urlscan.io logo urlscan.io
SecurityTrails logo

gfieldmoney.com Open in urlscan Pro
188.166.232.115  Public Scan

Go To Rescan Add Verdict Report
URL: https://gfieldmoney.com/
Submission: On December 03 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 123 IPs in 8 countries across 121 domains to perform 455 HTTP transactions. The main IP is 188.166.232.115, located in Singapore, Singapore and belongs to DIGITALOCEAN-ASN, US. The main domain is gfieldmoney.com.
TLS certificate: Issued by R3 on December 2nd 2023. Valid for: 3 months.
This is the only time gfieldmoney.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
28 188.166.232.115 14061 (DIGITALOC...)
9 13.35.93.18 16509 (AMAZON-02)
13 15 52.223.40.198 16509 (AMAZON-02)
9 2600:141b:1c0... 20940 (AKAMAI-ASN1)
3 2607:f8b0:400... 15169 (GOOGLE)
22 2a04:4e42:77:... 54113 (FASTLY)
1 2a04:4e42:200... 54113 (FASTLY)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a03:2880:f00... 32934 (FACEBOOK)
1 2a03:2880:f10... 32934 (FACEBOOK)
1 151.101.2.137 54113 (FASTLY)
3 108.138.107.138 16509 (AMAZON-02)
4 2607:f8b0:400... 15169 (GOOGLE)
7 108.138.128.50 16509 (AMAZON-02)
1 162.247.241.14 23467 (NEWRELIC-...)
1 2600:9000:220... 16509 (AMAZON-02)
1 3 18.173.219.113 16509 (AMAZON-02)
2 2606:4700:440... 13335 (CLOUDFLAR...)
1 2 2620:100:a001::c 19750 (AS-CRITEO)
1 13.35.93.44 16509 (AMAZON-02)
13 16 34.200.65.202 14618 (AMAZON-AES)
2 74.119.119.139 19750 (AS-CRITEO)
1 34.202.141.217 14618 (AMAZON-AES)
2 44.205.131.225 14618 (AMAZON-AES)
1 2 35.244.193.51 396982 (GOOGLE-CL...)
1 54.82.17.205 14618 (AMAZON-AES)
1 3.93.99.238 14618 (AMAZON-AES)
19 33 8.43.72.97 26667 (RUBICONPR...)
1 18.173.132.10 16509 (AMAZON-02)
1 172.64.152.89 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 18.164.116.85 16509 (AMAZON-02)
1 18.164.98.157 16509 (AMAZON-02)
2 13.32.151.81 16509 (AMAZON-02)
1 1 2600:1f18:730... 14618 (AMAZON-AES)
1 3.227.126.241 14618 (AMAZON-AES)
3 34.236.83.94 14618 (AMAZON-AES)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
18 44.237.208.214 16509 (AMAZON-02)
17 69.173.151.96 26667 (RUBICONPR...)
1 23.217.173.155 16625 (AKAMAI-AS)
2 6 172.64.151.101 13335 (CLOUDFLAR...)
1 54.243.45.130 14618 (AMAZON-AES)
1 2620:100:a001... 19750 (AS-CRITEO)
1 34.205.137.103 14618 (AMAZON-AES)
1 35.186.253.211 15169 (GOOGLE)
6 52.4.33.45 14618 (AMAZON-AES)
1 104.36.115.111 62713 (AS-PUBMATIC)
1 2602:803:c002... 26667 (RUBICONPR...)
10 14 68.67.161.208 29990 (ASN-APPNEX)
1 199.250.161.129 26459 (TTD-ASN-01)
1 173.237.69.4 7979 (SERVERS-COM)
1 44.219.135.98 14618 (AMAZON-AES)
1 34.237.88.142 14618 (AMAZON-AES)
1 20.40.202.2 8075 (MICROSOFT...)
15 16 35.211.178.172 19527 (GOOGLE-2)
1 162.19.138.119 16276 (OVH)
2 2 172.240.155.84 7979 (SERVERS-COM)
8 10 162.19.138.120 16276 (OVH)
1 1 54.88.209.131 14618 (AMAZON-AES)
16 16 2606:ae80:145... 25751 (VALUECLICK)
4 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2 138.197.63.78 14061 (DIGITALOC...)
3 2607:f8b0:400... 15169 (GOOGLE)
6 6 54.144.184.12 14618 (AMAZON-AES)
4 4 34.231.153.224 14618 (AMAZON-AES)
1 5 34.196.63.5 14618 (AMAZON-AES)
1 4 104.36.115.113 62713 (AS-PUBMATIC)
1 1 69.166.1.34 27630 (AS-XFERNET)
2 3 63.251.114.137 32475 (SINGLEHOP...)
15 15 67.202.105.24 32748 (STEADFAST)
2 2 67.202.105.31 32748 (STEADFAST)
2 67.202.105.33 32748 (STEADFAST)
1 2607:f8b0:400... 15169 (GOOGLE)
6 6 23.192.31.127 16625 (AKAMAI-AS)
12 23.217.173.107 16625 (AKAMAI-AS)
8 23.62.105.11 16625 (AKAMAI-AS)
2 2 35.207.24.140 15169 (GOOGLE)
11 34.117.239.71 396982 (GOOGLE-CL...)
6 21 52.223.22.214 16509 (AMAZON-02)
1 1 216.219.92.22 19318 (IS-AS-1)
2 9 52.46.130.91 16509 (AMAZON-02)
2 19 8.28.7.83 62713 (AS-PUBMATIC)
9 9 54.157.249.16 14618 (AMAZON-AES)
12 19 142.250.65.194 15169 (GOOGLE)
1 1 23.83.76.106 395954 (LEASEWEB-...)
4 4 198.148.27.131 19189 (PULSEPOINT)
1 1 2603:c020:400... 31898 (ORACLE-BM...)
9 162.248.18.37 62713 (AS-PUBMATIC)
3 4 38.91.45.7 398989 (DEEPINTENT)
2 2 2620:116:800b... 14618 (AMAZON-AES)
3 4 151.101.194.49 54113 (FASTLY)
1 1 54.91.100.25 14618 (AMAZON-AES)
2 3 54.81.68.127 14618 (AMAZON-AES)
2 2 173.231.178.115 32475 (SINGLEHOP...)
5 7 54.172.57.125 14618 (AMAZON-AES)
3 3 52.71.244.43 14618 (AMAZON-AES)
2 3 74.119.119.150 19750 (AS-CRITEO)
2 2 199.38.167.130 54312 (ROCKETFUEL)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 82.145.213.8 39832 (NO-OPERA)
1 1 35.214.252.248 15169 (GOOGLE)
3 7 34.111.113.62 396982 (GOOGLE-CL...)
1 40.76.134.238 8075 (MICROSOFT...)
2 2 34.150.170.96 396982 (GOOGLE-CL...)
4 8 2600:1f18:4e9... 14618 (AMAZON-AES)
1 4 8.28.7.84 62713 (AS-PUBMATIC)
2 54.175.39.171 14618 (AMAZON-AES)
1 2 38.68.201.140 174 (COGENT-174)
4 4 2620:112:f002... 6336 (TURN-US-ASN)
7 7 207.198.113.203 13768 (COGECO-PEER1)
5 5 185.167.164.43 198622 (ADFORM)
6 13 8.43.72.98 26667 (RUBICONPR...)
1 2 44.217.198.78 14618 (AMAZON-AES)
3 2620:1ec:21::14 8068 (MICROSOFT...)
1 52.95.126.160 16509 (AMAZON-02)
1 1 2600:9000:251... 16509 (AMAZON-02)
1 1 2600:9000:26f... 16509 (AMAZON-02)
1 18.173.219.5 16509 (AMAZON-02)
1 147.75.198.144 54825 (PACKET)
1 23.57.90.81 20940 (AKAMAI-ASN1)
1 34.193.82.223 14618 (AMAZON-AES)
1 2 172.64.146.152 13335 (CLOUDFLAR...)
1 34.149.50.64 15169 (GOOGLE)
1 1 192.132.33.67 18568 (BIDTELLECT)
10 10 199.127.204.171 26120 (RHYTHMONE)
4 6 35.244.154.8 396982 (GOOGLE-CL...)
1 34.107.140.113 396982 (GOOGLE-CL...)
2 54.147.45.225 14618 (AMAZON-AES)
1 3.138.132.40 16509 (AMAZON-02)
2 2600:9000:261... 16509 (AMAZON-02)
8 17 35.244.159.8 15169 (GOOGLE)
1 17 18.173.132.67 16509 (AMAZON-02)
2 3 8.28.7.82 62713 (AS-PUBMATIC)
1 1 188.166.17.21 14061 (DIGITALOC...)
1 2 54.84.133.231 14618 (AMAZON-AES)
2 2 34.233.55.153 14618 (AMAZON-AES)
1 2600:1f18:ed:... 14618 (AMAZON-AES)
18 104.18.36.155 13335 (CLOUDFLAR...)
3 4 216.22.16.53 30633 (LEASEWEB-...)
1 2 35.186.193.173 15169 (GOOGLE)
1 1 34.96.71.22 396982 (GOOGLE-CL...)
1 23.192.4.202 16625 (AKAMAI-AS)
1 2 100.26.84.35 14618 (AMAZON-AES)
1 23.62.105.110 16625 (AKAMAI-AS)
1 1 107.178.254.65 396982 (GOOGLE-CL...)
1 34.200.24.3 14618 (AMAZON-AES)
6 6 185.184.8.90 204995 (RTB-HOUSE...)
1 2 63.251.28.133 26558 (FREEWHEEL)
4 4 70.42.32.95 13789 (INTERNAP-...)
27 54.87.127.173 14618 (AMAZON-AES)
2 2 52.44.48.107 14618 (AMAZON-AES)
2 2 211.120.53.203 ()
1 1 69.90.254.78 ()
1 1 172.105.213.147 ()
2 2 216.200.232.253 ()
1 195.5.165.20 ()
1 162.55.120.196 ()
2 2 184.86.146.172 ()
1 2 3.91.115.71 ()
1 52.70.186.203 ()
1 1 37.157.2.230 ()
1 2620:1ec:c11:... ()
2 2 52.3.97.218 ()
1 52.17.216.43 ()
2 10 51.222.39.184 ()
1 80.77.87.166 ()
455 123
28    188.166.232.115 (Singapore, Singapore)

ASN14061 (DIGITALOCEAN-ASN, US)
gfieldmoney.com
9    13.35.93.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-93-18.jfk50.r.cloudfront.net
ads.adthrive.com
15    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
9    2600:141b:1c00:31::1739:5a49 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net
p.typekit.net
3    2607:f8b0:4006:81d::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
22    2a04:4e42:77::720 (United States)

ASN54113 (FASTLY, US)
cdn.packhacker.com
1    2a04:4e42:200::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
1    2606:4700::6810:437d (United States)

ASN13335 (CLOUDFLARENET, US)
js.memberful.com
2    2a03:2880:f003:c0e:face:b00c:0:3 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a03:2880:f103:83:face:b00c:0:25de (Ashburn, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    151.101.2.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
3    108.138.107.138 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-107-138.jfk50.r.cloudfront.net
c.amazon-adsystem.com
4    2607:f8b0:4006:80b::2002 (United States)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
7    108.138.128.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-50.jfk50.r.cloudfront.net
logger.adthrive.com
1    162.247.241.14 (United States)

ASN23467 (NEWRELIC-AS-1, US)
bam.nr-data.net
1    2600:9000:2209:3a00:1:a3fa:7cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.jwplayer.com
3    18.173.219.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-219-113.jfk52.r.cloudfront.net
sb.scorecardresearch.com
2    2606:4700:4400::ac40:90a6 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.confiant-integrations.net
2    2620:100:a001::c (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
1    13.35.93.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-93-44.jfk50.r.cloudfront.net
launchpad-wrapper.privacymanager.io
16    34.200.65.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-65-202.compute-1.amazonaws.com
ups.analytics.yahoo.com
pixel.advertising.com
2    74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)
mug.criteo.com
1    34.202.141.217 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-202-141-217.compute-1.amazonaws.com
fid.agkn.com
2    44.205.131.225 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-205-131-225.compute-1.amazonaws.com
d9.flashtalking.com
2    35.244.193.51 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 51.193.244.35.bc.googleusercontent.com
lexicon.33across.com
1    54.82.17.205 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-82-17-205.compute-1.amazonaws.com
idx.liadm.com
1    3.93.99.238 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-93-99-238.compute-1.amazonaws.com
id.crwdcntrl.net
33    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
pixel-us-east.rubiconproject.com
1    18.173.132.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-132-10.jfk52.r.cloudfront.net
config.aps.amazon-adsystem.com
1    172.64.152.89 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn-ima.33across.com
1    2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    18.164.116.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-116-85.jfk50.r.cloudfront.net
launchpad.privacymanager.io
1    18.164.98.157 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-98-157.jfk50.r.cloudfront.net
aax.amazon-adsystem.com
2    13.32.151.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-151-81.iad66.r.cloudfront.net
geo.privacymanager.io
1    2600:1f18:730:b130:f3cf:b4f3:7358:30cb (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
rp.liadm.com
1    3.227.126.241 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-227-126-241.compute-1.amazonaws.com
rp4.liadm.com
3    34.236.83.94 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-236-83-94.compute-1.amazonaws.com
c2shb.pubgw.yahoo.com
2    2606:4700:20::681a:c12 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.brandmetrics.com
18    44.237.208.214 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-237-208-214.us-west-2.compute.amazonaws.com
prebid.production.adthrive.com
17    69.173.151.96 (United States)

ASN26667 (RUBICONPROJECT, US)
prebid-server.rubiconproject.com
1    23.217.173.155 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-217-173-155.deploy.static.akamaitechnologies.com
a.teads.tv
6    172.64.151.101 (United States)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
r.casalemedia.com
1    54.243.45.130 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-243-45-130.compute-1.amazonaws.com
krk2.kargo.com
1    2620:100:a001::18 (United States)

ASN19750 (AS-CRITEO, US)
bidder.criteo.com
1    34.205.137.103 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-205-137-103.compute-1.amazonaws.com
tlx.3lift.com
1    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
6    52.4.33.45 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-33-45.compute-1.amazonaws.com
c2shb.ssp.yahoo.com
c2shb.pubgw.yahoo.com
1    104.36.115.111 (United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    2602:803:c002:200::42 (United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
14    68.67.161.208 (Brooklyn, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
secure.adnxs.com
1    199.250.161.129 (United States)

ASN26459 (TTD-ASN-01, US)
direct.adsrvr.org
1    173.237.69.4 (United States)

ASN7979 (SERVERS-COM, US)
colossusssp.com
1    44.219.135.98 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-219-135-98.compute-1.amazonaws.com
g2.gumgum.com
1    34.237.88.142 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-237-88-142.compute-1.amazonaws.com
exchange.postrelease.com
1    20.40.202.2 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
collector.brandmetrics.com
16    35.211.178.172 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
1    162.19.138.119 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu
lb.eu-1-id5-sync.com
2    172.240.155.84 (United States)

ASN7979 (SERVERS-COM, US)
sync.colossusssp.com
10    162.19.138.120 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533571.ip-162-19-138.eu
id5-sync.com
1    54.88.209.131 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-88-209-131.compute-1.amazonaws.com
ads.yieldmo.com
16    2606:ae80:1451:21::440 (United States)

ASN25751 (VALUECLICK, US)
prebid-match.dotomi.com
33across-match.dotomi.com
pubmatic-match.dotomi.com
casale-match.dotomi.com
triplelift-match.dotomi.com
4    2607:f8b0:4006:824::2002 (United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2607:f8b0:4006:822::2001 (United States)

ASN15169 (GOOGLE, US)
6d1730eefb63013d47e63f0f9e1a6912.safeframe.googlesyndication.com
2    138.197.63.78 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
sync.resetdigital.co
3    2607:f8b0:4006:817::2001 (United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
6    54.144.184.12 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-144-184-12.compute-1.amazonaws.com
sync.ipredictive.com
4    34.231.153.224 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-231-153-224.compute-1.amazonaws.com
ice.360yield.com
ad.360yield.com
5    34.196.63.5 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-196-63-5.compute-1.amazonaws.com
rtb.gumgum.com
4    104.36.115.113 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    69.166.1.34 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
3    63.251.114.137 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ce.lijit.com
15    67.202.105.24 (United States)

ASN32748 (STEADFAST, US)
PTR: ip24.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
2    67.202.105.31 (United States)

ASN32748 (STEADFAST, US)
PTR: ip31.67-202-105.static.steadfastdns.net
de.tynt.com
2    67.202.105.33 (United States)

ASN32748 (STEADFAST, US)
PTR: ip33.67-202-105.static.steadfastdns.net
hde.tynt.com
1    2607:f8b0:4006:816::2004 (United States)

ASN15169 (GOOGLE, US)
www.google.com
6    23.192.31.127 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-192-31-127.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
12    23.217.173.107 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-217-173-107.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
8    23.62.105.11 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-62-105-11.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    35.207.24.140 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 140.24.207.35.bc.googleusercontent.com
rtb.mfadsrvr.com
11    34.117.239.71 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 71.239.117.34.bc.googleusercontent.com
events-ssc.33across.com
21    52.223.22.214 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
1    216.219.92.22 (United States)

ASN19318 (IS-AS-1, US)
inv-nets.admixer.net
9    52.46.130.91 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
19    8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
9    54.157.249.16 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-157-249-16.compute-1.amazonaws.com
match.prod.bidr.io
19    142.250.65.194 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f2.1e100.net
cm.g.doubleclick.net
1    23.83.76.106 (Los Angeles, United States)

ASN395954 (LEASEWEB-USA-LAX, US)
rtb-csync.smartadserver.com
4    198.148.27.131 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    2603:c020:400d:3000:f50:982a:7877:65bd (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
9    162.248.18.37 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
4    38.91.45.7 (Ashburn, United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
2    2620:116:800b:21:b08a:1dc5:659b:4055 (United States)

ASN14618 (AMAZON-AES, US)
cms.quantserve.com
4    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    54.91.100.25 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-91-100-25.compute-1.amazonaws.com
sonata-notifications.taptapnetworks.com
3    54.81.68.127 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-81-68-127.compute-1.amazonaws.com
beacon.lynx.cognitivlabs.com
2    173.231.178.115 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: lga-delivery-7.sys.adgear.com
cm.adgrx.com
7    54.172.57.125 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-172-57-125.compute-1.amazonaws.com
sync.srv.stackadapt.com
3    52.71.244.43 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-244-43.compute-1.amazonaws.com
pm.w55c.net
3    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
dis.criteo.com
2    199.38.167.130 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
2    2606:4700::6812:18ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
1    35.214.252.248 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 248.252.214.35.bc.googleusercontent.com
csync.loopme.me
7    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
1    40.76.134.238 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
us01.z.antigena.com
2    34.150.170.96 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 96.170.150.34.bc.googleusercontent.com
um.simpli.fi
8    2600:1f18:4e9:5a02:739a:80b0:b95:4dd1 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pr-bh.ybp.yahoo.com
4    8.28.7.84 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
2    54.175.39.171 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-39-171.compute-1.amazonaws.com
rtb.adentifi.com
2    38.68.201.140 (Ashburn, United States)

ASN174 (COGENT-174, US)
pmp.mxptint.net
4    2620:112:f002:bbbb::21 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
7    207.198.113.203 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
5    185.167.164.43 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
13    8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
2    44.217.198.78 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-217-198-78.compute-1.amazonaws.com
crb.kargo.com
3    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    52.95.126.160 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    2600:9000:2510:a400:1a:5235:f980:93a1 (United States)

ASN16509 (AMAZON-02, US)
live.primis.tech
1    2600:9000:26fa:a600:1b:6b7d:2300:93a1 (United States)

ASN16509 (AMAZON-02, US)
sync.intentiq.com
1    18.173.219.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-219-5.jfk52.r.cloudfront.net
sync1.intentiq.com
1    147.75.198.144 (Parsippany, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    23.57.90.81 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-57-90-81.deploy.static.akamaitechnologies.com
hb.yahoo.net
1    34.193.82.223 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-82-223.compute-1.amazonaws.com
match.sharethrough.com
2    172.64.146.152 (United States)

ASN13335 (CLOUDFLARENET, US)
capi.connatix.com
1    34.149.50.64 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 64.50.149.34.bc.googleusercontent.com
s.seedtag.com
1    192.132.33.67 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 67.bidtellect.com
bttrack.com
10    199.127.204.171 (United States)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
6    35.244.154.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.154.244.35.bc.googleusercontent.com
id.rlcdn.com
idsync.rlcdn.com
1    34.107.140.113 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 113.140.107.34.bc.googleusercontent.com
s2s.t13.io
2    54.147.45.225 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-147-45-225.compute-1.amazonaws.com
cs.yellowblue.io
cs.minutemedia-prebid.com
1    3.138.132.40 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-138-132-40.us-east-2.compute.amazonaws.com
visitor.omnitagjs.com
2    2600:9000:261f:8800:1f:2473:9080:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.undertone.com
17    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
u.openx.net
17    18.173.132.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-132-67.jfk52.r.cloudfront.net
usr.undertone.com
3    8.28.7.82 (United States)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
1    188.166.17.21 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
2    54.84.133.231 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-84-133-231.compute-1.amazonaws.com
sync.crwdcntrl.net
bcp.crwdcntrl.net
2    34.233.55.153 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-233-55-153.compute-1.amazonaws.com
i.liadm.com
1    2600:1f18:ed:550a:a53:c6a7:6bd2:86fa (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
i6.liadm.com
18    104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
dsum.casalemedia.com
4    216.22.16.53 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
ssbsync.smartadserver.com
ssbsync-global.smartadserver.com
2    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
cm.ctnsnet.com
ipac.ctnsnet.com
1    34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com
s.company-target.com
1    23.192.4.202 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-192-4-202.deploy.static.akamaitechnologies.com
cw.addthis.com
2    100.26.84.35 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-100-26-84-35.compute-1.amazonaws.com
dpm.demdex.net
1    23.62.105.110 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-62-105-110.deploy.static.akamaitechnologies.com
tags.bluekai.com
1    107.178.254.65 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
1    34.200.24.3 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-24-3.compute-1.amazonaws.com
beacon.krxd.net
6    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
2    63.251.28.133 (Secaucus, United States)

