423cc2a6bcb69074890879f4ba3a4ede
40847f04a0b4dbacd513872a0472555bf0dd89cfcd4c7d905a0166469f80b438
41e9e0b7ccf8d3af68bcbb38488e18d48198ee131b2df9ff128e4e6e911099c6
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e3e6b20f1eae4923f24bf1e3dab2dde56b255c331cdc17b9507e790a48cc36b
4f6d3ce6fee0211ee389d61a9344b2f0ff30dc1f7db4e6fd9f2e9417f800afc6
504460751d9d131dae7dcd29927c1cd147be3cb0651003de4ee6b0fea5fef6ae
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
56bb42e59f1580d87cabe0b18e6cea0cd641c5226534719d9ea3d5bb3731c341
56e70443c37648d17bb54e83ae0028731328f86afb12edd626e8584718be71e0
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64
5bcae56fb9334fe8446c36552a142eab9929fe2a2c91732072dd20818c9c17dc
5d881b69841cd18f3db8831bd5f0e57149fecd4064d156cb1d3f982626903d60
5eff7005425c542db2290b5ccdf4e0a65c4219273a665ce0425264274e536ea6
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507
68e09e9ee51aa1b41974454515ce31349e8d57190b5208f98ea36089e00e4ebc
69d9ac5984ab481e3a40b4b75c330920e56aa12c8d37bfaccc4ab6cedcdda50f
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d35a7ee5aac9714da95d1a4f632cdb97d560a5ecf5e3908a1d229bc8c1057c0
6df3805da066f2dbaeaa547b4ca83fa5c7c10ca8b6ba4357b0897bf3cc3b9a1f
731c3411d0f309309a97628ba465af31050e0866d07e116f7ea5a1c35e9b99c5
739c3c21a45007bb77d9cd066e056f95b3de4cd11adb1ba9c78beee1b8a3c477
74a76e5980403a11a657d3ad5f43ea97fae94b8d1cdec9886eb23bdbc645dbe1
784b93afba40b40483bdbdc3c9e3d5228d713336518d280baf84627a38f856de
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
80f3013bfce24a114aa398b5bc20bbce3c86a4a39f55492e3ddba8a091c1a0ca
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
84f796be2fbef3583823bc3bae446c8ce5aa1e5b407d74cc021c22137a9ba859
8702b13ab6fb44f2027bfd0667fa985d82813df0041d5912e446dce583706894
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
8a346698d1fe701441863c329bf5132a5536faeaa68ccd7751931726ad04b329
8b6965a87cf7118c3c59e80a39eb18dfead63c4a4b8e0a1e0134f5842cd4d8cc
8cecad7988c322f2c35c14e99a4b936bd643cdaaa9216e9174bb1a442ff841dd
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e1c63600bf52ac2101c85ecdef6f843d1d593f6c097f32591fcfea496ec4073
92335a8a579ab20778ad116b2e403ac436989b7c6b760bd9e906d451483ddb24
9974c29ebf067d0bce2d3483333926beffad66a0edfb2b4c9ab9baead1c70164
9de56ba22416192d18869051fdaa33876a9b6b3c7ed326abc7c8cc8503027797
a07ed6c92587063c8a3f828c58ed8076071418ca3181e9f67817c8d5041b0c47
a1aa01f31d4087317f5d4e5ef4ea70a73e38124a45f1553dbe8968ea16068b84
a7f65c0446b6cac3175458f6388304d0c23e70d11fa0db20920a619f1bc18623
a88123f7890e58349e3a64226c716be9d346a42ba76e542a8ebdd30026a89604
abf9bfd998405a38e5f5f61e533e4de1298162efc4409b1f161ea04e5901c366
ae6e9c45ddcb928a6f3b3e111d1deac3c3768f930c91fa06f945aa99e4284257
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1af942c19d7ebd5939d7432a80513388c1020b4ed1c35e81b52ff0d7af32031
b279e06d9ad548689b253a070f969c04f097704094f0f9ef9083eaab15e72a5d
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
b6edcc080295bc506745b15d215226f6a80283818ef60e1e8805992c9c06f143