ASN26558 (FREEWHEEL, US)
ads.stickyadstv.com
4    70.42.32.95 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
27    54.87.127.173 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-87-127-173.compute-1.amazonaws.com
usersync.gumgum.com
2    52.44.48.107 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-48-107.compute-1.amazonaws.com
t.pswec.com
2    211.120.53.203 (None, )

ASN- ()
tg.socdm.com
1    69.90.254.78 (None, )

ASN- ()
ums.acuityplatform.com
1    172.105.213.147 (None, )

ASN- ()
gocm.c.appier.net
2    216.200.232.253 (None, )

ASN- ()
sync.mathtag.com
1    195.5.165.20 (None, )

ASN- ()
core.iprom.net
1    162.55.120.196 (None, )

ASN- ()
matching.truffle.bid
2    184.86.146.172 (None, )

ASN- ()
px.owneriq.net
2    3.91.115.71 (None, )

ASN- ()
thrtle.com
1    52.70.186.203 (None, )

ASN- ()
sync.bfmio.com
1    37.157.2.230 (None, )

ASN- ()
cm.adform.net
1    2620:1ec:c11::200 (None, )

ASN- ()
c.bing.com
2    52.3.97.218 (None, )

ASN- ()
ads.creative-serving.com
1    52.17.216.43 (None, )

ASN- ()
synchroscript.deliveryengine.adswizz.com
10    51.222.39.184 (None, )

ASN- ()
onetag-sys.com
1    80.77.87.166 (None, )

ASN- ()
cs.admanmedia.com
Apex Domain
Subdomains		 Transfer
82 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 339
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 788
fastlane.rubiconproject.com — Cisco Umbrella Rank: 537
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 946
eus.rubiconproject.com — Cisco Umbrella Rank: 588
token.rubiconproject.com — Cisco Umbrella Rank: 461
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1237
pixel-eu.rubiconproject.com Failed
146 KB
48 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 504
image6.pubmatic.com — Cisco Umbrella Rank: 793
ads.pubmatic.com — Cisco Umbrella Rank: 544
simage2.pubmatic.com — Cisco Umbrella Rank: 723
image2.pubmatic.com — Cisco Umbrella Rank: 859
image4.pubmatic.com — Cisco Umbrella Rank: 1224
image8.pubmatic.com — Cisco Umbrella Rank: 661
simage4.pubmatic.com — Cisco Umbrella Rank: 1304
75 KB
34 adthrive.com
ads.adthrive.com — Cisco Umbrella Rank: 5361
logger.adthrive.com — Cisco Umbrella Rank: 5456
prebid.production.adthrive.com — Cisco Umbrella Rank: 38095
435 KB
33 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1524
rtb.gumgum.com — Cisco Umbrella Rank: 1472
usersync.gumgum.com — Cisco Umbrella Rank: 1858
11 KB
31 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 307
c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 1931
c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 3029
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474
10 KB
29 33across.com
lexicon.33across.com — Cisco Umbrella Rank: 1596
cdn-ima.33across.com — Cisco Umbrella Rank: 1352
ssc-cms.33across.com — Cisco Umbrella Rank: 904
events-ssc.33across.com — Cisco Umbrella Rank: 1493
15 KB
28 gfieldmoney.com
gfieldmoney.com
2 MB
24 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 484
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 480
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578
dsum.casalemedia.com — Cisco Umbrella Rank: 1364
r.casalemedia.com — Cisco Umbrella Rank: 1462
17 KB
23 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
cm.g.doubleclick.net — Cisco Umbrella Rank: 219
168 KB
22 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 592
eb2.3lift.com — Cisco Umbrella Rank: 372
11 KB
22 packhacker.com
cdn.packhacker.com — Cisco Umbrella Rank: 456358
1 MB
19 undertone.com
cdn.undertone.com — Cisco Umbrella Rank: 3126
usr.undertone.com — Cisco Umbrella Rank: 1822
12 KB
18 openx.net
rtb.openx.net — Cisco Umbrella Rank: 695
us-u.openx.net — Cisco Umbrella Rank: 491
u.openx.net — Cisco Umbrella Rank: 672
3 KB
16 dotomi.com
prebid-match.dotomi.com — Cisco Umbrella Rank: 1982
33across-match.dotomi.com — Cisco Umbrella Rank: 3244
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 2850
casale-match.dotomi.com — Cisco Umbrella Rank: 2999
triplelift-match.dotomi.com
5 KB
16 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 336
7 KB
16 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 331
direct.adsrvr.org — Cisco Umbrella Rank: 3147
7 KB
15 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 306
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 614
aax.amazon-adsystem.com — Cisco Umbrella Rank: 410
s.amazon-adsystem.com — Cisco Umbrella Rank: 285
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 807
78 KB
14 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 229
secure.adnxs.com — Cisco Umbrella Rank: 478
21 KB
11 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 893
id5-sync.com — Cisco Umbrella Rank: 425
46 KB
10 onetag-sys.com
onetag-sys.com
5 KB
9 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 563
5 KB
9 typekit.net
use.typekit.net — Cisco Umbrella Rank: 446
p.typekit.net — Cisco Umbrella Rank: 559
139 KB
8 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
6d1730eefb63013d47e63f0f9e1a6912.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 148
42 KB
8 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 424
mug.criteo.com — Cisco Umbrella Rank: 2811
bidder.criteo.com — Cisco Umbrella Rank: 776
dis.criteo.com — Cisco Umbrella Rank: 550
3 KB
7 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 681
5 KB
7 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 465
2 KB
7 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 702
3 KB
6 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 564
3 KB
6 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 546
4 KB
6 adform.net
c1.adform.net — Cisco Umbrella Rank: 560
cm.adform.net
3 KB
6 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 836
3 KB
6 liadm.com
idx.liadm.com — Cisco Umbrella Rank: 2268
rp.liadm.com — Cisco Umbrella Rank: 1632
rp4.liadm.com — Cisco Umbrella Rank: 6685
i.liadm.com — Cisco Umbrella Rank: 517
i6.liadm.com — Cisco Umbrella Rank: 2358
3 KB
6 rlcdn.com
api.rlcdn.com Failed
id.rlcdn.com — Cisco Umbrella Rank: 711
idsync.rlcdn.com — Cisco Umbrella Rank: 408
2 KB
5 smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 622
ssbsync.smartadserver.com — Cisco Umbrella Rank: 742
ssbsync-global.smartadserver.com
1 KB
4 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 586
2 KB
4 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1258
3 KB
4 turn.com
ad.turn.com — Cisco Umbrella Rank: 773
2 KB
4 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 685
1 KB
4 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 925
1 KB
4 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 501
3 KB
4 tynt.com
de.tynt.com — Cisco Umbrella Rank: 1577
hde.tynt.com — Cisco Umbrella Rank: 4170
7 KB
4 360yield.com
ice.360yield.com — Cisco Umbrella Rank: 1817
ad.360yield.com — Cisco Umbrella Rank: 666
2 KB
4 privacymanager.io
launchpad-wrapper.privacymanager.io — Cisco Umbrella Rank: 3016
launchpad.privacymanager.io — Cisco Umbrella Rank: 2702
geo.privacymanager.io — Cisco Umbrella Rank: 2070
62 KB
3 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 327
1 KB
3 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 818
2 KB
3 cognitivlabs.com
beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 1370
1 KB
3 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 835
2 KB
3 colossusssp.com
colossusssp.com — Cisco Umbrella Rank: 1354
sync.colossusssp.com — Cisco Umbrella Rank: 1503
2 KB
3 kargo.com
krk2.kargo.com — Cisco Umbrella Rank: 2719
crb.kargo.com — Cisco Umbrella Rank: 910
1 KB
3 brandmetrics.com
cdn.brandmetrics.com — Cisco Umbrella Rank: 2872
collector.brandmetrics.com — Cisco Umbrella Rank: 3177
20 KB
3 crwdcntrl.net
id.crwdcntrl.net — Cisco Umbrella Rank: 2417
sync.crwdcntrl.net — Cisco Umbrella Rank: 799
bcp.crwdcntrl.net
1 KB
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 172
3 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
2 KB
2 creative-serving.com
ads.creative-serving.com
1 KB
2 thrtle.com
thrtle.com
683 B
2 owneriq.net
px.owneriq.net
1 KB
2 mathtag.com
sync.mathtag.com
1 KB
2 socdm.com
tg.socdm.com
2 KB
2 pswec.com
t.pswec.com — Cisco Umbrella Rank: 3656
1 KB
2 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 526
1 KB
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 208
1 KB
2 ctnsnet.com
cm.ctnsnet.com — Cisco Umbrella Rank: 3764
ipac.ctnsnet.com
756 B
2 advertising.com
pixel.advertising.com — Cisco Umbrella Rank: 1658
301 B
2 connatix.com
capi.connatix.com — Cisco Umbrella Rank: 1010
534 B
2 intentiq.com
sync.intentiq.com — Cisco Umbrella Rank: 846
sync1.intentiq.com — Cisco Umbrella Rank: 2869
2 KB
2 mxptint.net
pmp.mxptint.net — Cisco Umbrella Rank: 4174
967 B
2 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1014
69 B
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 780
1 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 802
s.tribalfusion.com — Cisco Umbrella Rank: 2218
1 KB
2 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 825
2 KB
2 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1388
1011 B
2 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 749
1005 B
2 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 1100
913 B
2 resetdigital.co
sync.resetdigital.co — Cisco Umbrella Rank: 2045
776 B
2 flashtalking.com
d9.flashtalking.com — Cisco Umbrella Rank: 1842
12 KB
2 confiant-integrations.net
cdn.confiant-integrations.net — Cisco Umbrella Rank: 1567
141 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 168
89 KB
1 admanmedia.com
cs.admanmedia.com
176 B
1 adswizz.com
synchroscript.deliveryengine.adswizz.com
363 B
1 bing.com
c.bing.com
689 B
1 bfmio.com
sync.bfmio.com
425 B
1 truffle.bid
matching.truffle.bid
1 iprom.net
core.iprom.net
277 B
1 appier.net
gocm.c.appier.net
436 B
1 acuityplatform.com
ums.acuityplatform.com
674 B
1 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 699
338 B
1 pippio.com
pippio.com — Cisco Umbrella Rank: 777
634 B
1 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 638
437 B
1 addthis.com
cw.addthis.com — Cisco Umbrella Rank: 2890
427 B
1 company-target.com
s.company-target.com — Cisco Umbrella Rank: 1383
424 B
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 1901
556 B
1 omnitagjs.com
visitor.omnitagjs.com — Cisco Umbrella Rank: 656
385 B
1 minutemedia-prebid.com
cs.minutemedia-prebid.com — Cisco Umbrella Rank: 1777
326 B
1 yellowblue.io
cs.yellowblue.io — Cisco Umbrella Rank: 1547
326 B
1 t13.io
s2s.t13.io — Cisco Umbrella Rank: 1747
449 B
1 bttrack.com
bttrack.com — Cisco Umbrella Rank: 815
349 B
1 seedtag.com
s.seedtag.com — Cisco Umbrella Rank: 1600
284 B
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 495
280 B
1 yahoo.net
hb.yahoo.net — Cisco Umbrella Rank: 866
645 B
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 751
450 B
1 primis.tech
live.primis.tech — Cisco Umbrella Rank: 1398
555 B
1 antigena.com
us01.z.antigena.com — Cisco Umbrella Rank: 3298
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 870
225 B
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 1072
552 B
1 taptapnetworks.com
sonata-notifications.taptapnetworks.com — Cisco Umbrella Rank: 5551
346 B
1 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1781
4 KB
1 admixer.net
inv-nets.admixer.net — Cisco Umbrella Rank: 2137
586 B
1 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 951
646 B
1 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 582
540 B
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 940
275 B
1 postrelease.com
exchange.postrelease.com — Cisco Umbrella Rank: 4927
393 B
1 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1466
614 B
1 agkn.com
fid.agkn.com — Cisco Umbrella Rank: 2826
664 B
1 jwplayer.com
cdn.jwplayer.com — Cisco Umbrella Rank: 2808
15 KB
1 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 225
464 B
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 590
29 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
185 B
1 memberful.com
js.memberful.com — Cisco Umbrella Rank: 31066
23 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 735
30 KB
0 mrtnsvr.com Failed
ad.mrtnsvr.com Failed
455 121
Domain Requested by
32 pixel.rubiconproject.com 18 redirects hde.tynt.com
onetag-sys.com
28 gfieldmoney.com gfieldmoney.com
27 usersync.gumgum.com rtb.gumgum.com
22 cdn.packhacker.com gfieldmoney.com
21 eb2.3lift.com 6 redirects hde.tynt.com
gfieldmoney.com
eb2.3lift.com
19 cm.g.doubleclick.net 12 redirects hde.tynt.com
eb2.3lift.com
rtb.gumgum.com
u.openx.net
onetag-sys.com
19 simage2.pubmatic.com 2 redirects ads.pubmatic.com
hde.tynt.com
cdn.undertone.com
18 prebid.production.adthrive.com gfieldmoney.com
hde.tynt.com
eb2.3lift.com
cdn.undertone.com
ssum-sec.casalemedia.com
rtb.gumgum.com
u.openx.net
17 usr.undertone.com 1 redirects cdn.undertone.com
ssum-sec.casalemedia.com
17 prebid-server.rubiconproject.com gfieldmoney.com
hde.tynt.com
cdn.undertone.com
u.openx.net
eb2.3lift.com
rtb.gumgum.com
ads.pubmatic.com
onetag-sys.com
16 x.bidswitch.net 15 redirects onetag-sys.com
15 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
15 us-u.openx.net 8 redirects u.openx.net
15 ssc-cms.33across.com 15 redirects
15 match.adsrvr.org 13 redirects gfieldmoney.com
14 ups.analytics.yahoo.com 11 redirects gfieldmoney.com
u.openx.net
onetag-sys.com
13 token.rubiconproject.com 6 redirects eus.rubiconproject.com
12 eus.rubiconproject.com hde.tynt.com
eus.rubiconproject.com
cdn.undertone.com
rtb.gumgum.com
11 events-ssc.33across.com hde.tynt.com
ads.pubmatic.com
10 onetag-sys.com 2 redirects gfieldmoney.com
onetag-sys.com
10 id5-sync.com 8 redirects gfieldmoney.com
10 ib.adnxs.com 6 redirects gfieldmoney.com
hde.tynt.com
eb2.3lift.com
9 image2.pubmatic.com ads.pubmatic.com
hde.tynt.com
9 match.prod.bidr.io 9 redirects
9 s.amazon-adsystem.com 2 redirects ads.pubmatic.com
hde.tynt.com
ssum-sec.casalemedia.com
u.openx.net
eb2.3lift.com
onetag-sys.com
9 ads.adthrive.com gfieldmoney.com
8 pr-bh.ybp.yahoo.com 4 redirects hde.tynt.com
ssum-sec.casalemedia.com
u.openx.net
8 ads.pubmatic.com hde.tynt.com
gfieldmoney.com
rtb.gumgum.com
7 pixel-sync.sitescout.com 7 redirects
7 pixel.tapad.com 3 redirects hde.tynt.com
u.openx.net
7 sync.srv.stackadapt.com 5 redirects eb2.3lift.com
7 logger.adthrive.com gfieldmoney.com
7 use.typekit.net gfieldmoney.com
use.typekit.net
6 creativecdn.com 6 redirects
6 sync.1rx.io 6 redirects
6 secure-assets.rubiconproject.com 6 redirects
6 sync.ipredictive.com 6 redirects
6 prebid-match.dotomi.com 6 redirects
6 c2shb.pubgw.yahoo.com gfieldmoney.com
5 ssum-sec.casalemedia.com 1 redirects cdn.undertone.com
ssum-sec.casalemedia.com
gfieldmoney.com
5 c1.adform.net 5 redirects
5 rtb.gumgum.com 1 redirects gfieldmoney.com
rtb.gumgum.com
4 b1sync.zemanta.com 4 redirects
4 idsync.rlcdn.com 2 redirects u.openx.net
4 sync.targeting.unrulymedia.com 4 redirects
4 secure.adnxs.com 4 redirects
4 ad.turn.com 4 redirects
4 sync-tm.everesttech.net 3 redirects ads.pubmatic.com
4 match.deepintent.com 3 redirects ads.pubmatic.com
4 bh.contextweb.com 4 redirects
4 33across-match.dotomi.com 4 redirects
4 image6.pubmatic.com 1 redirects ads.pubmatic.com
4 pagead2.googlesyndication.com gfieldmoney.com
tpc.googlesyndication.com
4 securepubads.g.doubleclick.net gfieldmoney.com
3 ssbsync.smartadserver.com 3 redirects
3 image8.pubmatic.com 2 redirects onetag-sys.com
3 px.ads.linkedin.com hde.tynt.com
eb2.3lift.com
cdn.undertone.com
3 dis.criteo.com 2 redirects ads.pubmatic.com
3 pm.w55c.net 3 redirects
3 beacon.lynx.cognitivlabs.com 2 redirects ads.pubmatic.com
3 ce.lijit.com 2 redirects hde.tynt.com
3 tpc.googlesyndication.com gfieldmoney.com
3 c2shb.ssp.yahoo.com gfieldmoney.com
3 sb.scorecardresearch.com 1 redirects gfieldmoney.com
3 c.amazon-adsystem.com gfieldmoney.com
3 fonts.googleapis.com gfieldmoney.com
2 ads.creative-serving.com 2 redirects
2 triplelift-match.dotomi.com 2 redirects
2 thrtle.com 1 redirects
2 px.owneriq.net 2 redirects
2 sync.mathtag.com 2 redirects
2 u.openx.net gfieldmoney.com
2 tg.socdm.com 2 redirects
2 t.pswec.com 2 redirects
2 ad.360yield.com 2 redirects
2 simage4.pubmatic.com ads.pubmatic.com
2 casale-match.dotomi.com 2 redirects
2 ads.stickyadstv.com 1 redirects ssum-sec.casalemedia.com
2 dpm.demdex.net 1 redirects cdn.undertone.com
2 dsum.casalemedia.com ssum-sec.casalemedia.com
2 i.liadm.com 2 redirects
2 pixel.advertising.com 2 redirects
2 cdn.undertone.com gfieldmoney.com
2 id.rlcdn.com 2 redirects
2 capi.connatix.com 1 redirects
2 crb.kargo.com 1 redirects
2 pmp.mxptint.net 1 redirects hde.tynt.com
2 rtb.adentifi.com hde.tynt.com
ssum-sec.casalemedia.com
2 pubmatic-match.dotomi.com 2 redirects
2 image4.pubmatic.com 1 redirects hde.tynt.com
2 um.simpli.fi 2 redirects
2 p.rfihub.com 2 redirects
2 cm.adgrx.com 2 redirects
2 cms.quantserve.com 2 redirects
2 rtb.mfadsrvr.com 2 redirects
2 hde.tynt.com gfieldmoney.com
2 de.tynt.com 2 redirects
2 ice.360yield.com 2 redirects
2 sync.resetdigital.co 2 redirects
2 sync.colossusssp.com 2 redirects
2 cdn.brandmetrics.com gfieldmoney.com
2 geo.privacymanager.io gfieldmoney.com
2 lexicon.33across.com 1 redirects
2 d9.flashtalking.com gfieldmoney.com
2 mug.criteo.com
2 gum.criteo.com 1 redirects
2 cdn.confiant-integrations.net gfieldmoney.com
2 connect.facebook.net gfieldmoney.com
2 p.typekit.net use.typekit.net
client
1 ssbsync-global.smartadserver.com onetag-sys.com
1 cs.admanmedia.com onetag-sys.com
1 bcp.crwdcntrl.net
1 synchroscript.deliveryengine.adswizz.com
1 c.bing.com eb2.3lift.com
1 cm.adform.net 1 redirects
1 sync.bfmio.com
1 matching.truffle.bid ads.pubmatic.com
1 core.iprom.net ads.pubmatic.com
1 gocm.c.appier.net 1 redirects
1 ipac.ctnsnet.com ads.pubmatic.com
1 ums.acuityplatform.com 1 redirects
1 r.casalemedia.com ssum-sec.casalemedia.com
1 beacon.krxd.net cdn.undertone.com
1 pippio.com 1 redirects
1 tags.bluekai.com cdn.undertone.com
1 cw.addthis.com cdn.undertone.com
1 s.company-target.com 1 redirects
1 cm.ctnsnet.com 1 redirects
1 i6.liadm.com ssum-sec.casalemedia.com
1 sync.crwdcntrl.net 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 visitor.omnitagjs.com
1 cs.minutemedia-prebid.com
1 cs.yellowblue.io
1 s2s.t13.io
1 bttrack.com 1 redirects
1 s.seedtag.com
1 match.sharethrough.com
1 hb.yahoo.net
1 prebid.a-mo.net hde.tynt.com
1 sync1.intentiq.com hde.tynt.com
1 sync.intentiq.com 1 redirects
1 live.primis.tech 1 redirects
1 aax-eu.amazon-adsystem.com hde.tynt.com
1 pixel-us-east.rubiconproject.com 1 redirects
1 us01.z.antigena.com hde.tynt.com
1 csync.loopme.me 1 redirects
1 t.adx.opera.com 1 redirects
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 sonata-notifications.taptapnetworks.com 1 redirects
1 sync.technoratimedia.com 1 redirects
1 rtb-csync.smartadserver.com 1 redirects
1 inv-nets.admixer.net 1 redirects
1 www.google.com gfieldmoney.com
1 sync.go.sonobi.com 1 redirects
1 6d1730eefb63013d47e63f0f9e1a6912.safeframe.googlesyndication.com gfieldmoney.com
1 ads.yieldmo.com 1 redirects
1 lb.eu-1-id5-sync.com gfieldmoney.com
1 collector.brandmetrics.com gfieldmoney.com
1 exchange.postrelease.com gfieldmoney.com
1 g2.gumgum.com gfieldmoney.com
1 colossusssp.com gfieldmoney.com
1 direct.adsrvr.org gfieldmoney.com
1 fastlane.rubiconproject.com gfieldmoney.com
1 hbopenbid.pubmatic.com gfieldmoney.com
1 rtb.openx.net gfieldmoney.com
1 tlx.3lift.com gfieldmoney.com
1 bidder.criteo.com gfieldmoney.com
1 krk2.kargo.com gfieldmoney.com
1 htlb.casalemedia.com gfieldmoney.com
1 a.teads.tv gfieldmoney.com
1 rp4.liadm.com
1 rp.liadm.com 1 redirects
1 aax.amazon-adsystem.com gfieldmoney.com
1 launchpad.privacymanager.io gfieldmoney.com
1 cdn.id5-sync.com gfieldmoney.com
1 cdn-ima.33across.com gfieldmoney.com
1 config.aps.amazon-adsystem.com gfieldmoney.com
1 id.crwdcntrl.net gfieldmoney.com
1 idx.liadm.com gfieldmoney.com
1 fid.agkn.com gfieldmoney.com
1 launchpad-wrapper.privacymanager.io gfieldmoney.com
1 cdn.jwplayer.com gfieldmoney.com
1 bam.nr-data.net gfieldmoney.com
1 js-agent.newrelic.com gfieldmoney.com
1 www.facebook.com gfieldmoney.com
1 js.memberful.com gfieldmoney.com
1 code.jquery.com gfieldmoney.com
0 pixel-eu.rubiconproject.com Failed onetag-sys.com
0 ad.mrtnsvr.com Failed ads.pubmatic.com
0 api.rlcdn.com Failed gfieldmoney.com
455 192

This site contains links to these domains. Also see Links.

Domain
packha.kr
Subject Issuer Validity Valid
gfieldmoney.com
R3		 2023-12-02 -
2024-03-01		 3 months crt.sh
*.adthrive.com
Amazon RSA 2048 M01		 2023-05-06 -
2024-06-03		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
use.typekit.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-21 -
2024-10-21		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
images-integration.instamotor.com
Certainly Intermediate R1		 2023-11-30 -
2023-12-30		 a month crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
memberful.com
Cloudflare Inc ECC CA-3		 2023-03-31 -
2024-03-30		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-09-11 -
2023-12-10		 3 months crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2023 Q2		 2023-04-13 -
2024-05-14		 a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.nr-data.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-29 -
2024-10-01		 a year crt.sh
jwplayer.com
Amazon RSA 2048 M02		 2023-10-27 -
2024-11-23		 a year crt.sh
*.scorecardresearch.com
Sectigo RSA Domain Validation Secure Server CA		 2022-12-15 -
2023-12-28		 a year crt.sh
confiant-integrations.net
GTS CA 1P5		 2023-11-19 -
2024-02-17		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
*.privacymanager.io
Amazon RSA 2048 M01		 2023-07-27 -
2024-08-24		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh
*.agkn.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-09-07 -
2024-09-29		 a year crt.sh
tag.device9.com
Go Daddy Secure Certificate Authority - G2		 2023-07-19 -
2024-08-19		 a year crt.sh
*.liadm.com
Amazon RSA 2048 M02		 2023-08-31 -
2024-09-28		 a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2023-02-20 -
2024-03-20		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-09-30		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-07 -
2024-05-06		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-10-17 -
2024-04-10		 6 months crt.sh
brandmetrics.com
GTS CA 1P5		 2023-11-04 -
2024-02-02		 3 months crt.sh
prebid.production.adthrive.com
Amazon RSA 2048 M02		 2023-10-05 -
2024-11-02		 a year crt.sh
teads.tv
R3		 2023-11-03 -
2024-02-01		 3 months crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.app.kargo.com
Amazon RSA 2048 M02		 2023-02-21 -
2024-01-18		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.colossusssp.com
Go Daddy Secure Certificate Authority - G2		 2023-09-08 -
2024-10-09		 a year crt.sh
dev.eks.va.adexchange.gumgum.com
Amazon RSA 2048 M02		 2023-11-17 -
2024-12-15		 a year crt.sh
*.postrelease.com
Amazon RSA 2048 M02		 2023-10-27 -
2024-11-23		 a year crt.sh
*.brandmetrics.com
Go Daddy Secure Certificate Authority - G2		 2023-05-10 -
2024-06-10		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2023-11-01 -
2024-01-30		 3 months crt.sh
*.id5-sync.com
R3		 2023-11-01 -
2024-01-30		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-05 -
2024-09-30		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-11-30 -
2024-01-01		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-11 -
2024-09-11		 a year crt.sh
beacon.lynx.cognitivlabs.com
Amazon RSA 2048 M02		 2023-03-31 -
2024-04-28		 a year crt.sh
events-ssc.33across.com
GTS CA 1D4		 2023-10-25 -
2024-01-23		 3 months crt.sh
*.z.antigena.com
Sectigo ECC Domain Validation Secure Server CA		 2023-04-03 -
2024-04-02		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
adentifi.com
Amazon RSA 2048 M01		 2023-07-06 -
2024-08-03		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2023-11-03 -
2024-05-03		 6 months crt.sh
*.undertone.com
Amazon RSA 2048 M01		 2023-09-11 -
2024-10-08		 a year crt.sh
odc-addthis-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-07 -
2024-02-07		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-07 -
2024-02-08		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-14 -
2024-04-12		 a year crt.sh
*.ads.stickyadstv.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-04-19 -
2024-05-19		 a year crt.sh
*.ad-server.k8s.ggops.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-09		 a year crt.sh
*.ctnsnet.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-13 -
2024-11-10		 a year crt.sh
*.iprom.net
R3		 2023-11-13 -
2024-02-11		 3 months crt.sh
truffle.bid
R3		 2023-10-24 -
2024-01-22		 3 months crt.sh
*.prod.use1.green.ops.kargo.com
Amazon RSA 2048 M01		 2022-11-10 -
2023-12-09		 a year crt.sh
*.bfmio.com
Amazon RSA 2048 M02		 2023-03-17 -
2024-04-14		 a year crt.sh
*.srv.stackadapt.com
Amazon RSA 2048 M03		 2023-09-09 -
2024-10-07		 a year crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 01		 2023-10-24 -
2024-04-21		 6 months crt.sh
*.tapad.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-18 -
2024-09-17		 a year crt.sh
*.deliveryengine.adswizz.com
Amazon RSA 2048 M02		 2023-02-09 -
2024-02-13		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.admanmedia.com
Go Daddy Secure Certificate Authority - G2		 2023-04-20 -
2024-05-21		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh

This page contains 72 frames:

Primary Page: https://gfieldmoney.com/
Frame ID: 30C739E42B3EDA8F6013907E6456FCA6
Requests: 167 HTTP requests in this frame

Frame: https://ads.adthrive.com/builds/core/36761d1/html/i.html
Frame ID: 345FF339DF149E8F8B3553065E0638ED
Requests: 1 HTTP requests in this frame

Frame: https://ads.adthrive.com/builds/core/36761d1/html/rnf.html
Frame ID: 2904320ABE95CCF993192744B0322B45
Requests: 1 HTTP requests in this frame

Frame: https://6d1730eefb63013d47e63f0f9e1a6912.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: BE5F2BDAB11BC8B28C0881CDB33DB065
Requests: 1 HTTP requests in this frame

Frame: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Frame ID: 293C97BE4A814E6C64E02D192FE4136B
Requests: 6 HTTP requests in this frame

Frame: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Frame ID: E2C89D14463FB62942D9FF6F310D55C6
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F42FA708AD73E446B697471CDAF30F94
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 568A68EE293EC1FF4DFE84EE2F278CB1
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1YNY
Frame ID: 7343C4A82EB08270A6F540048B271D07
Requests: 20 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=1YNY&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D1YNY%26bidder_id%3D25%26external_user_id%3D
Frame ID: 030932EDF7FDD1061D6D42B01CEB2465
Requests: 20 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1YNY
Frame ID: B9CCE439E80735C44BD220A252E9C868
Requests: 19 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=1YNY&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D1YNY%26bidder_id%3D25%26external_user_id%3D
Frame ID: F0CE2B63B5B959C690383E73B81A5B40
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=7B075CE7-101E-4A79-8D4A-D4FF4B2C5B19&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: 39540949DAAB4C3B735DEDDB77696A5A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6848836367408275229&gdpr=0&gdpr_consent=
Frame ID: 931247ADFA86FEEBCED92CE42B31E3A6
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABG-07K17QAABaoX3xKGQ&gdpr=0
Frame ID: EF0F30CECF4F2E5D098C2FCAAAFE223C
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: A450CBC97D28D26ECB1A6CFDCEA49741
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=WZx6eQuQKHpCkX9_Wcthf1_LdCtCynR9W5_oKrAs
Frame ID: 103C23141D3F2A6421D165BD1044A7C0
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZWvZ2gAEFI0d-gBU
Frame ID: AFCB12DFED44C5788B8C00CA09045BB8
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=a79111c6-27ff-47f3-a668-26bb7e3273b1&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Frame ID: 4F2D9D92A8538CB0BDBCCAAC549BFF9E
Requests: 1 HTTP requests in this frame

Frame: https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=7B075CE7-101E-4A79-8D4A-D4FF4B2C5B19
Frame ID: ABF033339BAABCFE69E7F89BC44BDF6D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=54d6d3ea-917b-11ee-bfe1-024aadfc323b
Frame ID: 6BF3AC619369E714EF87AB5CE4A61A4D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=ZGHPi6SLXD9Csh2xxgNtGmAJ-Ss&gdpr=0&gdpr_consent=
Frame ID: 4DE6B77CABD7A4ABC4433172512629FE
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:kabkwUtO1R9Bi25&gdpr=0&gdpr_consent=
Frame ID: 756B81AE09B5A0D19C3CA3432ED876D5
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: F84CA5F097021496441AC3CF1EA064B0
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1791377154225342206
Frame ID: 6010E617AC5A254D03E6A08CCBEF0F0F
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 7E3E1FA3D67BBB12943EBCE97D07D737
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUf6bd816491224d8bb8b02247b0c4128b
Frame ID: 59CA157EE40B6E6E451E665F23ADB012
Requests: 1 HTTP requests in this frame

Frame: https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Frame ID: C822F71F412F959F9CAEF09BEFA774D5
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 4AFE6952DE8BAB9B947E1F5C62493480
Requests: 1 HTTP requests in this frame

Frame: https://events-ssc.33across.com/match?liv=h&us_privacy=1YNY&bidder_id=25&external_user_id=7B075CE7-101E-4A79-8D4A-D4FF4B2C5B19
Frame ID: B5F90A8975CBB2142FAC06C38FD66B58
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1YNY&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Frame ID: BDC2EB084B0B6CE4B4B3398DBE3D298B
Requests: 12 HTTP requests in this frame

Frame: https://cdn.undertone.com/js/usersync.html?gdpr=&gdpr_consent=&us_privacy=1YNY&redirect=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3Dundertone%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Frame ID: FEB5AE0D05D4844F27D067B6D52B8733
Requests: 9 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3Fus_privacy%3D1YNY%26partnerId%3D57%26uid%3D&s=197137&us_privacy=1YNY&C=1
Frame ID: 9DE634BA92E8E9CA0788EEE56E0D82A2
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=12776&us_privacy=1YNY
Frame ID: 0B335EC24E1D8DFAEB6025FED4BFB988
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&predirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Frame ID: 9CB3FE8819152702D44E18342C2F48B7
Requests: 6 HTTP requests in this frame

Frame: https://cdn.undertone.com/js/usersync.html?gdpr=&gdpr_consent=&us_privacy=1YNY&redirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dundertone%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Frame ID: E92E5A2103DF2CE698A6657887D3751E
Requests: 14 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&us_privacy=1YNY
Frame ID: ACB1F0126CFF83B8536B4099530EB943
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=12776&us_privacy=1YNY
Frame ID: ACF662E82F3E1689E13DC07EB800CDEF
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&cb=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Frame ID: ABC173778CA1B2957AE3F9EE6DF30C0D
Requests: 10 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/11685?gdpr=&gdpr_consent=&us_privacy=1YNY&r=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Frame ID: ECCB9448D27AAD407033F2F6238E49C9
Requests: 12 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=adf&i=2679859129782140740&gdpr=&gdpr_consent=
Frame ID: EB3BB52218BCBC36275F955A0383F84B
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV83OWEwZjlmMi0wMjk0LTRlYmYtYWQ5NS02NjBkYWIxNGVmNzQ=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: BAFFCC4DB5801B9FE972372D3A6287F3
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Frame ID: EEB801F9F31A2539E61BEF1E6AE38F3B
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=0aefc4a5-4b50-4aeb-845b-55f3253f3643
Frame ID: C5C1F8AE1635DEC6C5D9F6E7EEB4E8ED
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZWvZ3cCo5r8AAAivavUAAAAA
Frame ID: D8CB1916C31B1AC930ECCC8F283801F0
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=Dr8y37TbsxIaHQdwtbFQDbOjUoVStEqYz14KJCXBZIs&pi=gumgum
Frame ID: 147672C4B0D4C67867F722E9B9E9EA28
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: CDBE1CF09303036A50182D24A310699C
Requests: 4 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Frame ID: 4759E2F9055A9F227A3369CE59380CD6
Requests: 8 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=859701337046
Frame ID: E05BB7A3A7A49DCDEEC13D3FEBED70C9
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: E2104088ACA3062F7BCC81A1236F9804
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=O8xLYkpJBimhq3WZ3dlrZQ
Frame ID: B8FF2C3287F3AB6AE9E6C91BC61537FE
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-dec0b61f-6e1a-4358-9cea-225ed68296c4-005
Frame ID: 3D40DB04EA8F0B6E106355BB3D3C4AB7
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:ddea656b-d9dd-4800-9980-4e927edf5255&gdpr=0&gdpr_consent=
Frame ID: 90865AE9FE908C250AA480BBDD91AD15
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 27E967B9FB4748C3CDBA0D3BC1327E74
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 91B3F7F5C7BB8BA889F74E7D92A4B7A4
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7548533411454851215
Frame ID: 76AF30A1375143636BA03313D748D753
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A0094357F4164D11BAF4FA6E045A129E&gdpr=0&gdpr_consent=
Frame ID: CE62359D79914EAF29A9362113B6D93E
Requests: 1 HTTP requests in this frame

Frame: https://events-ssc.33across.com/match?liv=h&us_privacy=1YNY&bidder_id=25&external_user_id=7B075CE7-101E-4A79-8D4A-D4FF4B2C5B19
Frame ID: 58C85B7EEE1DF79BAE51CDF218805AB2
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1YNY&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Frame ID: CBDAA03ADC52CFB7A8A5EE6B13FC9CDD
Requests: 12 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&predirect=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Frame ID: FEBADD44CA3D02D4298137FBEA13633F
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&predirect=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3Dgroupm%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Frame ID: 88252A50810FC1F5759A6EB245B5D2D0
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=1YNY&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Frame ID: 4185CE4D47D78CC37D16491E498CB730
Requests: 12 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=adf&i=2679859129782140740&gdpr=&gdpr_consent=
Frame ID: A274671A5D5B6EE9418EC6EA0CF2019E
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV83OWEwZjlmMi0wMjk0LTRlYmYtYWQ5NS02NjBkYWIxNGVmNzQ=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: 43939203BF4F2831A39C637A2D16D684
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Frame ID: 259EF544E4B9F6BFD8458B69364279E0
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=0aefc4a5-4b50-4aeb-845b-55f3253f3643
Frame ID: C777234E9C0C48AC0941B7D8DAC4A1B4
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZWvZ3cCo5r8AAAivavUAAAAA
Frame ID: 81FB25D158668726AEE5F3C7B577794C
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=Dr8y37TbsxIaHQdwtbFQDbOjUoVStEqYz14KJCXBZIs&pi=gumgum
Frame ID: A4A43352024DE1C122B123B2E22B4971
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: D6D36516F206B2018EA3BE8686C9D877
Requests: 3 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Frame ID: EA07F39333493F4445BF5F80B7787A01
Requests: 8 HTTP requests in this frame

Frame: https://prebid-server.rubiconproject.com/setuid?bidder=pubmatic&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&account=&f=b&uid=7B075CE7-101E-4A79-8D4A-D4FF4B2C5B19
Frame ID: B7D34A8401D4702D0E2DAE83648E769B
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D&gdpr=&gdpr_consent=&us_privacy=1YNY
Frame ID: 95A34DE61606F2A72F47A0CEB0D67E32
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Pack Hacker | Your Guide to Smarter Travel