b975e578f2e163f7483c794669cda739fd4dcd46be5e11a47a75634e2d3a91aa
ba92f31903d0ed43a15811c0506b1c357fa04ff643140a3c0e162dfc66cd37eb
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bdaf47b5db2c6b13b97a28df68b67180dc0fcda656776ae345b264c2183b9ef2
bfb16f2d35702077ef9d8416d9eef53d688ff16e6faf73d5b9913d76e1144d9a
bfbf77facc0b33343150d420aa0f7e582e1657070c51895cdec89299922d96cc
c0511e29e2d9e3aa83ab107e55b5e3c2ca9c90c04027a2f551fca1d403fd9cd6
c1eb03b802019d4f6ab1b6b7c2cfd98a215aee89b60a9d47523430790808db89
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c73e63e34213cfd943d6ba3bd733b43fc65a9aa9777eef69f768b3a31747500d
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d1f0cd63b4d32aa9ea0975c70ec80a51afc78227e121f2e3994ef8c9ce7d06d3
d3303dd4f1400c20d5a1cfa5669d7d52a2450191cf146bd8592b3e9b371cb46f
d4be4824499330afdd7139a22d7ad59bd2146bc17565e9ac961461388245b0dc
d8e3783dafaec68331904ad2dcec69ba0e18c55290155020a063afe70938220a
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
dbe5b7ecbb1e59ac15de1b1ea340c9540f8d1cf1764c667aeca64a1fdd3b639c
dc1293460e62d8f4d91ef29b9bac4f123837f7c2c840ef3a52763782c12bc682
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
ddb96c25de07962ffbc0243e6e68177ce74aee9fd950cb4f5d8d3c8e6c524a09
de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e
e3715d1fe227e6550c249faf6362adb08c08898bc88db2192ea12b39b8be0974
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4222715b556e7d99622c83e620d2f8e090047e56adb07923047f95828d561f2
e4df52d49c57bc3e7158cb052cc05c60f1258c24de5c5728dac5d43272943ad9
e970bdd269198fc1bf6183c389d2d299cf05c1e7b2076cee4fcf6ba7ac01be02
ea7fb526203a7e6eed35cc2fcdc98c76cb136dba25b23fae9e5fab3588877596
ec05b3ab9c321c57aa5393d994aeaa28eb4bb4b3603d58f35a9c63339f5f654f
f1a68bf826c55985468304f4284a09cb8a68e82503d764166e611a7c58a85a4b
f1f8fd7a1e65e395a36289c410c4b293726a2f21f039d8f8cad4440ca440393d
f44132f1941ea054601267038dfd897be9fbc0181c136eb79c7fb3509e5d25e8
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f5f36977e96a38963c796982ed3915e49673ba0b63f3d51031a1500c1f0907bd
f76a58cae5fad8a8f9f7842043c128055e6c020b4a48807ac3ef484c02e04b48
f9d8e58b6cdcdf7831511b8a69c82bc6b71c335ade7b7efa21b634e08cf9789d
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff778b7b7e314753d24c58a200d7a969c32f975d38d91f71e210effda17ed235

gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org Open in urlscan Pro 104.243.38.18 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

272 Requests

82 %HTTPS

31 %IPv6

93 Domains

129 Subdomains

92 IPs

7 Countries

1742 kBTransfer

6195 kBSize

14 Cookies

1 Outgoing links

Redirected requests

272 HTTP transactions Everything HTML Script Fetch XHR CSS Image Font Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

gocayzis.ac85egheireighuukeip.ing-ingdirect.wise-uat.proxy-creator-shadow-browser-1.duckdns.org Open in urlscan Pro
104.243.38.18 Public Scan

Screenshot
Live screenshot

Full Image

272
Requests

82 %
HTTPS

31 %
IPv6

93
Domains

129
Subdomains

92
IPs

7
Countries

1742 kB
Transfer

6195 kB
Size

14
Cookies

272 HTTP transactions
2 data transactions