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

455
Requests

63 %
HTTPS

19 %
IPv6

121
Domains

192
Subdomains

123
IPs

8
Countries

4640 kB
Transfer

7942 kB
Size

246
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 93
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fgfieldmoney.com%2F&domain=gfieldmoney.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=mpYAGHwvM2VNNWFMZ3VPSTNpK2ZCdEFkWjNJSzNlZEdOMFQ4M2dVdW5DV2JWWG9ocU5BbmpLQTduTEdpei83bmM3T1BTZDhTT2VJVzBmeTcxOGdWZXlBSU41Y0pSanplMTJVRFJITHk5eWJ0QXpvaDg1M2ZXRnN3WUZyZ3hxUi93V3p6RTM1MEFhUW1PYWY4ajQ4R3grUnkwLzBlbXZiTlVVVGtWcjU3R1ZyV0xYVGFjOG14cnd0QjBDVWtXN1VUa2M4cmorTkVVZWRwQU1FdFBaZSttaUFqdzRBZkpwNlYyUmh1dy82SllaaEp3b2s0PXw&cppv=2
Request Chain 98
  • https://lexicon.33across.com/v1/envelope?pid=0013300001i0fyfAAA&gdpr=0&src=pbjs&ver=8.5.0&coppa=0 HTTP 307
  • https://lexicon.33across.com/v1/envelope?pid=0013300001i0fyfAAA&gdpr=0&src=pbjs&ver=8.5.0&coppa=0&b=1&g=7OwXLr1AfjRZfIUoH6Yv4y6rH6mkP2hwDOHXJrAM4sg%3D
Request Chain 110
  • https://sb.scorecardresearch.com/b?c1=2&c2=20567959&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1701566934766&ns_c=UTF-8&cs_ucfr=1&c7=https%3A%2F%2Fgfieldmoney.com%2F&c8=Pack%20Hacker%20%7C%20Your%20Guide%20to%20Smarter%20Travel&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=20567959&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1701566934766&ns_c=UTF-8&cs_ucfr=1&c7=https%3A%2F%2Fgfieldmoney.com%2F&c8=Pack%20Hacker%20%7C%20Your%20Guide%20to%20Smarter%20Travel&c9=
Request Chain 119
  • https://rp.liadm.com/j?dtstmp=1701566935193&se=e30&duid=554e01b63a9f--01hgpmnvkgm6k9ygc3h84r3v1h&pu=https%3A%2F%2Fgfieldmoney.com%2F&wpn=prebid HTTP 302
  • https://rp4.liadm.com/j?se=e30&duid=554e01b63a9f--01hgpmnvkgm6k9ygc3h84r3v1h&dtstmp=1701566935193&wpn=prebid&pu=https%3A%2F%2Fgfieldmoney.com%2F&i6=MjYwMjpmZmM4OjI6MTA0OjoxNw%3D%3D
Request Chain 148
  • https://ups.analytics.yahoo.com/ups/58830/sync?redir=true&gdpr=&gdpr_consent= HTTP 302
  • https://prebid.production.adthrive.com/setuid?bidder=yahooAds&f=b&uid=y-lnwetbRE2uJrUWexT4ASlJWiv0c_ctkI~A
Request Chain 150
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24%7BBSW_UUID%7D HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24%7BBSW_UUID%7D HTTP 302
  • https://prebid.production.adthrive.com/setuid?bidder=grid&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&f=i&uid=a79111c6-27ff-47f3-a668-26bb7e3273b1
Request Chain 152
  • https://sync.colossusssp.com/pbs.gif?gdpr=&gdpr_consent=&us_privacy=1YNY&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dcolossus%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Di%26uid%3D%5BUID%5D HTTP 302
  • https://prebid-server.rubiconproject.com/setuid?bidder=colossus&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&account=&f=i&uid=16e6afb7-db8b-4b83-ad02-d372fee35d19
Request Chain 154
  • https://ads.yieldmo.com/pbsync?gdpr=&gdpr_consent=&us_privacy=1YNY&redirectUri=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3Dyieldmo%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://prebid.production.adthrive.com/setuid?bidder=yieldmo&gpp=&gpp_sid=&f=i&uid=3zqHuII00HIIAnFOzesw&gdpr=&gdpr_consent=&us_privacy=1YNY
Request Chain 155
  • https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&rurl=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dconversant%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Di%26uid%3D HTTP 302
  • https://prebid-match.dotomi.com/match/bounce/current?DotomiTest=5994db7ab097105e&is_secure=true&version=1&networkId=72582&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&rurl=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dconversant%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Di%26uid%3D HTTP 302
  • https://prebid-server.rubiconproject.com/setuid?bidder=conversant&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&account=&f=i&uid=AAAGTasqO-j0GANyuVIrAAAAAAA&expiration=1701653337
Request Chain 159
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://prebid.production.adthrive.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&f=i&uid=6848836367408275229
Request Chain 160
  • https://sync.resetdigital.co/csync?pid=rubicon&puid={Publisher%20UID}&redir=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3Dresetdigital%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24USER_ID HTTP 302
  • https://prebid.production.adthrive.com/setuid?bidder=resetdigital&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&f=i&uid=0000012016C3AC42
Request Chain 162
  • https://id5-sync.com/i/367/8.gif?id5id=ID5*p11bvzOanJwcEIAy7cUbttIDVO2qk3C8Hqjt0DC-JAByZ0HGtU2NVetFC6Ya6AFlcmhGVH21slvYSOt-mkYAnw&o=api&gdpr_consent=undefined&gdpr=false HTTP 302
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=id5&cspid=18&cb=&redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F367%2F796%2F7%2F2.gif%3Fpuid%3D%24%7BADELPHIC_CUID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/367/796/7/2.gif?puid=5a4df778-f627-4743-8570-98b1bd159585&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=0aefc4a5-4b50-4aeb-845b-55f3253f3643&ttl=%%TTL%% HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-6af9oqahGo0svbR8-SYwQz9pazuvTTqPlNBWoYIZhg&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F367%2F124%2F5%2F4.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-6af9oqahGo0svbR8-SYwQz9pazuvTTqPlNBWoYIZhg&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F367%2F124%2F5%2F4.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/367/124/5/4.gif?puid=044b2f34-390c-453e-b062-89487d94c2a7&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F367%2F441%2F4%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/367/441/4/5.gif?puid=u_79a0f9f2-0294-4ebf-ad95-660dab14ef74&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/367/2/3/6.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/367/2/3/6.gif?puid=6848836367408275229&gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F367%2F429%2F2%2F7.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://id5-sync.com/c/367/429/2/7.gif?puid=7B075CE7-101E-4A79-8D4A-D4FF4B2C5B19&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F367%2F434%2F1%2F8.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent= HTTP 302
  • https://id5-sync.com/c/367/434/1/8.gif?puid=900bcf57-04e2-4f5d-964f-53669d1e435f&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=58&3pid=7B075CE7-101E-4A79-8D4A-D4FF4B2C5B19&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F367%2F1242%2F0%2F9.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_consent%3D&s=id5 HTTP 302
  • https://id5-sync.com/c/367/1242/0/9.gif?puid=HwbYeQZHcHvqV0qFTXOwyLEy&gdpr=0&gdpr_consent=
Request Chain 163
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D33XUSERID33X HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D33XUSERID33X HTTP 307
  • https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Request Chain 164
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X HTTP 307
  • https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Request Chain 170
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy=1YNY HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1YNY
Request Chain 171
  • https://ssc-cms.33across.com/ps/?us_privacy=1YNY&ts=1701566937800.7&ri=25&ru=https%3A%2F%2Fads.pubmatic.com%2FAdServer%2Fjs%2Fuser_sync.html%3F%26p%3D156423%26us_privacy%3D%24%7BUS_PRIVACY%7D%26predirect%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D25%2526external_user_id%253D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=1YNY&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D1YNY%26bidder_id%3D25%26external_user_id%3D
Request Chain 172
  • https://ssc-cms.33across.com/ps/?_=1701566937800.&ri=zzz000000000002zzz&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1YNY&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X HTTP 302
  • https://prebid-server.rubiconproject.com/setuid?bidder=33across&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&account=&f=b&uid=212365417016861
Request Chain 173
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy=1YNY HTTP 302
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=the33across&bsw_user_id=a79111c6-27ff-47f3-a668-26bb7e3273b1&gdpr=&gdpr_consent=&us_privacy=1YNY HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=the33across&bsw_user_id=a79111c6-27ff-47f3-a668-26bb7e3273b1&gdpr=&gdpr_consent=&us_privacy=1YNY HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=3fd4a5c6-c1b7-4e65-a25c-d64c9546866e&ssp=the33across&us_privacy=1YNY HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=1YNY&xu=a79111c6-27ff-47f3-a668-26bb7e3273b1 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=10&external_user_id=a79111c6-27ff-47f3-a668-26bb7e3273b1&ts=1701566938&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1YNY
Request Chain 174
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-LARzBQ9E2uGEfg3BzrPmhMGWmAOAA9i4~A HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-LARzBQ9E2uGEfg3BzrPmhMGWmAOAA9i4%7EA&ts=1701566937&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 175
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy=1YNY HTTP 302
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=1541c18b361504&is_secure=true&networkId=78390&version=1&us_privacy=1YNY HTTP 302
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAAHd2LSLliL9wMwsizvAAAAAAA&expiration=1701653337&is_secure=true&us_privacy=1YNY HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAHd2LSLliL9wMwsizvAAAAAAA&ts=1701566938&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1YNY
Request Chain 176
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=1YNY&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D1YNY%26xi%3D33%26xu%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=1YNY&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D1YNY%26xi%3D33%26xu%3D%24UID HTTP 302
  • https://ssc-cms.33across.com/ps/?us_privacy=1YNY&xi=33&xu=1522299549400378201894 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=33&external_user_id=1522299549400378201894&ts=1701566938&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1YNY
Request Chain 177
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy=1YNY HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1YNY
Request Chain 178
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy=1YNY HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dthe33across%26bsw_param%3Da79111c6-27ff-47f3-a668-26bb7e3273b1%26gdpr%3D%26consent%3D%26gdpr_pd%3D%26expires%3D7 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=09213d99cd244062811ca84e9c789758&ssp=the33across&bsw_param=a79111c6-27ff-47f3-a668-26bb7e3273b1&gdpr=&consent=&gdpr_pd=&expires=7 HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=a79111c6-27ff-47f3-a668-26bb7e3273b1 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=10&external_user_id=a79111c6-27ff-47f3-a668-26bb7e3273b1&ts=1701566938&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 179
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-LARzBQ9E2uGEfg3BzrPmhMGWmAOAA9i4~A HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-LARzBQ9E2uGEfg3BzrPmhMGWmAOAA9i4%7EA&ts=1701566937&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 180
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy=1YNY HTTP 302
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=494ddc10859d1504&is_secure=true&networkId=78390&version=1&us_privacy=1YNY HTTP 302
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAAG9Ep3bJaonANQVhqkAAAAAAA&expiration=1701653337&is_secure=true&us_privacy=1YNY HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAG9Ep3bJaonANQVhqkAAAAAAA&ts=1701566938&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1YNY
Request Chain 181
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=1YNY&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D1YNY%26xi%3D33%26xu%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=1YNY&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D1YNY%26xi%3D33%26xu%3D%24UID HTTP 302
  • https://ssc-cms.33across.com/ps/?us_privacy=1YNY&xi=33&xu=1522299549400378201894 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=33&external_user_id=1522299549400378201894&ts=1701566938&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1YNY
Request Chain 182
  • https://ssc-cms.33across.com/ps/?us_privacy=1YNY&ts=1701566937800.7&ri=25&ru=https%3A%2F%2Fads.pubmatic.com%2FAdServer%2Fjs%2Fuser_sync.html%3F%26p%3D156423%26us_privacy%3D%24%7BUS_PRIVACY%7D%26predirect%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D25%2526external_user_id%253D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=1YNY&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D1YNY%26bidder_id%3D25%26external_user_id%3D
Request Chain 183
  • https://ssc-cms.33across.com/ps/?_=1701566937800.&ri=zzz000000000002zzz&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1YNY&ru=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D33XUSERID33X HTTP 302
  • https://prebid.production.adthrive.com/setuid?bidder=33across&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&f=b&uid=212365417016861
Request Chain 188
  • https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=7B075CE7-101E-4A79-8D4A-D4FF4B2C5B19&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=7B075CE7-101E-4A79-8D4A-D4FF4B2C5B19&redir=true&gdpr=0&gdpr_consent=&dcc=t
Request Chain 189
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6848836367408275229&gdpr=0&gdpr_consent=
Request Chain 190
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCRy0wN0sxN1FBQUJhb1gzeEtHUQ&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AABG-07K17QAABaoX3xKGQ&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Csyn%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Csyn%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=9176360673980405968&gdpr=0&gdpr_consent= HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AABG-07K17QAABaoX3xKGQ&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D9176360673980405968%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dsyn%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=9176360673980405968&gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AABG-07K17QAABaoX3xKGQ&pid=558502&do=add&gdpr=0 HTTP 303
  • https://sync.technoratimedia.com/services?uid=AABG-07K17QAABaoX3xKGQ&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D9176360673980405968%26gdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4&gdpr=0 HTTP 307
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=9176360673980405968&gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=4 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABG-07K17QAABaoX3xKGQ&gdpr=0
Request Chain 192
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=WZx6eQuQKHpCkX9_Wcthf1_LdCtCynR9W5_oKrAs
Request Chain 193
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZWvZ2gAEFI0d-gBU
Request Chain 194
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=a79111c6-27ff-47f3-a668-26bb7e3273b1&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=pubmatic&user_id=csonata_020ec5e4-5835-4ca2-8dfd-164e6858431f&bsw_param=a79111c6-27ff-47f3-a668-26bb7e3273b1&expires=10&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=a79111c6-27ff-47f3-a668-26bb7e3273b1&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Request Chain 195
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=599d435b-0934-4e88-96dd-836ec3b5a894&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=${PUBMATIC_UID} HTTP 302
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=7B075CE7-101E-4A79-8D4A-D4FF4B2C5B19
Request Chain 196
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=54d6d3ea-917b-11ee-bfe1-024aadfc323b
Request Chain 197
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=ZGHPi6SLXD9Csh2xxgNtGmAJ-Ss&gdpr=0&gdpr_consent=
Request Chain 198
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:kabkwUtO1R9Bi25&gdpr=0&gdpr_consent=
Request Chain 200
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1791377154225342206
Request Chain 201
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 202
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUf6bd816491224d8bb8b02247b0c4128b
Request Chain 204
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 206
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ewdc5xAeSnmNStT_SyxbGQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 207
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=7B075CE7-101E-4A79-8D4A-D4FF4B2C5B19 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=7B075CE7-101E-4A79-8D4A-D4FF4B2C5B19 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=55b7d429-6808-4fd5-b678-70879cd1adec%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=0aefc4a5-4b50-4aeb-845b-55f3253f3643&ttd_puid=55b7d429-6808-4fd5-b678-70879cd1adec%2C%2C
Request Chain 210
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=N0IwNzVDRTctMTAxRS00QTc5LThENEEtRDRGRjRCMkM1QjE5&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 211
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEP70c1f3ON7H_16blMC1dCk&google_cver=1
Request Chain 212
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:A0094357F4164D11BAF4FA6E045A129E
Request Chain 213
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=0aefc4a5-4b50-4aeb-845b-55f3253f3643&gdpr=0&gdpr_consent=
Request Chain 215
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=7B075CE7-101E-4A79-8D4A-D4FF4B2C5B19&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-l85RRYpE2uU2YGAxgLDsl7CiIcAoiHc-~A&gdpr=0
Request Chain 216
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=7B075CE7-101E-4A79-8D4A-D4FF4B2C5B19&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=2e18ff97413a1504&is_secure=true&networkId=17100&version=1&nuid=7B075CE7-101E-4A79-8D4A-D4FF4B2C5B19&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAHVrN4QL-q8gMIgchfAAAAAAA&expiration=1701653338&nuid=7B075CE7-101E-4A79-8D4A-D4FF4B2C5B19&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 217
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=5a4df778-f627-4743-8570-98b1bd159585&gdpr=0&gdpr_consent=
Request Chain 219
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R35CA5_10D16C7E3_D30EA2AF&r=https://pmp.mxptint.net/sn.ashx?ak=1 HTTP 302
  • https://pmp.mxptint.net/sn.ashx?ak=1
Request Chain 220
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3447890898502012593&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 221
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=0995b0c7-515f-4d0c-8d64-3489ea5938b1-656bd9da-5553&gdpr=0&gdpr_consent=
Request Chain 222
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=231339593526673310
Request Chain 225
  • https://crb.kargo.com/api/v1/dsync/PrebidServer?gdpr=&gdpr_consent=&us_privacy=1YNY&r=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3Dkargo%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://prebid.production.adthrive.com/setuid?bidder=kargo&f=i&uid=715ff07b-5a38-8ad3-faae-56d15b4034d2&us_privacy=1YNY
Request Chain 226
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=1YNY&us_privacy=1YNY&khaos=LPOT0PQP-U-9UAG HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=1&xu=LPOT0PQP-U-9UAG&us_privacy=1YNY HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LPOT0PQP-U-9UAG&ts=1701566938&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1YNY
Request Chain 227
  • https://token.rubiconproject.com/token?pid=25470&us_privacy=1YNY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFBPVDBQUVAtVS05VUFH&us_privacy=1YNY HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELXedqFOV1_DzhbOjY_1b3M&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBPVDBQUVAtVS05VUFH&google_push=
Request Chain 228
  • https://match.adsrvr.org/track/cmf/rubicon?us_privacy=1YNY HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=0aefc4a5-4b50-4aeb-845b-55f3253f3643&gdpr=0&gdpr_consent=&expires=30
Request Chain 229
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1YNY HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENthpKR7VvYpsr7Dq7DZomU&google_cver=1
Request Chain 230
  • https://token.rubiconproject.com/token?pid=36584&us_privacy=1YNY HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LPOT0PQP-U-9UAG&us_privacy=1YNY
Request Chain 231
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1YNY HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/YGKT0y1IhFxe8r8vrk8KjQ?csrc=&us_privacy=1YNY HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-8PnyjJ5E2oJ3OmYotXJxDbKpdp1xgtvKPjRT1w--~A
Request Chain 232
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us&us_privacy=1YNY HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LPOT0PQP-U-9UAG&ex=d-rubiconproject.com&status=ok&us_privacy=1YNY
Request Chain 234
  • https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1YNY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjY2NzMxYTliNGU0NDVkZDhlNGU3MzFhMjAzMGI2MjQyZmNkOGEyYw&us_privacy=1YNY
Request Chain 235
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1YNY HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=7gTfNIEOSTOy6fqyiHCmYw&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=7gTfNIEOSTOy6fqyiHCmYw
Request Chain 236
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&us_privacy=1YNY HTTP 303
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AABG-07K17QAABaoX3xKGQ&expires=30
Request Chain 237
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn&us_privacy=1YNY HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LPOT0PQP-U-9UAG&us_privacy=1YNY
Request Chain 238
  • https://token.rubiconproject.com/token?pid=37556&a=1&us_privacy=1YNY HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LPOT0PQP-U-9UAG&us_privacy=1YNY
Request Chain 239
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis&us_privacy=1YNY HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LPOT0PQP-U-9UAG&us_privacy=1YNY HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LPOT0PQP-U-9UAG HTTP 302
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LPOT0PQP-U-9UAG&ckls=true&ci=8quKQ5G2VG&nc=false&trid=-312443412
Request Chain 240
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30&us_privacy=1YNY HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=5a4df778-f627-4743-8570-98b1bd159585&expires=30&us_privacy=1YNY
Request Chain 241
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn&us_privacy=1YNY HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LPOT0PQP-U-9UAG&us_privacy=1YNY HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LPOT0PQP-U-9UAG&us_privacy=1YNY&dnr=1
Request Chain 242
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&us_privacy=1YNY HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=LPOT0PQP-U-9UAG&us_privacy=1YNY
Request Chain 243
  • https://token.rubiconproject.com/token?pid=26594&us_privacy=1YNY HTTP 302
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LPOT0PQP-U-9UAG&redir=true&us_privacy=1YNY HTTP 302
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LPOT0PQP-U-9UAG&redir=true&us_privacy=1YNY HTTP 302
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1yY0p0RWY1RTJ1RXJuNW13Q3RYSlBfX3lwTlhqMVg5R35B&ovsid=LPOT0PQP-U-9UAG&us_privacy=1YNY&dpid=58160
Request Chain 244
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694&us_privacy=1YNY HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LPOT0PQP-U-9UAG&us_privacy=1YNY
Request Chain 245
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564&us_privacy=1YNY HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LPOT0PQP-U-9UAG&pId=11&gdpr=&gdpr_consent=&us_privacy=&us_privacy=1YNY HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LPOT0PQP-U-9UAG&pId=11&gdpr=&gdpr_consent=&us_privacy=&us_privacy=1YNY&final=true
Request Chain 246
  • https://pixel.rubiconproject.com/exchange/sync.php?p=seedtag&us_privacy=1YNY HTTP 302
  • https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LPOT0PQP-U-9UAG&us_privacy=1YNY
Request Chain 247
  • https://bttrack.com/pixel/cookiesync?source=c91bfcce-bb43-46f7-b14e-567c0a4332b3&us_privacy=1YNY HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=71772&nid=3664&put=b293706b-673d-4ba4-8fd8-b9d18272d497
Request Chain 248
  • https://sync.srv.stackadapt.com/sync?nid=14&us_privacy=1YNY HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=ZGHPi6SLXD9Csh2xxgNtGmAJ-Ss
Request Chain 249
  • https://c1.adform.net/serving/cookie/match?party=1164&us_privacy=1YNY HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=2679859129782140740
Request Chain 250
  • https://dis.criteo.com/dis/usersync.aspx?r=6&p=70&cp=Rubicon&cu=1&url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D6434%26nid%3D2149%26put%3D%40%40CRITEO_USERID%40%40&us_privacy=1YNY HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=a736b975-dbe4-4d4a-9be8-324f2de4e5e0&us_privacy=1YNY
Request Chain 251
  • https://ad.turn.com/r/cs?pid=6&us_privacy=1YNY HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=9068383233460391601&expires=60&gdpr=&gdpr_consent=
Request Chain 252
  • https://secure.adnxs.com/getuidnb?https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4894%26nid%3D1986%26put%3D$UID%26expires%3D30&us_privacy=1YNY HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4894&nid=1986&put=6848836367408275229&expires=30&us_privacy=1YNY
Request Chain 253
  • https://sync.1rx.io/usersync2/rubicon?us_privacy=1YNY HTTP 302
  • https://sync.1rx.io/usersync2/rubicon?zcc=1&cb=1701566938941&us_privacy=1YNY HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-dec0b61f-6e1a-4358-9cea-225ed68296c4-005?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D186028%26nid%3D4112%26put%3DRX-dec0b61f-6e1a-4358-9cea-225ed68296c4-005%26expires%3D30%26us_privacy%3D1YNY HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=186028&nid=4112&put=RX-dec0b61f-6e1a-4358-9cea-225ed68296c4-005&expires=30&us_privacy=1YNY
Request Chain 254
  • https://id.rlcdn.com/709414.gif?us_privacy=1YNY HTTP 307
  • https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
Request Chain 255
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-triple13&us_privacy=1YNY HTTP 302
  • https://s2s.t13.io/setuid?bidder=rubicon&uid=LPOT0PQP-U-9UAG&us_privacy=1YNY
Request Chain 256
  • https://pixel.rubiconproject.com/exchange/sync.php?p=rise_engage&us_privacy=1YNY HTTP 302
  • https://cs.yellowblue.io/cs?aid=11590&id=LPOT0PQP-U-9UAG&us_privacy=1YNY
Request Chain 257
  • https://pixel.rubiconproject.com/exchange/sync.php?p=minute_media&us_privacy=1YNY HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21479&id=LPOT0PQP-U-9UAG&us_privacy=1YNY
Request Chain 258
  • https://pixel.rubiconproject.com/exchange/sync.php?p=adyoulike&us_privacy=1YNY HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LPOT0PQP-U-9UAG&name=RUBICON&us_privacy=1YNY
Request Chain 260
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=0aefc4a5-4b50-4aeb-845b-55f3253f3643&dongle=0cfd&gdpr=0&gdpr_consent=
Request Chain 261
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTUyMjI5OTU0OTQwMDM3ODIwMTg5NA%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 262
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEEkc4rtkt_QLgBDbCXQu-ng&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 263
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTUyMjI5OTU0OTQwMDM3ODIwMTg5NA%3D%3D
Request Chain 265
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/1522299549400378201894?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-_oIO1klE2oRnHx2Jfls9PvPhn5edKfgQaUpB6MU_Ww--~A&dongle=0883
Request Chain 266
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=1522299549400378201894&gdpr=0&gdpr_consent=${GDPR_CONSENT} HTTP 302
  • https://beacon.lynx.cognitivlabs.com/bidSwitch.gif?bidswitch_ssp_id=triplelift&bsw_custom_parameter=a79111c6-27ff-47f3-a668-26bb7e3273b1 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=425&user_group=1&expires=365&user_id=c003aa7a-5d6a-4212-9526-67620fdc6587&ssp=triplelift&bsw_param=a79111c6-27ff-47f3-a668-26bb7e3273b1 HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=a79111c6-27ff-47f3-a668-26bb7e3273b1&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 267
  • https://dis.criteo.com/dis/usersync.aspx?r=44&p=75&cp=triplelift&cu=1&gdpr=0&gdpr_consent=&us_privacy=1YNY&gpp=${GPP_STRING_28}&gpp_sid=&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2711%26xuid%3D%40%40CRITEO_USERID%40%40%26dongle%3D013b HTTP 302
  • https://eb2.3lift.com/xuid?mid=2711&xuid=a736b975-dbe4-4d4a-9be8-324f2de4e5e0&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=1YNY
Request Chain 268
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=6848836367408275229&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 271
  • https://sync.colossusssp.com/pbs.gif?gdpr=&gdpr_consent=&us_privacy=1YNY&redir=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3Dcolossus%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%5BUID%5D HTTP 302
  • https://prebid.production.adthrive.com/setuid?bidder=colossus&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&f=i&uid=16e6afb7-db8b-4b83-ad02-d372fee35d19
Request Chain 273
  • https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&us_privacy=1YNY HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3Fus_privacy%3D1YNY%26partnerId%3D57%26uid%3D&s=197137&us_privacy=1YNY&C=1
Request Chain 274
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776&us_privacy=1YNY HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=12776&us_privacy=1YNY
Request Chain 275
  • https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid=&us_privacy=1YNY HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid=&us_privacy=1YNY HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=39&uid=&us_privacy=1YNY60026f13-f5d0-4c71-9058-89c16c7ce985
Request Chain 276
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&us_privacy=1YNY HTTP 301
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&us_privacy=1YNY HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-knJsIeNE2uHcwcHzh_RjLJ0HimLIdafh~A&us_privacy=1YNY
Request Chain 277
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent=&us_privacy=1YNY HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=46&uid=0aefc4a5-4b50-4aeb-845b-55f3253f3643&ttl=1704158939
Request Chain 278
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776&us_privacy=1YNY HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LPOT0PQP-U-9UAG&us_privacy=1YNY
Request Chain 279
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID&us_privacy=1YNY HTTP 302
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=-1&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=-1&piggybackCookie=uid:2fd65ec0-1b9d-40fe-8f48-be1721570a9c&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 280
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D%7BuserId%7D&us_privacy=1YNY HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=0995b0c7-515f-4d0c-8d64-3489ea5938b1-656bd9da-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D0995b0c7-515f-4d0c-8d64-3489ea5938b1-656bd9da-5553%26partner_url%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D54%2526uid%253D0995b0c7-515f-4d0c-8d64-3489ea5938b1-656bd9da-5553%2526us_privacy%253D1YNY HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=0995b0c7-515f-4d0c-8d64-3489ea5938b1-656bd9da-5553&partner_url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D0995b0c7-515f-4d0c-8d64-3489ea5938b1-656bd9da-5553%26us_privacy%3D1YNY HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=54&uid=0995b0c7-515f-4d0c-8d64-3489ea5938b1-656bd9da-5553&us_privacy=1YNY
Request Chain 281
  • https://ups.analytics.yahoo.com/ups/58545/occ?us_privacy=1YNY HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-FMe37kBE2uHM08_jMnqJk2VGEtnPXDaf5Jwkfo8-~A
Request Chain 282
  • https://usr.undertone.com/userPixel/syncr?gdpr=&gdprstr=&partnerId=null&r=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3Dundertone%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UIDENC HTTP 302
  • https://prebid.production.adthrive.com/setuid?bidder=undertone&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&f=b&uid=2ssbmxy2m5doqb7ooe8p8ovwc
Request Chain 286
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZWvZ20srsfvbC5CJReY1awAA%263477&gpdr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid= HTTP 303
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0&us_privacy=1YNY HTTP 302
  • https://i.liadm.com/s/35759?bidder_id=44489&bidder_uuid=0aefc4a5-4b50-4aeb-845b-55f3253f3643 HTTP 303
  • https://i6.liadm.com/s/35759?bidder_id=44489&bidder_uuid=0aefc4a5-4b50-4aeb-845b-55f3253f3643
Request Chain 287
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&us_privacy=1YNY HTTP 302
  • https://cm.g.doubleclick.net/pixel?us_privacy=1YNY&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZWvZ20srsfvbC5CJReY1awAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMMh7wNj48sp3j8MJTcKaVQ&google_cver=1
Request Chain 288
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZWvZ20srsfvbC5CJReY1awAADZUAAAAB&gdpr_consent=&us_privacy=1YNY&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIqfJoSikGuuwbUBGSSuZOY&google_cver=1
Request Chain 289
  • https://match.deepintent.com/usersync/113?us_privacy=1YNY HTTP 303
  • https://dsum.casalemedia.com/crum?cm_dsp_id=176&external_user_id=di_4319d0045c914814a2239
Request Chain 290
  • https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=9176360673980405968&gdpr=0&gdpr_consent=
Request Chain 291
  • https://cm.ctnsnet.com/int/cm?exc=19&us_privacy=1YNY HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=6af3e138149b4245a806f141129f11ff&expiration=1704158939
Request Chain 292
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=1YNY&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1717378139&external_user_id=f0cad712-5058-42ca-9ad1-7da0447458f7
Request Chain 294
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776&us_privacy=1YNY&us_privacy=1YNY&khaos=LPOT0PQP-U-9UAG HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LPOT0PQP-U-9UAG&us_privacy=1YNY
Request Chain 297
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID&us_privacy=1YNY HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D7B075CE7-101E-4A79-8D4A-D4FF4B2C5B19&us_privacy=1YNY HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=7B075CE7-101E-4A79-8D4A-D4FF4B2C5B19
Request Chain 298
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D%7BuserId%7D&us_privacy=1YNY HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=54&uid=0995b0c7-515f-4d0c-8d64-3489ea5938b1-656bd9da-5553&us_privacy=1YNY
Request Chain 300
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776&us_privacy=1YNY HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=12776&us_privacy=1YNY
Request Chain 301
  • https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid=&us_privacy=1YNY HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=39&uid=&us_privacy=1YNY60026f13-f5d0-4c71-9058-89c16c7ce985
Request Chain 302
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&us_privacy=1YNY HTTP 301
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&us_privacy=1YNY HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-knJsIeNE2uHcwcHzh_RjLJ0HimLIdafh~A&us_privacy=1YNY
Request Chain 303
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent=&us_privacy=1YNY HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=46&uid=0aefc4a5-4b50-4aeb-845b-55f3253f3643&ttl=1704158939
Request Chain 304
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776&us_privacy=1YNY HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LPOT0PQP-U-9UAG&us_privacy=1YNY
Request Chain 305
  • https://ups.analytics.yahoo.com/ups/58545/occ?us_privacy=1YNY HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-FMe37kBE2uHM08_jMnqJk2VGEtnPXDaf5Jwkfo8-~A
Request Chain 308
  • https://dpm.demdex.net/ibs:dpid=152416&dpuuid=2ssbmxy2m5doqb7ooe8p8ovwc HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=152416&dpuuid=2ssbmxy2m5doqb7ooe8p8ovwc
Request Chain 310
  • https://idsync.rlcdn.com/403716.gif?partner_uid=2ssbmxy2m5doqb7ooe8p8ovwc HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=8378ff29b40db3fd5bd5cbd267b402b8934c19b52d610ffbd8f6a67c4081e57c791426b5417dce21&_=2 HTTP 307
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=8378ff29b40db3fd5bd5cbd267b402b8934c19b52d610ffbd8f6a67c4081e57c791426b5417dce21&rand=04346099
Request Chain 312
  • https://match.adsrvr.org/track/cmf/casale?us_privacy=1YNY HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=0aefc4a5-4b50-4aeb-845b-55f3253f3643&expiration=1704158939&gdpr=0&gdpr_consent=
Request Chain 313
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&us_privacy=1YNY HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6848836367408275229&us_privacy=1YNY
Request Chain 315
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZWvZ20srsfvbC5CJReY1awAADZUAAAAB&gdpr_consent=&us_privacy=1YNY&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZWvZ20srsfvbC5CJReY1awAADZUAAAAB
Request Chain 316
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=1YNY&user_id=ZWvZ20srsfvbC5CJReY1awAA%263477 HTTP 302
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=1YNY&user_id=ZWvZ20srsfvbC5CJReY1awAA%263477&tc=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=1P2nshhnHbH_p4eIB0uu_UmhYnlSCyNEmwxbS2kogLU&pi=index&gpdr=&gdpr_consent=&us_privacy=1YNY&user_id=ZWvZ20srsfvbC5CJReY1awAA%263477&tc=1
Request Chain 317
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&us_privacy=1YNY HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=wQAas5MMSLDaDR-1wVcBtcdXFOHaVhS3wwNzvRhb
Request Chain 319
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&us_privacy=1YNY HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZWvZ2gAEFI0d-gBU&us_privacy=1YNY
Request Chain 325
  • https://match.prod.bidr.io/cookie-sync/ie?us_privacy=1YNY HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AABG-07K17QAABaoX3xKGQ&expiration=1702776540&us_privacy=1YNY
Request Chain 326
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&us_privacy=1YNY HTTP 302
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=6c515800b71c1504&is_secure=true&networkId=19998&version=1&us_privacy=1YNY HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAHd2LSLliMWQNdGGrQAAAAAAA&expiration=1701653340&is_secure=true&us_privacy=1YNY
Request Chain 327
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&us_privacy=1YNY HTTP 302
  • https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=0995b0c7-515f-4d0c-8d64-3489ea5938b1-656bd9da-5553&gdpr=0&gdpr_consent=
Request Chain 328
  • https://p.rfihub.com/cm?in=1&pub=2079&us_privacy=1YNY HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1791377154225342206
Request Chain 329
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=1YNY&user_id=ZWvZ20srsfvbC5CJReY1awAA%263477 HTTP 302
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=1YNY&user_id=ZWvZ20srsfvbC5CJReY1awAA%263477&tc=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=Dr8y37TbsxIaHQdwtbFQDbOjUoVStEqYz14KJCXBZIs&pi=index&gpdr=&gdpr_consent=&us_privacy=1YNY&user_id=ZWvZ20srsfvbC5CJReY1awAA%263477&tc=1
Request Chain 330
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&us_privacy=1YNY HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=kabkwUtO1R9Bi25&us_privacy=1YNY
Request Chain 331
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=1YNY&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://b1sync.zemanta.com/usersync/index/?gdpr=&gdpr_consent=&gpp=&gpp_sid=&s=2&us_privacy=1YNY HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=MLpNPKLNYzjB7l-_jlm-&us_privacy=1YNY
Request Chain 334
  • https://ad.360yield.com/server_match?gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Di%26uid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://prebid-server.rubiconproject.com/setuid?bidder=improvedigital&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&account=&f=i&uid=044b2f34-390c-453e-b062-89487d94c2a7
Request Chain 335
  • https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&rurl=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3Dconversant%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D HTTP 302
  • https://prebid-match.dotomi.com/match/bounce/current?DotomiTest=5c81724dd90a1504&is_secure=true&version=1&networkId=72582&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&rurl=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3Dconversant%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D HTTP 302
  • https://prebid.production.adthrive.com/setuid?bidder=conversant&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&f=i&uid=AAAF0Jzzk-9EkwN2yyO6AAAAAAA&expiration=1701653340
Request Chain 336
  • https://sync.resetdigital.co/csync?pid=rubicon&puid={Publisher%20UID}&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dresetdigital%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Di%26uid%3D%24USER_ID HTTP 302
  • https://prebid-server.rubiconproject.com/setuid?bidder=resetdigital&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&account=&f=i&uid=0000012016C3AC42
Request Chain 339
  • https://sync.1rx.io/usersync2/rmphb?gdpr=&gdpr_consent=&us_privacy=1YNY&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Di%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-dec0b61f-6e1a-4358-9cea-225ed68296c4-005?redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Di%26uid%3DRX-dec0b61f-6e1a-4358-9cea-225ed68296c4-005 HTTP 302
  • https://prebid-server.rubiconproject.com/setuid?bidder=unruly&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&account=&f=i&uid=RX-dec0b61f-6e1a-4358-9cea-225ed68296c4-005
Request Chain 340
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=6848836367408275229
Request Chain 341
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_79a0f9f2-0294-4ebf-ad95-660dab14ef74&gdpr=&gdpr_consent=&us_privacy=1YNY HTTP 302
  • https://t.pswec.com/bsw_sync?ssp=gumgum2&bsw_user_id=a79111c6-27ff-47f3-a668-26bb7e3273b1 HTTP 302
  • https://t.pswec.com/ul_cb/bsw_sync?ssp=gumgum2&bsw_user_id=a79111c6-27ff-47f3-a668-26bb7e3273b1 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=2&user_id=9154554c-294c-4872-9072-ca4b9da4e8de&expires=3&user_group=1&ssp=gumgum2 HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=a79111c6-27ff-47f3-a668-26bb7e3273b1&gdpr=&gdpr_consent=&us_privacy=
Request Chain 342
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=1YNY&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=dc52ac44-dd6a-4844-9da6-86eb5380c891
Request Chain 343
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-6461cf8b-a48b-5c3f-42b2-1db1c6036d1a$ip$96.9.249.43
Request Chain 344
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-bjPvwlNE2pfJVAzHFqE3cKpE8Wa2GdP56bAx~A
Request Chain 345
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=1YNY&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=5a4df778-f627-4743-8570-98b1bd159585
Request Chain 346
  • https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D HTTP 303
  • https://usersync.gumgum.com/usersync?b=dit&i=di_4319d0045c914814a2239
Request Chain 347
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_79a0f9f2-0294-4ebf-ad95-660dab14ef74&gdpr=&gdpr_consent=&us_privacy=1YNY&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&i=MLpNPKLNYzjB7l-_jlm-&us_privacy=1YNY
Request Chain 348
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=rQ7zwlXgUEfr&ev=1&pid=558355
Request Chain 349
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=9176360673980405968
Request Chain 351
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=adf&i=2679859129782140740&gdpr=&gdpr_consent=
Request Chain 354
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=0aefc4a5-4b50-4aeb-845b-55f3253f3643
Request Chain 355
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZWvZ3cCo5r8AAAivavUAAAAA
Request Chain 356
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=Dr8y37TbsxIaHQdwtbFQDbOjUoVStEqYz14KJCXBZIs&pi=gumgum
Request Chain 357
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 362
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZWvZ2gAEFI0d-gBU
Request Chain 365
  • https://match.adsrvr.org/track/cmf/openx?oxid=2b6f0834-f57f-7012-fadd-96069bd0c9d7&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=0aefc4a5-4b50-4aeb-845b-55f3253f3643&ttd_puid=2b6f0834-f57f-7012-fadd-96069bd0c9d7&gdpr=0&gdpr_consent=
Request Chain 367
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEC1NH7GBdLkXJhEEbMO9KsM&google_cver=1
Request Chain 368
  • https://ums.acuityplatform.com/tum?umid=6 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=859701337046
Request Chain 370
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=O8xLYkpJBimhq3WZ3dlrZQ
Request Chain 371
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=2840997971 HTTP 302
  • https://sync.1rx.io/usersync/turn/9068383233460391601?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-dec0b61f-6e1a-4358-9cea-225ed68296c4-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-dec0b61f-6e1a-4358-9cea-225ed68296c4-005 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-dec0b61f-6e1a-4358-9cea-225ed68296c4-005
Request Chain 372
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:ddea656b-d9dd-4800-9980-4e927edf5255&gdpr=0&gdpr_consent=
Request Chain 375
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7548533411454851215&uid=Q7548533411454851215&ref=%2Fepm HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7548533411454851215
Request Chain 376
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A0094357F4164D11BAF4FA6E045A129E&gdpr=0&gdpr_consent=
Request Chain 378
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=7B075CE7-101E-4A79-8D4A-D4FF4B2C5B19&gdpr=0&gdpr_consent= HTTP 302
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=7B075CE7-101E-4A79-8D4A-D4FF4B2C5B19&vxii_pid=12&vxii_pid1=10067&vxii_rcid=ef85dd46-efde-4162-a095-93b643d0ab2b
Request Chain 382
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dadf%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Di%26uid%3D%24UID HTTP 303
  • https://prebid-server.rubiconproject.com/setuid?bidder=adf&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&account=&f=i&uid=2679859129782140740
Request Chain 384
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LPOT0PQP-U-9UAG HTTP 302
  • https://usersync.gumgum.com/usersync?b=mag&i=LPOT0PQP-U-9UAG
Request Chain 385
  • https://ad.360yield.com/server_match?gdpr=&gdpr_consent=&us_privacy=1YNY&r=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://prebid.production.adthrive.com/setuid?bidder=improvedigital&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&f=i&uid=044b2f34-390c-453e-b062-89487d94c2a7
Request Chain 388
  • https://sync.srv.stackadapt.com/sync?nid=13&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2319&xuid=0-6461cf8b-a48b-5c3f-42b2-1db1c6036d1a$ip$96.9.249.43&dongle=4430
Request Chain 389
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://eb2.3lift.com/xuid?mid=3702&xuid=${ADELPHIC_CUID}&dongle=d54f&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3702&xuid=5a4df778-f627-4743-8570-98b1bd159585&dongle=d54f&gdpr=0&gdpr_consent=
Request Chain 393
  • https://match.prod.bidr.io/cookie-sync/trl?gdpr=0&gdpr_consent= HTTP 303
  • https://eb2.3lift.com/xuid?mid=7255&xuid=AABG-07K17QAABaoX3xKGQ&dongle=bzwx&gdpr=0
Request Chain 394
  • https://triplelift-match.dotomi.com/match/bounce/current?networkId=74572&version=1&gdpr=0&gdpr_consent= HTTP 302
  • https://triplelift-match.dotomi.com/match/bounce/current?DotomiTest=20d063d3dbaf1393&is_secure=true&networkId=74572&version=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=6732&dongle=38F&xuid=AAAG9Ep3bJapdAMztp06AAAAAAA&expiration=1701653342&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 395
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=83&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3646&xuid=0995b0c7-515f-4d0c-8d64-3489ea5938b1-656bd9da-5553&dongle=1fa5&gdpr=0&gdpr_consent=
Request Chain 400
  • https://sync.1rx.io/usersync2/rmphb?gdpr=&gdpr_consent=&us_privacy=1YNY&redir=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-dec0b61f-6e1a-4358-9cea-225ed68296c4-005?redir=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3DRX-dec0b61f-6e1a-4358-9cea-225ed68296c4-005 HTTP 302
  • https://prebid.production.adthrive.com/setuid?bidder=unruly&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&f=i&uid=RX-dec0b61f-6e1a-4358-9cea-225ed68296c4-005
Request Chain 402
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=6848836367408275229
Request Chain 403
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_79a0f9f2-0294-4ebf-ad95-660dab14ef74&gdpr=&gdpr_consent=&us_privacy=1YNY HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=a79111c6-27ff-47f3-a668-26bb7e3273b1&gdpr=&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=a79111c6-27ff-47f3-a668-26bb7e3273b1&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=95a21161-9091-4ea2-a91f-5373e9abfa67&ssp=gumgum2&expires=30&user_group=5&bsw_param=a79111c6-27ff-47f3-a668-26bb7e3273b1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=a79111c6-27ff-47f3-a668-26bb7e3273b1&gdpr=&gdpr_consent=&us_privacy=
Request Chain 404
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=1YNY&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=dc52ac44-dd6a-4844-9da6-86eb5380c891
Request Chain 405
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-6461cf8b-a48b-5c3f-42b2-1db1c6036d1a$ip$96.9.249.43
Request Chain 406
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-bjPvwlNE2pfJVAzHFqE3cKpE8Wa2GdP56bAx~A
Request Chain 407
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=1YNY&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=5a4df778-f627-4743-8570-98b1bd159585
Request Chain 408
  • https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D HTTP 303
  • https://usersync.gumgum.com/usersync?b=dit&i=di_4319d0045c914814a2239
Request Chain 409
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_79a0f9f2-0294-4ebf-ad95-660dab14ef74&gdpr=&gdpr_consent=&us_privacy=1YNY&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&i=MLpNPKLNYzjB7l-_jlm-&us_privacy=1YNY
Request Chain 410
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=rQ7zwlXgUEfr&ev=1&pid=558355
Request Chain 411
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=9176360673980405968
Request Chain 413
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=adf&i=2679859129782140740&gdpr=&gdpr_consent=
Request Chain 416
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=0aefc4a5-4b50-4aeb-845b-55f3253f3643
Request Chain 417
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZWvZ3cCo5r8AAAivavUAAAAA
Request Chain 418
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=Dr8y37TbsxIaHQdwtbFQDbOjUoVStEqYz14KJCXBZIs&pi=gumgum
Request Chain 419
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 424
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=0995b0c7-515f-4d0c-8d64-3489ea5938b1-656bd9da-5553&gdpr=0&gdpr_consent=
Request Chain 427
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D%7BOPENX_ID%7D HTTP 302
  • https://id.rlcdn.com/464246.gif?partner_uid=7ea97752-3838-4672-a5a4-16f5a24ba80f HTTP 307
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=7ea97752-3838-4672-a5a4-16f5a24ba80f
Request Chain 428
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=6848836367408275229
Request Chain 429
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=9068383233460391601&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 433
  • https://idsync.rlcdn.com/712188.gif?partner_uid=7B075CE7-101E-4A79-8D4A-D4FF4B2C5B19&gdpr=0&gdpr_consent= HTTP 307
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=7ea97752-3838-4672-a5a4-16f5a24ba80f
Request Chain 436
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Di%26uid%3D%24%7BBSW_UUID%7D HTTP 302
  • https://prebid-server.rubiconproject.com/setuid?bidder=grid&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&account=&f=i&uid=a79111c6-27ff-47f3-a668-26bb7e3273b1
Request Chain 439
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=1&uid=ddea656b-d9dd-4800-9980-4e927edf5255&gdpr=1&gdpr_consent=
Request Chain 441
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=6848836367408275229
Request Chain 442
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=1&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=3&uid=43cb382ec217df99ce0b333c47d85&gdpr_consent=&gdpr=1
Request Chain 445
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjC1LETzJtMs0b5UZqSb2zFf3g5bO_4pFnw
Request Chain 447
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=D2SWTRzssrGdy2TGo7Q-QiWUEuW0a8r_eX0hqQhY0nM
Request Chain 449
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEAIb5ZlaOmdS6Oyc4Zd0PUM&google_cver=1
Request Chain 450
  • https://bh.contextweb.com/bh/rtset?pid=562985&ev=1&us_privacy=1YNY&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D149%26gdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%24%7BGDPR_STRING%7D%26uid%3D%25%25VGUID%25%25 HTTP 302
  • https://onetag-sys.com/match/?int_id=149&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=rQ7zwlXgUEfr&ev=1&us_privacy=1YNY&pid=562985
Request Chain 451
  • https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdpr_consent%3D%26uid%3D HTTP 302
  • https://prebid-match.dotomi.com/match/bounce/current?DotomiTest=2c6604cc2a4f14a8&is_secure=true&version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdpr_consent%3D%26uid%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAAHVrN4QL-r_gNWnCwRAAAAAAA&expiration=1701653343
Request Chain 453
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=29&uid=0aefc4a5-4b50-4aeb-845b-55f3253f3643&gdpr=0&gdpr_consent=

455 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
gfieldmoney.com/ 		286 KB
287 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.166.232.115 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.0 /
Resource Hash
a0abdf398515524a4edce2e644028fe7f415b8003ea17c653b71a1fdf0cb2956

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
content-length
293267
content-type
text/html; charset=UTF-8
date
Sun, 03 Dec 2023 01:28:50 GMT
last-modified
Sat, 02 Dec 2023 18:56:14 GMT
server
nginx/1.17.0
ads.min.js
ads.adthrive.com/sites/5e0fcd6517a8be5a76a36c71/ 		93 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.adthrive.com/sites/5e0fcd6517a8be5a76a36c71/ads.min.js?referrer=https%3A%2F%2Fgfieldmoney.com%2F&cb=50
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.93.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-93-18.jfk50.r.cloudfront.net
Software
CloudFront /
Resource Hash
f7d8120e08073cd5d7cbff08487c72d7ee1d49f8cef905a8b7bfbda65b63360d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

adthrive-bucket
flex-132
date
Sun, 03 Dec 2023 00:28:53 GMT
content-encoding
gzip
via
1.1 d9904d2a7eb0a13ec208dbdb43366b78.cloudfront.net (CloudFront)
adthrive-deployment
2023-12-01-5:ade-1165:pr4090:36761d1
x-amz-cf-pop
JFK50-P8
age
3598
adthrive-commit
36761d1
x-cache
Hit from cloudfront
content-length
26514
adthrive-gdpr
false
pragma
no-cache
server
CloudFront
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-store, must-revalidate, s-maxage=28800
x-amz-cf-id
kV6b8lj-JUET_2VrU9WZiTxCXlpGCKCaOz_Ynp-OlYdjnyYxKaDbMw==
expires
0
style.min.css
gfieldmoney.com/wp/wp-includes/css/dist/block-library/ 		102 KB
102 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gfieldmoney.com/wp/wp-includes/css/dist/block-library/style.min.css?ver=6.3.1
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.166.232.115 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.0 /
Resource Hash
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:51 GMT
last-modified
Sat, 02 Dec 2023 18:56:27 GMT
server
nginx/1.17.0
accept-ranges
bytes
content-length
104484
content-type
text/css; charset=utf-8
styles.css
gfieldmoney.com/app/plugins/contact-form-7/includes/css/ 		3 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gfieldmoney.com/app/plugins/contact-form-7/includes/css/styles.css?ver=5.8
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.166.232.115 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.0 /
Resource Hash
ab21762c3f447aa08cbefd5ea3866165f925bd5058a9ae19e23721462de6fb60

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:51 GMT
last-modified
Sat, 02 Dec 2023 18:56:27 GMT
server
nginx/1.17.0
accept-ranges
bytes
content-length
2859
content-type
text/css; charset=utf-8
comments.css
gfieldmoney.com/app/plugins/wp-discourse/css/ 		3 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gfieldmoney.com/app/plugins/wp-discourse/css/comments.css?ver=1671823930
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.166.232.115 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.0 /
Resource Hash
b2253002327c27269ac628a7e5c0a660c7c9ec037c4efeaac4697d2408d9b3ac

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:51 GMT
last-modified
Sat, 02 Dec 2023 18:56:27 GMT
server
nginx/1.17.0
accept-ranges
bytes
content-length
2836
content-type
text/css; charset=utf-8
jquery.lazyloadxt.spinner.css
gfieldmoney.com/app/plugins/a3-lazy-load/assets/css/ 		311 B
362 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gfieldmoney.com/app/plugins/a3-lazy-load/assets/css/jquery.lazyloadxt.spinner.css?ver=6.3.1
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.166.232.115 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.0 /
Resource Hash
d982c4fff78c63ed84481eb36845e3b9e2753bfe996a3ba45835f75c6af1dc55

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:51 GMT
last-modified
Sat, 02 Dec 2023 18:56:59 GMT
server
nginx/1.17.0
accept-ranges
bytes
content-length
311
content-type
text/css; charset=utf-8
a3_lazy_load.min.css
gfieldmoney.com/app/uploads/sass/ 		130 B
158 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gfieldmoney.com/app/uploads/sass/a3_lazy_load.min.css?ver=1561556818
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.166.232.115 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.0 /
Resource Hash
2e1ffb8e59b678f4e1666b92fb500a9b3517edcd5dd8ccc19fad362c514d2558

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:51 GMT
last-modified
Sat, 02 Dec 2023 18:56:59 GMT
server
nginx/1.17.0
accept-ranges
bytes
content-length
130
content-type
text/css; charset=utf-8
main.dd52339edb0f439ecb10.css
gfieldmoney.com/app/themes/packhacker/dist/ 		312 KB
313 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gfieldmoney.com/app/themes/packhacker/dist/main.dd52339edb0f439ecb10.css?ver=6.3.1
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.166.232.115 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.0 /
Resource Hash
3bf3b38a977d2ffec49384e7d5ebd60bc638fd3624d7560492e69164776d06d0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:51 GMT
last-modified
Sat, 02 Dec 2023 18:56:27 GMT
server
nginx/1.17.0
accept-ranges
bytes
content-length
319995
content-type
text/css; charset=utf-8
rid
match.adsrvr.org/track/ 		109 B
565 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=iowij76&fmt=json
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
1842a0507de9a5ca45e31582b12600e3cba6f74e4e687ab6def3428f5e7a7381

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:52 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://gfieldmoney.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Tue, 02 Jan 2024 01:28:52 GMT
marmalade
ads.adthrive.com/api/v1/ 		5 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.adthrive.com/api/v1/marmalade?siteid=5e0fcd6517a8be5a76a36c71&url=https%3A%2F%2Fgfieldmoney.com%2F&deliveryFeatures=rubiconFloors,recencyFrequency,ttdSync,reissuingSticky,manualCookieSync,raptiveFloors,switzerlandGdpr
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.93.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-93-18.jfk50.r.cloudfront.net
Software
/
Resource Hash
90d987de294f89e0690bda2a2e3e5f0e7be1abb850e18bca0addbc826bc96386

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:52 GMT
adthrive-is-ios
0
content-encoding
br
via
1.1 e8db4dc8ef769d3c7efb983afe130bca.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P8
x-amzn-requestid
3aabaf57-b750-4014-b0f8-4820f8c9e211
x-amzn-trace-id
Root=1-656bd9d3-44ec18203835a20b3a230149;Sampled=0;lineage=e948d84a:0
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
x-cache
Miss from cloudfront
x-amz-apigw-id
PV75IFOioAMEZtA=
x-amz-cf-id
GxHBXeE4kgFyvx4TnF2hUzIBwsIo6PMVuol9iqAHax5a0gLD0982tA==
adthrive-is-chrome
1
5e0fcd6517a8be5a76a36c71
ads.adthrive.com/api/v2/raptiveFloors/ 		42 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adthrive.com/api/v2/raptiveFloors/5e0fcd6517a8be5a76a36c71
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.93.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-93-18.jfk50.r.cloudfront.net
Software
/
Resource Hash
8705223e241e36385f3bfdd04945d6b9298d12f545fc808b4e1f40bbbe705772

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 22:38:47 GMT
content-encoding
br
via
1.1 e8db4dc8ef769d3c7efb983afe130bca.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P8
age
10204
x-amzn-trace-id
Root=1-656bb1f7-1a1e484b65c911c90e5ccb64;Sampled=0;lineage=e7e36c41:0
x-amzn-requestid
05f42a3f-14ac-46c1-92e4-2ff9d08d41cb
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
PVi-xG0oIAMEdtQ=
x-amz-cf-id
uLDTMzR2d0G2Zsulz7xnIRiFuvZXGdhHJUtwzTcjXlGn4npDeYZP5g==
adthrive.min.js
ads.adthrive.com/builds/core/36761d1/es2018/js/ 		738 KB
189 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.adthrive.com/builds/core/36761d1/es2018/js/adthrive.min.js?deployment=2023-12-01-5:ade-1165:pr4090:36761d1&bucket=flex-132&deliveryFeatures=rubiconFloors,recencyFrequency,ttdSync,reissuingSticky,manualCookieSync,raptiveFloors,switzerlandGdpr&siteid=5e0fcd6517a8be5a76a36c71
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.93.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-93-18.jfk50.r.cloudfront.net
Software
CloudFront /
Resource Hash
14052eedd1c7b13fe7871e1d581221a08b97fd4741da4f4d586e5ef361a7eec8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:00:24 GMT
content-encoding
gzip
via
1.1 d9904d2a7eb0a13ec208dbdb43366b78.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
JFK50-P8
age
1709
etag
"343d00b832d05e94a9a7a6163087eee3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600, s-maxage=86400
content-length
193407
x-amz-cf-id
d5sqTrgtVLPw3L_eqG5iWjJkbDVLYA-2K-8czf2BLE3-hIsjTrm4IA==
mlw2neq.css
use.typekit.net/ 		3 KB
995 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/mlw2neq.css
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:31::1739:5a49 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
a984459c9d158c78d042f7c9d63ee0b8dba30e713bf4826abc92e5c1032fb308
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Sun, 03 Dec 2023 01:28:52 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
772
icon
fonts.googleapis.com/ 		569 B
775 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 03 Dec 2023 01:28:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 03 Dec 2023 01:28:51 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 03 Dec 2023 01:28:51 GMT
ec390fd9-featured-image-full-flatlay.jpg
cdn.packhacker.com/2022/12/ 		132 KB
132 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.packhacker.com/2022/12/ec390fd9-featured-image-full-flatlay.jpg?auto=compress&auto=format&w=960&h=640&fit=crop
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:77::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
cc7c947e943ec594d72e45491457d514f2dffa3b983e2f9633c06819e0968af3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:52 GMT
x-content-type-options
nosniff
age
2825427
x-cache
HIT, HIT
x-imgix-id
e98738bd911dc8fdbd0058213117d9bff823e684
cross-origin-resource-policy
cross-origin
content-length
134715
x-served-by
cache-sjc10061-SJC, cache-iad-kiad7000168-IAD
x-imgix-render-farm
01.140328
last-modified
Tue, 31 Oct 2023 08:38:25 GMT
server
imgix
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
d78f3bdf-vpl-flatlay.jpg
cdn.packhacker.com/2022/06/ 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.packhacker.com/2022/06/d78f3bdf-vpl-flatlay.jpg?auto=compress&auto=format&w=960&h=640&fit=crop
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:77::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
1f74c32f2a49ab581590ed81c6c5724afe8437e229325c1d2a8dcd237391c9ea
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:52 GMT
x-content-type-options
nosniff
age
4535486
x-cache
HIT, HIT
x-imgix-id
ff74335c1dbe29666e98731236ce7aedeff2258d
cross-origin-resource-policy
cross-origin
content-length
65535
x-served-by
cache-sjc10055-SJC, cache-iad-kiad7000168-IAD
x-imgix-render-farm
01.140328
last-modified
Wed, 11 Oct 2023 13:37:26 GMT
server
imgix
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
0e4ea2ea-road-trip-packing-list-hero.jpg
cdn.packhacker.com/2020/06/ 		76 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.packhacker.com/2020/06/0e4ea2ea-road-trip-packing-list-hero.jpg?auto=compress&auto=format&w=960&h=640&fit=crop
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:77::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
0b29606353fb244e82c2e9ec4902ecccd637f2f69799c56da51540686625c1ae
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:52 GMT
x-content-type-options
nosniff
age
416696
x-cache
HIT, HIT
x-imgix-id
91734c68c84217d019719edd214f0b576232ab94
cross-origin-resource-policy
cross-origin
content-length
78128
x-served-by
cache-sjc10070-SJC, cache-iad-kiad7000168-IAD
x-imgix-render-farm
01.140328
last-modified
Tue, 28 Nov 2023 05:43:56 GMT
server
imgix
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
80571196-budget-packing-list-flat-lay.jpg
cdn.packhacker.com/2019/10/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.packhacker.com/2019/10/80571196-budget-packing-list-flat-lay.jpg?auto=compress&auto=format&w=960&h=640&fit=crop
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:77::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
3b8ab5406536ac023f704b8fdd4316f7c5b7104b83b34b724361bf8692c2c743
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:52 GMT
x-content-type-options
nosniff
age
3323470
x-cache
HIT, HIT
x-imgix-id
03017dcefbd4d53206918079cd149fd351cced77
cross-origin-resource-policy
cross-origin
content-length
40836
x-served-by
cache-sjc10060-SJC, cache-iad-kiad7000168-IAD
x-imgix-render-farm
01.140328
last-modified
Wed, 25 Oct 2023 14:17:42 GMT
server
imgix
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
c67b7153-mens-full-flatlay.jpg
cdn.packhacker.com/2019/04/ 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.packhacker.com/2019/04/c67b7153-mens-full-flatlay.jpg?auto=compress&auto=format&w=960&h=640&fit=crop
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:77::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
339dd3086cfe4ffc0358d0d832347fd9ec01054488b73a2a4df616be36f0014c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:52 GMT
x-content-type-options
nosniff
age
511398
x-cache
HIT, HIT
x-imgix-id
02443124616d155a5b5d5b5beffea1b6ac54cdc4
cross-origin-resource-policy
cross-origin
content-length
54185
x-served-by
cache-sjc1000141-SJC, cache-iad-kiad7000168-IAD
x-imgix-render-farm
02.139816
last-modified
Mon, 27 Nov 2023 03:25:34 GMT
server
Google Frontend
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
8cb697c6-digital-nomad-packing-full-flatlay.jpg
cdn.packhacker.com/2019/02/ 		135 KB
136 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.packhacker.com/2019/02/8cb697c6-digital-nomad-packing-full-flatlay.jpg?auto=compress&auto=format&w=960&h=640&fit=crop
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:77::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
d835410c384a05bfa3cb92b9f74fe382b76f31703044f375b8bed30de88992e1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:53 GMT
x-content-type-options
nosniff
age
1092774
x-cache
HIT, HIT
x-imgix-id
875e2ab70cc9c1b9159d71ee4745bce507c1241d
cross-origin-resource-policy
cross-origin
content-length
138667
x-served-by
cache-sjc10050-SJC, cache-iad-kiad7000168-IAD
x-imgix-render-farm
01.140328
last-modified
Mon, 20 Nov 2023 09:55:59 GMT
server
imgix
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
0f00f9d4-ultimate-gg-featured-img.jpg
cdn.packhacker.com/2021/11/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.packhacker.com/2021/11/0f00f9d4-ultimate-gg-featured-img.jpg?auto=compress&auto=format&w=960&h=640&fit=crop
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:77::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
5e6ca13ceda5479ffbda1f78b1bcda372a0d413ce24b79a2c23d7bf66ac3009d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:53 GMT
x-content-type-options
nosniff
age
1602309
x-cache
HIT, HIT
x-imgix-id
2c51cc9569303d010ef9471d05d481336e3ca06a
cross-origin-resource-policy
cross-origin
content-length
34254
x-served-by
cache-sjc1000110-SJC, cache-iad-kiad7000168-IAD
x-imgix-render-farm
01.140328
last-modified
Tue, 14 Nov 2023 12:23:44 GMT
server
imgix
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
f5f5e2d0-laptop-bag-featured.jpg
cdn.packhacker.com/2020/10/ 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.packhacker.com/2020/10/f5f5e2d0-laptop-bag-featured.jpg?auto=compress&auto=format&w=960&h=640&fit=crop
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:77::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
a4295350a4935371ad61f5e8f1df9b6f11a450a807a81899c17801c4286eb97b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:53 GMT
x-content-type-options
nosniff
age
295235
x-cache
HIT, HIT
x-imgix-id
013b5eccac6db861a9cec09972f84c65f362d452
cross-origin-resource-policy
cross-origin
content-length
87187
x-served-by
cache-sjc10032-SJC, cache-iad-kiad7000168-IAD
x-imgix-render-farm
01.140328
last-modified
Wed, 29 Nov 2023 15:28:18 GMT
server
imgix
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
254896f0-mark-map-road-trip-guide.jpg
cdn.packhacker.com/2020/06/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.packhacker.com/2020/06/254896f0-mark-map-road-trip-guide.jpg?auto=compress&auto=format&w=960&h=640&fit=crop
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:77::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
b94b0fb93616ea56cb6da3c87827548ce814a831af746e0005209c39b01573c1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:53 GMT
x-content-type-options
nosniff
age
1510190
x-cache
HIT, HIT
x-imgix-id
c090d18b9fbd7e5257d82ad067a5693f9fdabd76
cross-origin-resource-policy
cross-origin
content-length
49989
x-served-by
cache-sjc1000086-SJC, cache-iad-kiad7000168-IAD
x-imgix-render-farm
02.139816
last-modified
Wed, 15 Nov 2023 13:59:03 GMT
server
Google Frontend
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
83b63587-lots-of-duffles-1.jpg
cdn.packhacker.com/2020/02/ 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.packhacker.com/2020/02/83b63587-lots-of-duffles-1.jpg?auto=compress&auto=format&w=960&h=640&fit=crop
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:77::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
fb8fc6a45ab247213f074e996cd38f828e38dc5d0a384c539ff735fac9b4518c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:53 GMT
x-content-type-options
nosniff
age
308419
x-cache
HIT, HIT
x-imgix-id
a9d9d6ffbbcebe809127aae93872a48036e861e0
cross-origin-resource-policy
cross-origin
content-length
64834
x-served-by
cache-sjc10064-SJC, cache-iad-kiad7000168-IAD
x-imgix-render-farm
01.140328
last-modified
Wed, 29 Nov 2023 11:48:34 GMT
server
imgix
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
991e97b1-heimplanet-transit-line-sling-pocket-in-porto-portugal-2.jpg
cdn.packhacker.com/2019/08/ 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.packhacker.com/2019/08/991e97b1-heimplanet-transit-line-sling-pocket-in-porto-portugal-2.jpg?auto=compress&auto=format&w=960&h=640&fit=crop
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:77::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
e6a96b1bade013d577a8419c9dd753020bdd767ddaa0ca89a2e1cc76d71e7188
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:53 GMT
x-content-type-options
nosniff
age
377101
x-cache
HIT, HIT
x-imgix-id
18305230443ad3b21345793e334d4d43cc1a9b7b
cross-origin-resource-policy
cross-origin
content-length
58398
x-served-by
cache-sjc1000086-SJC, cache-iad-kiad7000168-IAD
x-imgix-render-farm
01.140328
last-modified
Tue, 28 Nov 2023 16:43:52 GMT
server
imgix
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
b409bce8-daypack-guide-feature-image-update-1.jpg
cdn.packhacker.com/2019/07/ 		86 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.packhacker.com/2019/07/b409bce8-daypack-guide-feature-image-update-1.jpg?auto=compress&auto=format&w=960&h=640&fit=crop
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:77::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
fa592c7512c8e364baa6ec65814146b6880a53123f5a8b391f961de550f5b998
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:53 GMT
x-content-type-options
nosniff
age
301717
x-cache
HIT, HIT
x-imgix-id
47691553aa9612f191ae748cccd2cc3357ef255b
cross-origin-resource-policy
cross-origin
content-length
88172
x-served-by
cache-sjc10036-SJC, cache-iad-kiad7000168-IAD
x-imgix-render-farm
01.140328
last-modified
Wed, 29 Nov 2023 13:40:15 GMT
server
imgix
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
0d2c68cc-dsptch-daypack.jpg
cdn.packhacker.com/2023/08/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.packhacker.com/2023/08/0d2c68cc-dsptch-daypack.jpg?auto=compress&auto=format&w=960&h=640&fit=crop
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:77::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
753b938771bed4d11b18a3ed6c58db2189606fe1d5e1fd621e3d66b2dc5a2cb3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:53 GMT
x-content-type-options
nosniff
age
128607
x-cache
HIT, HIT
x-imgix-id
620f5f805832554737b3592247d5ef32f77e42d2
cross-origin-resource-policy
cross-origin
content-length
7310
x-served-by
cache-sjc1000127-SJC, cache-iad-kiad7000168-IAD
x-imgix-render-farm
01.140328
last-modified
Fri, 01 Dec 2023 13:45:26 GMT
server
imgix
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
14cc8ddc-goruck-dopp-kit.jpg
cdn.packhacker.com/2023/07/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.packhacker.com/2023/07/14cc8ddc-goruck-dopp-kit.jpg?auto=compress&auto=format&w=960&h=640&fit=crop
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:77::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
2914e638135dbee2150c7ead79a25fa13e24e806d52ca934c8ed283d074a9e20
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:53 GMT
x-content-type-options
nosniff
age
218328
x-cache
HIT, HIT
x-imgix-id
7bc0d2505bbf4d63ea50c3eee005eb475aa6889d
cross-origin-resource-policy
cross-origin
content-length
2822
x-served-by
cache-sjc10040-SJC, cache-iad-kiad7000168-IAD
x-imgix-render-farm
01.140328
last-modified
Thu, 30 Nov 2023 12:50:04 GMT
server
imgix
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
700858dc-mous-25l-backpack.jpg
cdn.packhacker.com/2023/07/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.packhacker.com/2023/07/700858dc-mous-25l-backpack.jpg?auto=compress&auto=format&w=960&h=640&fit=crop
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:77::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
7f709eaa9975c563bf17de80abe4789d0b435a52f0845c0ff360d11848baf2b0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:53 GMT
x-content-type-options
nosniff
age
1410042
x-cache
HIT, HIT
x-imgix-id
d1843424fab1eb8a5dca58c3a36bf7c7bb00840d
cross-origin-resource-policy
cross-origin
content-length
3755
x-served-by
cache-sjc10070-SJC, cache-iad-kiad7000168-IAD
x-imgix-render-farm
01.140328
last-modified
Thu, 16 Nov 2023 17:48:10 GMT
server
imgix
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
19ffd670-muzen-wild-go-rugged-outdoor-street-portable-bluetooth-speaker.jpg
cdn.packhacker.com/2023/10/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.packhacker.com/2023/10/19ffd670-muzen-wild-go-rugged-outdoor-street-portable-bluetooth-speaker.jpg?auto=compress&auto=format&w=960&h=640&fit=crop
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:77::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
c221e39840392daf89590520827940d4a09b3f08dd4e994a7153e00a73a916b9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:53 GMT
x-content-type-options
nosniff
age
391466
x-cache
HIT, HIT
x-imgix-id
4ff51444953b6c137d6b63fe95eebe80681e7e35
cross-origin-resource-policy
cross-origin
content-length
7062
x-served-by
cache-sjc1000130-SJC, cache-iad-kiad7000168-IAD
x-imgix-render-farm
01.140328
last-modified
Tue, 28 Nov 2023 12:44:27 GMT
server
imgix
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
55850669-tom-bihn-sacoche-hero-image.jpg
cdn.packhacker.com/2023/11/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.packhacker.com/2023/11/55850669-tom-bihn-sacoche-hero-image.jpg?auto=compress&auto=format&w=960&h=640&fit=crop
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:77::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
7f816cddc99146940fe92aa9d82c69a47c67c51319e8efff93b42fea5512091b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:53 GMT
x-content-type-options
nosniff
age
473605
x-cache
HIT, HIT
x-imgix-id
d89658a5ff0dd9ad69a79169dcfa0062c830c1fb
cross-origin-resource-policy
cross-origin
content-length
17366
x-served-by
cache-sjc1000138-SJC, cache-iad-kiad7000168-IAD
x-imgix-render-farm
01.140328
last-modified
Mon, 27 Nov 2023 13:55:28 GMT
server
imgix
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
0b49852e-travelon-anti-theft-greenlander-compact-sling.jpg
cdn.packhacker.com/2023/09/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.packhacker.com/2023/09/0b49852e-travelon-anti-theft-greenlander-compact-sling.jpg?auto=compress&auto=format&w=960&h=640&fit=crop
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:77::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
c197fd386477d2a0ecea26b9c94fa575368fa73b331e7e1cb08d0dbb33ad8830
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:53 GMT
x-content-type-options
nosniff
age
737371
x-cache
HIT, HIT
x-imgix-id
4b0f67a1c7467d2b51e43827b445928898bf881f
cross-origin-resource-policy
cross-origin
content-length
5770
x-served-by
cache-sjc10029-SJC, cache-iad-kiad7000168-IAD
x-imgix-render-farm
02.139816
last-modified
Fri, 24 Nov 2023 12:39:21 GMT
server
Google Frontend
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
e4fc4ba1-featured-rei-cb.jpg
cdn.packhacker.com/2023/11/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.packhacker.com/2023/11/e4fc4ba1-featured-rei-cb.jpg?auto=compress&auto=format&w=960&h=640&fit=crop
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:77::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
c1dd05413380ddf6d305ab4ff9f36f401ed589e17e352fc964f87744de6779ae
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:53 GMT
x-content-type-options
nosniff
age
678389
x-cache
HIT, HIT
x-imgix-id
f368787e3211bee66d693487c07ed156b590f5c0
cross-origin-resource-policy
cross-origin
content-length
37581
x-served-by
cache-sjc1000091-SJC, cache-iad-kiad7000168-IAD
x-imgix-render-farm
02.139816
last-modified
Sat, 25 Nov 2023 05:02:24 GMT
server
Google Frontend
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
e47f84b4-featured-blackfriday-2023.jpg
cdn.packhacker.com/2023/11/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.packhacker.com/2023/11/e47f84b4-featured-blackfriday-2023.jpg?auto=compress&auto=format&w=960&h=640&fit=crop
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:77::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
3b2da04aef7427a815d5cf4d8ddbfb3ca332cd335be6944ca090aab209a49cbe
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:53 GMT
x-content-type-options
nosniff
age
764584
x-cache
HIT, HIT
x-imgix-id
7d46c865257d8a69367bcee8b5c53c33b0110d5e
cross-origin-resource-policy
cross-origin
content-length
23736
x-served-by
cache-sjc10080-SJC, cache-iad-kiad7000168-IAD
x-imgix-render-farm
01.140328
last-modified
Fri, 24 Nov 2023 05:05:49 GMT
server
imgix
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
fc201d01-featured-huckberry-bf.jpg
cdn.packhacker.com/2023/11/ 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.packhacker.com/2023/11/fc201d01-featured-huckberry-bf.jpg?auto=compress&auto=format&w=960&h=640&fit=crop
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:77::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
1b2b379bd0b8c4d14181e52527a33b13ae3ba7348ed25e928ba1cef3e2ee2164
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:53 GMT
x-content-type-options
nosniff
age
1082888
x-cache
HIT, HIT
x-imgix-id
3ff7e6d243783f2106a87f9bb69a4cea2482adf7
cross-origin-resource-policy
cross-origin
content-length
60369
x-served-by
cache-sjc1000085-SJC, cache-iad-kiad7000168-IAD
x-imgix-render-farm
01.140328
last-modified
Mon, 20 Nov 2023 12:40:45 GMT
server
imgix
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
452ed3c2-featured-gugo-2023.jpg
cdn.packhacker.com/2023/11/ 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.packhacker.com/2023/11/452ed3c2-featured-gugo-2023.jpg?auto=compress&auto=format&w=960&h=640&fit=crop
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:77::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
bcdc141d90a463d4e64b8d8ddcaefabe2e20d29856fbe29ec6a22c9705a2cc70
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:53 GMT
x-content-type-options
nosniff
age
1973175
x-cache
HIT, HIT
x-imgix-id
e224aaf444d5d97010d8875ac410e2c0040af19d
cross-origin-resource-policy
cross-origin
content-length
54342
x-served-by
cache-sjc10031-SJC, cache-iad-kiad7000168-IAD
x-imgix-render-farm
01.140328
last-modified
Fri, 10 Nov 2023 05:22:38 GMT
server
imgix
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
index.js
gfieldmoney.com/app/plugins/contact-form-7/includes/swv/js/ 		11 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gfieldmoney.com/app/plugins/contact-form-7/includes/swv/js/index.js?ver=5.8
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.166.232.115 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.0 /
Resource Hash
5fe46d2da01452067736578431f6c6e8116a24e616f58c72d9d81fdb2c7c9569

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:52 GMT
last-modified
Sat, 02 Dec 2023 18:56:28 GMT
server
nginx/1.17.0
accept-ranges
bytes
content-length
10770
content-type
application/javascript; charset=utf-8
index.js
gfieldmoney.com/app/plugins/contact-form-7/includes/js/ 		13 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gfieldmoney.com/app/plugins/contact-form-7/includes/js/index.js?ver=5.8
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.166.232.115 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.0 /
Resource Hash
1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:52 GMT
last-modified
Sat, 02 Dec 2023 18:56:28 GMT
server
nginx/1.17.0
accept-ranges
bytes
content-length
12943
content-type
application/javascript; charset=utf-8
jquery-3.5.1.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.5.1.min.js?ver=6.3.1
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:53 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
3112246
x-cache
HIT, HIT
content-length
30879
x-served-by
cache-lga13628-LGA, cache-nyc-kteb1890074-NYC
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1701566933.217633,VS0,VE0
etag
W/"28feccc0-15d84"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
19, 139076
jquery.lazyloadxt.extra.min.js
gfieldmoney.com/app/plugins/a3-lazy-load/assets/js/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gfieldmoney.com/app/plugins/a3-lazy-load/assets/js/jquery.lazyloadxt.extra.min.js?ver=2.7.0
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.166.232.115 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.0 /
Resource Hash
2b3c6f1d3cea37b4d8cc609a141b421a88bcaf2f3646965f9f95f4d4a683c949

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:53 GMT
last-modified
Sat, 02 Dec 2023 18:57:01 GMT
server
nginx/1.17.0
accept-ranges
bytes
content-length
3015
content-type
application/javascript; charset=utf-8
jquery.lazyloadxt.srcset.min.js
gfieldmoney.com/app/plugins/a3-lazy-load/assets/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gfieldmoney.com/app/plugins/a3-lazy-load/assets/js/jquery.lazyloadxt.srcset.min.js?ver=2.7.0
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.166.232.115 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.0 /
Resource Hash
21dc21cf1cc77b458d114634e3775e70f229dc0c215b0c8958920e2079cb5a16

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:53 GMT
last-modified
Sat, 02 Dec 2023 18:57:01 GMT
server
nginx/1.17.0
accept-ranges
bytes
content-length
1573
content-type
application/javascript; charset=utf-8
jquery.lazyloadxt.extend.js
gfieldmoney.com/app/plugins/a3-lazy-load/assets/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gfieldmoney.com/app/plugins/a3-lazy-load/assets/js/jquery.lazyloadxt.extend.js?ver=2.7.0
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.166.232.115 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.0 /
Resource Hash
a8a819d7548b9c102d7776cb645212ca1e324ac2de2170598699061e29bc6cbf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:53 GMT
last-modified
Sat, 02 Dec 2023 18:57:01 GMT
server
nginx/1.17.0
accept-ranges
bytes
content-length
1045
content-type
application/javascript; charset=utf-8
main.a49eef3114d1b6e2112f.js
gfieldmoney.com/app/themes/packhacker/dist/ 		114 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gfieldmoney.com/app/themes/packhacker/dist/main.a49eef3114d1b6e2112f.js
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.166.232.115 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.0 /
Resource Hash
8dea0241508d4d6d02f462e78f3bd2691df01b0c83181ba1de16481ccadeeba0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:53 GMT
last-modified
Sat, 02 Dec 2023 18:56:19 GMT
server
nginx/1.17.0
accept-ranges
bytes
content-length
116719
content-type
application/javascript; charset=utf-8
embed.js
js.memberful.com/ 		43 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.memberful.com/embed.js
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:437d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88d82bd41ab6773bfd2f4a32472a0b8a8b854ddb6367ba8a96cde336673baabe
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:53 GMT
content-encoding
gzip
via
1.1 vegur
strict-transport-security
max-age=15552000
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cf-cache-status
HIT
age
7157
content-length
22840
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1701244286&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=g1iQkku8NMcohpS5j8VcQUDI%2FiKE1A79LT7bwtXyuTU%3D
last-modified
Wed, 29 Nov 2023 07:28:55 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1701244286&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=g1iQkku8NMcohpS5j8VcQUDI%2FiKE1A79LT7bwtXyuTU%3D"}]}
content-type
application/javascript
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
82f80914dc614bc9-BUF
p.css
p.typekit.net/ 		5 B
172 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=mlw2neq&ht=tk&f=5022.5178.5310.24355&a=319241&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/mlw2neq.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:31::1739:5a49 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://use.typekit.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:53 GMT
last-modified
Sun, 03 Sep 2023 12:50:41 GMT
server
nginx
etag
"64f48121-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
truncated
/ 		167 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7749d51538cf227c122ba4e71a9884089a78f096abcd633cc76e63575a6b3f26

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		164 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9b2a59b11c090b44ea663de249fd50c1468be68260a23b65f8f8e337c0c13815

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml
frontpage-hero.jpg
gfieldmoney.com/app/themes/packhacker/assets/images/frontpage/ 		226 KB
227 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gfieldmoney.com/app/themes/packhacker/assets/images/frontpage/frontpage-hero.jpg
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.166.232.115 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.0 /
Resource Hash
ccefac879af8244891bd04869b5e4fd8e9719c231c921a1964bb921d6413207a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:53 GMT
last-modified
Sat, 02 Dec 2023 18:56:30 GMT
server
nginx/1.17.0
accept-ranges
bytes
content-length
231758
content-type
image/jpeg
teal-stripes@2x.32b46e433f1a86377977c34c05896062.png
gfieldmoney.com/app/themes/packhacker/dist/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gfieldmoney.com/app/themes/packhacker/dist/teal-stripes@2x.32b46e433f1a86377977c34c05896062.png
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/app/themes/packhacker/dist/main.dd52339edb0f439ecb10.css?ver=6.3.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.166.232.115 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.0 /
Resource Hash
86a31bbb7c4b53e0b0054b65ea808a5e9b65cd89250a2e292e2d2786c8f85f65

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/app/themes/packhacker/dist/main.dd52339edb0f439ecb10.css?ver=6.3.1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:53 GMT
last-modified
Sat, 02 Dec 2023 18:56:30 GMT
server
nginx/1.17.0
accept-ranges
bytes
content-length
2924
content-type
image/png
triangle-overlay@2x.8db18b7fa698146127ebe24d428efeaf.png
gfieldmoney.com/app/themes/packhacker/dist/ 		730 B
759 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gfieldmoney.com/app/themes/packhacker/dist/triangle-overlay@2x.8db18b7fa698146127ebe24d428efeaf.png
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/app/themes/packhacker/dist/main.dd52339edb0f439ecb10.css?ver=6.3.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.166.232.115 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.0 /
Resource Hash
c8655c245111a1a89109bca662ce72b33c4ed618f8cba2ba90899bd370056035

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/app/themes/packhacker/dist/main.dd52339edb0f439ecb10.css?ver=6.3.1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:53 GMT
last-modified
Sat, 02 Dec 2023 18:56:30 GMT
server
nginx/1.17.0
accept-ranges
bytes
content-length
730
content-type
image/png
l
use.typekit.net/af/3058a4/0000000000000000773599a9/30/ 		38 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/3058a4/0000000000000000773599a9/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/mlw2neq.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:31::1739:5a49 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
48a65b54ac1a5135f0684958f16fd517109b2d20784872044727a7e56fc1d8cf

Request headers

Referer
https://use.typekit.net/mlw2neq.css
Origin
https://gfieldmoney.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:53 GMT
server
nginx
etag
"a8ee95f6a0441cd36fd0f7c8e0cb6398f0fcec8a"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
38548
l
use.typekit.net/af/6c50f4/00000000000000007735a544/30/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/6c50f4/00000000000000007735a544/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n6&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/mlw2neq.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:31::1739:5a49 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
0580e9e816da1883ab597af4ed3ea8e25d5325f39a64bc8951c2aa03045ca229

Request headers

Referer
https://use.typekit.net/mlw2neq.css
Origin
https://gfieldmoney.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:53 GMT
server
nginx
etag
"bd36aa533bb1fdd3f69db9026cbb8450c993a3ee"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
18008
l
use.typekit.net/af/ccb3f3/000000000000000077359996/30/ 		39 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/ccb3f3/000000000000000077359996/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i5&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/mlw2neq.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:31::1739:5a49 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
d3854f9aef9bb56a35fc2862f04a164db1fd159f7c8187d9263018e204527408

Request headers

Referer
https://use.typekit.net/mlw2neq.css
Origin
https://gfieldmoney.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:53 GMT
server
nginx
etag
"115128beab300af3f36b409d3b4fcb0ae9306785"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
39752
l
use.typekit.net/af/7ed1f6/0000000000000000773599aa/30/ 		41 KB
41 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/7ed1f6/0000000000000000773599aa/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/mlw2neq.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:31::1739:5a49 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
470e416b7026a5a21fde14111f63b45f166c6ab1b033392a42375a45a72d2efe

Request headers

Referer
https://use.typekit.net/mlw2neq.css
Origin
https://gfieldmoney.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:53 GMT
server
nginx
etag
"741db7fba066404c306d32d5ca0b051e83b295b3"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
42140
abd.js
ads.adthrive.com/abd/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adthrive.com/abd/abd.js
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.93.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-93-18.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
73e8fdebeab4f384cac905005edbc1b1cc6c9fcbd18c111103d5066401abdded

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:54 GMT
x-amz-version-id
os8MwQFHVWjrrk14iP4Ip4gSDo8pMj4I
content-encoding
br
last-modified
Tue, 06 Sep 2022 21:10:57 GMT
server
AmazonS3
via
1.1 e8db4dc8ef769d3c7efb983afe130bca.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P8
etag
W/"1a1900d242621b126237113a25ab0ab3"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
x-cache
Miss from cloudfront
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
WD5234adBYoH7TYYXc9ESND9ehvdX5W2d3YkOrvX-aebU9rILsQfyg==
fbevents.js
connect.facebook.net/en_US/ 		202 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 03 Dec 2023 01:28:53 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54273
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
9Pd1CBboKSTKsiqeFtf90EL9Yxd9nJiFDEAY+CkfwFnm81+Xn7CEJ1yRXTwL9Irm1n6y5/tWOjVn2UxzFtnmFQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
style.min.css
gfieldmoney.com/wp/wp-includes/css/dist/block-library/ 		102 KB
102 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://gfieldmoney.com/wp/wp-includes/css/dist/block-library/style.min.css?ver=6.3.1
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.166.232.115 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.0 /
Resource Hash
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694

Request headers

X-NewRelic-ID
VgUCU15QCRABVFRUAQIPUlEG
Referer
https://gfieldmoney.com/
tracestate
2352831@nr=0-1-2352831-1120222496-7278210eb961ca30----1701566933504
traceparent
00-8b0a4a576d1ab8ac577fc78bb44f5900-7278210eb961ca30-01
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjIzNTI4MzEiLCJhcCI6IjExMjAyMjI0OTYiLCJpZCI6IjcyNzgyMTBlYjk2MWNhMzAiLCJ0ciI6IjhiMGE0YTU3NmQxYWI4YWM1NzdmYzc4YmI0NGY1OTAwIiwidGkiOjE3MDE1NjY5MzM1MDR9fQ==

Response headers

date
Sun, 03 Dec 2023 01:28:53 GMT
last-modified
Sat, 02 Dec 2023 18:56:27 GMT
server
nginx/1.17.0
accept-ranges
bytes
content-length
104484
content-type
text/css; charset=utf-8
styles.css
gfieldmoney.com/app/plugins/contact-form-7/includes/css/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://gfieldmoney.com/app/plugins/contact-form-7/includes/css/styles.css?ver=5.8
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.166.232.115 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.0 /
Resource Hash
ab21762c3f447aa08cbefd5ea3866165f925bd5058a9ae19e23721462de6fb60

Request headers

X-NewRelic-ID
VgUCU15QCRABVFRUAQIPUlEG
Referer
https://gfieldmoney.com/
tracestate
2352831@nr=0-1-2352831-1120222496-0bda7e082474b8d5----1701566933505
traceparent
00-05a7caef9c368682ad50b87b56d1bb00-0bda7e082474b8d5-01
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjIzNTI4MzEiLCJhcCI6IjExMjAyMjI0OTYiLCJpZCI6IjBiZGE3ZTA4MjQ3NGI4ZDUiLCJ0ciI6IjA1YTdjYWVmOWMzNjg2ODJhZDUwYjg3YjU2ZDFiYjAwIiwidGkiOjE3MDE1NjY5MzM1MDV9fQ==

Response headers

date
Sun, 03 Dec 2023 01:28:53 GMT
last-modified
Sat, 02 Dec 2023 18:56:27 GMT
server
nginx/1.17.0
accept-ranges
bytes
content-length
2859
content-type
text/css; charset=utf-8
comments.css
gfieldmoney.com/app/plugins/wp-discourse/css/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://gfieldmoney.com/app/plugins/wp-discourse/css/comments.css?ver=1671823930
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.166.232.115 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.0 /
Resource Hash
b2253002327c27269ac628a7e5c0a660c7c9ec037c4efeaac4697d2408d9b3ac

Request headers

X-NewRelic-ID
VgUCU15QCRABVFRUAQIPUlEG
Referer
https://gfieldmoney.com/
tracestate
2352831@nr=0-1-2352831-1120222496-5c796e6e50cba027----1701566933506
traceparent
00-00a231386bb73b7259f16eeeb5faee00-5c796e6e50cba027-01
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjIzNTI4MzEiLCJhcCI6IjExMjAyMjI0OTYiLCJpZCI6IjVjNzk2ZTZlNTBjYmEwMjciLCJ0ciI6IjAwYTIzMTM4NmJiNzNiNzI1OWYxNmVlZWI1ZmFlZTAwIiwidGkiOjE3MDE1NjY5MzM1MDZ9fQ==

Response headers

date
Sun, 03 Dec 2023 01:28:53 GMT
last-modified
Sat, 02 Dec 2023 18:56:27 GMT
server
nginx/1.17.0
accept-ranges
bytes
content-length
2836
content-type
text/css; charset=utf-8
jquery.lazyloadxt.spinner.css
gfieldmoney.com/app/plugins/a3-lazy-load/assets/css/ 		311 B
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gfieldmoney.com/app/plugins/a3-lazy-load/assets/css/jquery.lazyloadxt.spinner.css?ver=6.3.1
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.166.232.115 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.0 /
Resource Hash
d982c4fff78c63ed84481eb36845e3b9e2753bfe996a3ba45835f75c6af1dc55

Request headers

X-NewRelic-ID
VgUCU15QCRABVFRUAQIPUlEG
Referer
https://gfieldmoney.com/
tracestate
2352831@nr=0-1-2352831-1120222496-224ab7f0150e359f----1701566933507
traceparent
00-6af775fb7619ed8f23b4cc09f4dc6200-224ab7f0150e359f-01
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjIzNTI4MzEiLCJhcCI6IjExMjAyMjI0OTYiLCJpZCI6IjIyNGFiN2YwMTUwZTM1OWYiLCJ0ciI6IjZhZjc3NWZiNzYxOWVkOGYyM2I0Y2MwOWY0ZGM2MjAwIiwidGkiOjE3MDE1NjY5MzM1MDd9fQ==

Response headers

date
Sun, 03 Dec 2023 01:28:53 GMT
last-modified
Sat, 02 Dec 2023 18:56:59 GMT
server
nginx/1.17.0
accept-ranges
bytes
content-length
311
content-type
text/css; charset=utf-8
a3_lazy_load.min.css
gfieldmoney.com/app/uploads/sass/ 		130 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gfieldmoney.com/app/uploads/sass/a3_lazy_load.min.css?ver=1561556818
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.166.232.115 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.0 /
Resource Hash
2e1ffb8e59b678f4e1666b92fb500a9b3517edcd5dd8ccc19fad362c514d2558

Request headers

X-NewRelic-ID
VgUCU15QCRABVFRUAQIPUlEG
Referer
https://gfieldmoney.com/
tracestate
2352831@nr=0-1-2352831-1120222496-bbcbbceda392c106----1701566933508
traceparent
00-4abfb95ddc761913c7c45c31f02ca000-bbcbbceda392c106-01
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjIzNTI4MzEiLCJhcCI6IjExMjAyMjI0OTYiLCJpZCI6ImJiY2JiY2VkYTM5MmMxMDYiLCJ0ciI6IjRhYmZiOTVkZGM3NjE5MTNjN2M0NWMzMWYwMmNhMDAwIiwidGkiOjE3MDE1NjY5MzM1MDh9fQ==

Response headers

date
Sun, 03 Dec 2023 01:28:53 GMT
last-modified
Sat, 02 Dec 2023 18:56:59 GMT
server
nginx/1.17.0
accept-ranges
bytes
content-length
130
content-type
text/css; charset=utf-8
main.dd52339edb0f439ecb10.css
gfieldmoney.com/app/themes/packhacker/dist/ 		312 KB
313 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://gfieldmoney.com/app/themes/packhacker/dist/main.dd52339edb0f439ecb10.css?ver=6.3.1
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.166.232.115 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.0 /
Resource Hash
3bf3b38a977d2ffec49384e7d5ebd60bc638fd3624d7560492e69164776d06d0

Request headers

X-NewRelic-ID
VgUCU15QCRABVFRUAQIPUlEG
Referer
https://gfieldmoney.com/
tracestate
2352831@nr=0-1-2352831-1120222496-768d9c5d952aeadb----1701566933509
traceparent
00-3fa120962395677b0a783202b738f500-768d9c5d952aeadb-01
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjIzNTI4MzEiLCJhcCI6IjExMjAyMjI0OTYiLCJpZCI6Ijc2OGQ5YzVkOTUyYWVhZGIiLCJ0ciI6IjNmYTEyMDk2MjM5NTY3N2IwYTc4MzIwMmI3MzhmNTAwIiwidGkiOjE3MDE1NjY5MzM1MDl9fQ==

Response headers

date
Sun, 03 Dec 2023 01:28:53 GMT
last-modified
Sat, 02 Dec 2023 18:56:27 GMT
server
nginx/1.17.0
accept-ranges
bytes
content-length
319995
content-type
text/css; charset=utf-8
mlw2neq.css
use.typekit.net/ 		3 KB
995 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/mlw2neq.css
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:31::1739:5a49 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
a984459c9d158c78d042f7c9d63ee0b8dba30e713bf4826abc92e5c1032fb308
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Sun, 03 Dec 2023 01:28:53 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
772
icon
fonts.googleapis.com/ 		569 B
775 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 03 Dec 2023 01:28:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 03 Dec 2023 01:28:53 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 03 Dec 2023 01:28:53 GMT
style.min.css
gfieldmoney.com/wp/wp-includes/css/dist/block-library/ 		102 KB
102 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://gfieldmoney.com/wp/wp-includes/css/dist/block-library/style.min.css?ver=6.3.1
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.166.232.115 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.0 /
Resource Hash
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694

Request headers

X-NewRelic-ID
VgUCU15QCRABVFRUAQIPUlEG
Referer
https://gfieldmoney.com/
tracestate
2352831@nr=0-1-2352831-1120222496-22bd2b44b681665e----1701566933518
traceparent
00-09d163a7452735dabf04cc212bc0e500-22bd2b44b681665e-01
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjIzNTI4MzEiLCJhcCI6IjExMjAyMjI0OTYiLCJpZCI6IjIyYmQyYjQ0YjY4MTY2NWUiLCJ0ciI6IjA5ZDE2M2E3NDUyNzM1ZGFiZjA0Y2MyMTJiYzBlNTAwIiwidGkiOjE3MDE1NjY5MzM1MTh9fQ==

Response headers

date
Sun, 03 Dec 2023 01:28:53 GMT
last-modified
Sat, 02 Dec 2023 18:56:27 GMT
server
nginx/1.17.0
accept-ranges
bytes
content-length
104484
content-type
text/css; charset=utf-8
styles.css
gfieldmoney.com/app/plugins/contact-form-7/includes/css/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://gfieldmoney.com/app/plugins/contact-form-7/includes/css/styles.css?ver=5.8
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.166.232.115 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.0 /
Resource Hash
ab21762c3f447aa08cbefd5ea3866165f925bd5058a9ae19e23721462de6fb60

Request headers

X-NewRelic-ID
VgUCU15QCRABVFRUAQIPUlEG
Referer
https://gfieldmoney.com/
tracestate
2352831@nr=0-1-2352831-1120222496-335fc47d012d3d80----1701566933520
traceparent
00-2e14a632b6df6c6decc974a2870c0200-335fc47d012d3d80-01
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjIzNTI4MzEiLCJhcCI6IjExMjAyMjI0OTYiLCJpZCI6IjMzNWZjNDdkMDEyZDNkODAiLCJ0ciI6IjJlMTRhNjMyYjZkZjZjNmRlY2M5NzRhMjg3MGMwMjAwIiwidGkiOjE3MDE1NjY5MzM1MjB9fQ==

Response headers

date
Sun, 03 Dec 2023 01:28:53 GMT
last-modified
Sat, 02 Dec 2023 18:56:27 GMT
server
nginx/1.17.0
accept-ranges
bytes
content-length
2859
content-type
text/css; charset=utf-8
comments.css
gfieldmoney.com/app/plugins/wp-discourse/css/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://gfieldmoney.com/app/plugins/wp-discourse/css/comments.css?ver=1671823930
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.166.232.115 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.0 /
Resource Hash
b2253002327c27269ac628a7e5c0a660c7c9ec037c4efeaac4697d2408d9b3ac

Request headers

X-NewRelic-ID
VgUCU15QCRABVFRUAQIPUlEG
Referer
https://gfieldmoney.com/
tracestate
2352831@nr=0-1-2352831-1120222496-749f676d53497338----1701566933521
traceparent
00-c202238685aeea0f3431ec736f77c200-749f676d53497338-01
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjIzNTI4MzEiLCJhcCI6IjExMjAyMjI0OTYiLCJpZCI6Ijc0OWY2NzZkNTM0OTczMzgiLCJ0ciI6ImMyMDIyMzg2ODVhZWVhMGYzNDMxZWM3MzZmNzdjMjAwIiwidGkiOjE3MDE1NjY5MzM1MjF9fQ==

Response headers

date
Sun, 03 Dec 2023 01:28:53 GMT
last-modified
Sat, 02 Dec 2023 18:56:27 GMT
server
nginx/1.17.0
accept-ranges
bytes
content-length
2836
content-type
text/css; charset=utf-8
jquery.lazyloadxt.spinner.css
gfieldmoney.com/app/plugins/a3-lazy-load/assets/css/ 		311 B
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gfieldmoney.com/app/plugins/a3-lazy-load/assets/css/jquery.lazyloadxt.spinner.css?ver=6.3.1
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.166.232.115 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.0 /
Resource Hash
d982c4fff78c63ed84481eb36845e3b9e2753bfe996a3ba45835f75c6af1dc55

Request headers

X-NewRelic-ID
VgUCU15QCRABVFRUAQIPUlEG
Referer
https://gfieldmoney.com/
tracestate
2352831@nr=0-1-2352831-1120222496-a36be14fd518d1e6----1701566933524
traceparent
00-2b3602b792292ac69a52da067b6c7d00-a36be14fd518d1e6-01
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjIzNTI4MzEiLCJhcCI6IjExMjAyMjI0OTYiLCJpZCI6ImEzNmJlMTRmZDUxOGQxZTYiLCJ0ciI6IjJiMzYwMmI3OTIyOTJhYzY5YTUyZGEwNjdiNmM3ZDAwIiwidGkiOjE3MDE1NjY5MzM1MjR9fQ==

Response headers

date
Sun, 03 Dec 2023 01:28:53 GMT
last-modified
Sat, 02 Dec 2023 18:56:59 GMT
server
nginx/1.17.0
accept-ranges
bytes
content-length
311
content-type
text/css; charset=utf-8
a3_lazy_load.min.css
gfieldmoney.com/app/uploads/sass/ 		130 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gfieldmoney.com/app/uploads/sass/a3_lazy_load.min.css?ver=1561556818
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.166.232.115 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.0 /
Resource Hash
2e1ffb8e59b678f4e1666b92fb500a9b3517edcd5dd8ccc19fad362c514d2558

Request headers

X-NewRelic-ID
VgUCU15QCRABVFRUAQIPUlEG
Referer
https://gfieldmoney.com/
tracestate
2352831@nr=0-1-2352831-1120222496-49a51cd068259272----1701566933526
traceparent
00-0c047917da374344bef388c40d918700-49a51cd068259272-01
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjIzNTI4MzEiLCJhcCI6IjExMjAyMjI0OTYiLCJpZCI6IjQ5YTUxY2QwNjgyNTkyNzIiLCJ0ciI6IjBjMDQ3OTE3ZGEzNzQzNDRiZWYzODhjNDBkOTE4NzAwIiwidGkiOjE3MDE1NjY5MzM1MjZ9fQ==

Response headers

date
Sun, 03 Dec 2023 01:28:53 GMT
last-modified
Sat, 02 Dec 2023 18:56:59 GMT
server
nginx/1.17.0
accept-ranges
bytes
content-length
130
content-type
text/css; charset=utf-8
main.dd52339edb0f439ecb10.css
gfieldmoney.com/app/themes/packhacker/dist/ 		312 KB
313 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://gfieldmoney.com/app/themes/packhacker/dist/main.dd52339edb0f439ecb10.css?ver=6.3.1
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.166.232.115 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.0 /
Resource Hash
3bf3b38a977d2ffec49384e7d5ebd60bc638fd3624d7560492e69164776d06d0

Request headers

X-NewRelic-ID
VgUCU15QCRABVFRUAQIPUlEG
Referer
https://gfieldmoney.com/
tracestate
2352831@nr=0-1-2352831-1120222496-72a9ccd409b51a78----1701566933527
traceparent
00-8336b6be49b1b2944884f94ae79cac00-72a9ccd409b51a78-01
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjIzNTI4MzEiLCJhcCI6IjExMjAyMjI0OTYiLCJpZCI6IjcyYTljY2Q0MDliNTFhNzgiLCJ0ciI6IjgzMzZiNmJlNDliMWIyOTQ0ODg0Zjk0YWU3OWNhYzAwIiwidGkiOjE3MDE1NjY5MzM1Mjd9fQ==

Response headers

date
Sun, 03 Dec 2023 01:28:53 GMT
last-modified
Sat, 02 Dec 2023 18:56:27 GMT
server
nginx/1.17.0
accept-ranges
bytes
content-length
319995
content-type
text/css; charset=utf-8
mlw2neq.css
use.typekit.net/ 		3 KB
995 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/mlw2neq.css
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:31::1739:5a49 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
a984459c9d158c78d042f7c9d63ee0b8dba30e713bf4826abc92e5c1032fb308
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Sun, 03 Dec 2023 01:28:53 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
772
icon
fonts.googleapis.com/ 		569 B
416 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 03 Dec 2023 01:28:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 03 Dec 2023 01:28:53 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 03 Dec 2023 01:28:53 GMT
p.css
p.typekit.net/ 		5 B
172 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=mlw2neq&ht=tk&f=5022.5178.5310.24355&a=319241&app=typekit&e=css
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:31::1739:5a49 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:53 GMT
last-modified
Sun, 03 Sep 2023 12:50:41 GMT
server
nginx
etag
"64f48121-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
849021339931776
connect.facebook.net/signals/config/ 		133 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/849021339931776?v=2.9.138&r=stable&domain=gfieldmoney.com
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
bc64894efbd3ac1933c5b3d8b99f68e7bb2bca8dbcf74ad7c7e309fdc41a5c68
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 03 Dec 2023 01:28:53 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
Y0j+PIKawNK/ouwL8yWO+NMRzM6E0xrsMYVzjgJCL7pgAI4eqa2MNCErbqlvjoH41p2XXfyysXMyv7slOfkrog==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=849021339931776&ev=PageView&dl=https%3A%2F%2Fgfieldmoney.com%2F&rl=&if=false&ts=1701566933825&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1701566933823.871497121&ler=empty&it=1701566933681&coo=false&rqm=GET
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sun, 03 Dec 2023 01:28:54 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
nr-spa-1.248.0.min.js
js-agent.newrelic.com/ 		87 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-spa-1.248.0.min.js
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8e4147148517b1b092a5bf8fb1fb4e78b568bdc40a127ec16732de62ddbb472a
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Referer
https://gfieldmoney.com/
Origin
https://gfieldmoney.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id
WdicPIzDGJD8og5dR8sXZo1iUf3RkEzi
content-encoding
br
via
1.1 varnish
date
Sun, 03 Dec 2023 01:28:54 GMT
strict-transport-security
max-age=300
x-amz-request-id
6MNXC0Y1DTTWMTEC
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
29446
x-amz-id-2
TTk5K+7G5YrYf/okbvXDyPqaG969dOkzE92xdvTkGqMVVqV+9XokqdSbp9Z3BzhwR2x+GhcBJsE=
x-served-by
cache-yyz4569-YYZ
last-modified
Thu, 16 Nov 2023 17:54:54 GMT
server
AmazonS3
x-timer
S1701566934.289449,VS0,VE0
etag
"9aea0ff91a800a354637269e96e31dac"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges
bytes
x-cache-hits
470562
i.html
ads.adthrive.com/builds/core/36761d1/html/ Frame 345F 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.adthrive.com/builds/core/36761d1/html/i.html
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.93.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-93-18.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
50279807da7663e6143156926fd8ca89d7e6dfdc98320ae5a2751dcdb910e7dc

Request headers

Referer
https://gfieldmoney.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
1023
cache-control
max-age=86400
content-encoding
gzip
content-type
text/html
date
Sun, 03 Dec 2023 01:11:52 GMT
etag
W/"63c161ccf2bd2f7a6682bae21c10e5be"
last-modified
Thu, 30 Nov 2023 19:46:34 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 d9904d2a7eb0a13ec208dbdb43366b78.cloudfront.net (CloudFront)
x-amz-cf-id
nsJOZ98vsqqzgJB5PCg2g5W5OrmhlqX4IFWodmQ0AGxj8PUTZpa_UA==
x-amz-cf-pop
JFK50-P8
x-amz-server-side-encryption
AES256
x-amz-version-id
jfcMnjzfccJXGhqnMmzflJo4.YxrIa4r
x-cache
Hit from cloudfront
rnf.html
ads.adthrive.com/builds/core/36761d1/html/ Frame 2904 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.adthrive.com/builds/core/36761d1/html/rnf.html
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.93.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-93-18.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9e4e5bc4fd94e7a563fb8e5e985e9d756db4fcd1dbd5ca50bc79b26daaf1a9fd

Request headers

Referer
https://gfieldmoney.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
850
cache-control
max-age=86400
content-encoding
gzip
content-type
text/html
date
Sun, 03 Dec 2023 01:14:45 GMT
etag
W/"bb10152399c150ba0b254cc74d5f9425"
last-modified
Thu, 30 Nov 2023 19:46:34 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 d9904d2a7eb0a13ec208dbdb43366b78.cloudfront.net (CloudFront)
x-amz-cf-id
dG6JRzRY5aeD-oc37t-LBkSpVRBKqKJxpgTsY557fPSxrzJcqig6Zg==
x-amz-cf-pop
JFK50-P8
x-amz-server-side-encryption
AES256
x-amz-version-id
T2.SdSeN24.UjjW03i022kM27yUiic8.
x-cache
Hit from cloudfront
prebid.min.js
ads.adthrive.com/builds/core/36761d1/vendor/prebid/es2018/ 		602 KB
182 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.adthrive.com/builds/core/36761d1/vendor/prebid/es2018/prebid.min.js
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.93.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-93-18.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ce7bb5da925da322a2712d02df6912d8c8e763e7e0f36ba8207c2e695dd896b4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id
gJvpwfUtS8DX0y0fReqH.0Tr8qrcc_Xr
content-encoding
gzip
via
1.1 d9904d2a7eb0a13ec208dbdb43366b78.cloudfront.net (CloudFront)
date
Sun, 03 Dec 2023 00:30:02 GMT
last-modified
Thu, 30 Nov 2023 19:46:35 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P8
age
3533
x-amz-server-side-encryption
AES256
etag
W/"6f5a4c1983ad20fd88a6fd0c39cc3a87"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
TvkTFhbY-inBKT8N5TckwfzSll_ps6B_7nAnU6bhMYGFbGhhE1gEww==
apstag.js
c.amazon-adsystem.com/aax2/ 		267 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.107.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-107-138.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c484c78d502a9769494d9fe87c9a826618b36fd60b567dee2cfa0f4e9163d79d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:23:16 GMT
content-encoding
gzip
via
1.1 51391527dd8c879c45b44b119905c872.cloudfront.net (CloudFront), 1.1 ed8dbde89917eaa6ca93ba7fad809c48.cloudfront.net (CloudFront)
last-modified
Mon, 13 Nov 2023 20:18:44 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C3, JFK50-P3
age
339
x-amz-server-side-encryption
AES256
etag
W/"08899ab5b5f986f64974630ad47b39a1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
rnt6nbKOAjAybaMKeLPr5bOiiAxpbTTqxRuAyJubTjtl8jw7uVbTKA==
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		91 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
45b39cf52d36ef47e5f10fa867325cab46e27c5c506fda7d23b5aed864cc5a52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29960
x-xss-protection
0
server
cafe
etag
670 / 19694 / m202311150101 / config-hash: 11152387477177976423
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 03 Dec 2023 01:28:54 GMT
event
logger.adthrive.com/ 		21 B
475 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://logger.adthrive.com/event?siteId=5e0fcd6517a8be5a76a36c71&siteName=Pack%20Hacker&bucket=flex-132&branch=36761d1&deployment=2023-12-01-5%3Aade-1165%3Apr4090%3A36761d1&message=MarmaladeBootstrap%3A%3AmarmaladeResponseLoaded&pageurl=https%3A%2F%2Fgfieldmoney.com%2F&body=%5B%5D
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-50.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9a14b700bc2581383cfae352c91f00fc65439392344a2f823a9645e8546a3bde

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 19:26:41 GMT
via
1.1 e5f49cd65618fc548cd417b060a75e76.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P4
age
21734
x-cache
Hit from cloudfront
content-length
21
last-modified
Thu, 12 Nov 2020 16:10:14 GMT
server
AmazonS3
etag
"711ef07ada64abbd94e9099392aa8d74"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
JLfC1xt_uKPTgjyh6BkFLqoybptjI1pk1_MIrit5_RQLXJROm5mZbg==
d9f96d0186
bam.nr-data.net/1/ 		40 B
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/d9f96d0186?a=1056638457&v=1.248.0&to=NgZRbRZUXERYAUZeCQ9MZksNGltZXQdKGRYJEw%3D%3D&rst=4319&ck=0&s=ad7758a63048dc23&ref=https://gfieldmoney.com/&af=err,xhr,stn,ins,spa&ap=316&be=813&fe=3360&dc=2659&at=GkFSG15OT0o%3D&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1701566930044,%22n%22:0,%22f%22:1,%22dn%22:51,%22dne%22:51,%22c%22:51,%22s%22:300,%22ce%22:557,%22rq%22:557,%22rp%22:814,%22rpe%22:2322,%22di%22:3455,%22ds%22:3455,%22de%22:3472,%22dc%22:4170,%22l%22:4170,%22le%22:4173%7D,%22navigation%22:%7B%7D%7D&fp=3317&fcp=3317
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.14 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed59ee4d04819c48c1bb60b3ef6928c621cd5cd86d7103957de3eebba9910b0d

Request headers

Referer
https://gfieldmoney.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

Date
Sun, 03 Dec 2023 01:28:54 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
https://gfieldmoney.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
Connection
keep-alive
CF-Ray
82f8091e3ac14bc0-BUF
Content-Length
40
event
logger.adthrive.com/ 		21 B
475 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://logger.adthrive.com/event?siteId=5e0fcd6517a8be5a76a36c71&siteName=Pack%20Hacker&bucket=flex-132&branch=36761d1&deployment=2023-12-01-5%3Aade-1165%3Apr4090%3A36761d1&message=RecencyAndFrequencyIFrameManager%3A%3ArecencyFrequencyIframeAdded%20Found%201%20data%20elements&pageurl=https%3A%2F%2Fgfieldmoney.com%2F&body=%5B%5D
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-50.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9a14b700bc2581383cfae352c91f00fc65439392344a2f823a9645e8546a3bde

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 19:26:41 GMT
via
1.1 e5f49cd65618fc548cd417b060a75e76.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P4
age
21734
x-cache
Hit from cloudfront
content-length
21
last-modified
Thu, 12 Nov 2020 16:10:14 GMT
server
AmazonS3
etag
"711ef07ada64abbd94e9099392aa8d74"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
Mg43ePrghk4SVQMOcs4WVXEsK_Nih7jNInrKVjFu7YhhNPSZ6Pbjzw==
event
logger.adthrive.com/ 		21 B
466 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://logger.adthrive.com/event?siteId=5e0fcd6517a8be5a76a36c71&siteName=Pack%20Hacker&bucket=flex-132&branch=36761d1&deployment=2023-12-01-5%3Aade-1165%3Apr4090%3A36761d1&message=RecencyAndFrequencyIFrameManager%3A%3ArecencyFrequencyDataSet&pageurl=https%3A%2F%2Fgfieldmoney.com%2F&body=%5B%5D
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-50.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9a14b700bc2581383cfae352c91f00fc65439392344a2f823a9645e8546a3bde

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 19:26:41 GMT
via
1.1 e5f49cd65618fc548cd417b060a75e76.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P4
age
21734
x-cache
Hit from cloudfront
content-length
21
last-modified
Thu, 12 Nov 2020 16:10:14 GMT
server
AmazonS3
etag
"711ef07ada64abbd94e9099392aa8d74"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
QOhAzRbVZq7TZu1HkSppxZQMvsIEuKa2GN73SMPgEnBIWeL7KyPSgg==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.107.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-107-138.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:55 GMT
x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 a65e9b4047452e76aa43b68828db2d7e.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P3
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
ywKe_v7h_7_SceY7n_XHTuIYitRIcFOv_je0EpkyIgBsbDiftswN8A==
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/ 		431 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b033f59e4ffeaa6f3e4f2e839c035a14811d5469d3f772eda6056d7d5782c53f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
25
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138149
x-xss-protection
0
server
cafe
etag
11558412289700915514
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Mon, 02 Dec 2024 01:28:29 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		60 B
64 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=gfieldmoney.com
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e1eda20103942d9a2baaaa2a144fc1d82c872bf75eea1daed3a0f508db4425ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:54 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40
x-xss-protection
0
expires
Sun, 03 Dec 2023 01:28:54 GMT
zul2AaSz
cdn.jwplayer.com/v2/playlists/ 		155 KB
15 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.jwplayer.com/v2/playlists/zul2AaSz?max_resolution=1280
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:3a00:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
9c581dbcfb874f92052d4790a8500964e78b950c850ccc22ea4825ae8998fc11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:54 GMT
content-encoding
gzip
via
1.1 3f65d34f6010e326e59d2f311de6e202.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
EWR53-P1
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-robots-tag
noindex, indexifembedded
content-length
14576
x-amz-cf-id
3Zt_MnMBDiKnujv_rynzcTv7XyQT7pLCDX7JNmEmbzSKXShnRdqCdQ==
expires
Sun, 03 Dec 2023 01:31:54
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-219-113.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 05:11:40 GMT
content-encoding
gzip
via
1.1 66ea06c52ae44609b3bf6f6054c081b6.cloudfront.net (CloudFront)
last-modified
Fri, 21 Jul 2023 22:21:17 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P1
age
73034
x-amz-server-side-encryption
AES256
etag
W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
P1y9ic7KgY5OXFOyWFwrgF-soZt4XKZM57hME74tytBMAhYHSx1MEQ==
config.js
cdn.confiant-integrations.net/mOinGM9MTu5v-Lto835XLhlrSPY/gpt_and_prebid/ 		306 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/mOinGM9MTu5v-Lto835XLhlrSPY/gpt_and_prebid/config.js
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:90a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2df4ce40d9a7ffbf31d8e8dacf191836f8ce7553e9819921fb087ac59ecbf516

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:54 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 01 Dec 2023 10:14:48 GMT
server
cloudflare
x-amz-request-id
Q3R31P24SXYDV0DV
age
209
etag
W/"8c843e01ec6b6c270454b178a5cdde69"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=900, stale-while-revalidate=3600
cf-ray
82f8091df87a4bc3-BUF
alt-svc
h3=":443"; ma=86400
x-amz-id-2
+McEHy8I6g2rhY7RzlG4XwnVXVfw3C4GkI+llbAEyVRgDW/BcgD/vocBFMMohVk3PxzapgfAdZ3XW/JMolBctw==
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fgfieldmoney.com%2F&domain=gfieldmoney.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://gfieldmoney.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://gfieldmoney.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sun, 03 Dec 2023 01:28:53 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
263063
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
launchpad-liveramp.js
launchpad-wrapper.privacymanager.io/69e75073-3763-483e-a64c-0d281bfd9225/ 		273 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://launchpad-wrapper.privacymanager.io/69e75073-3763-483e-a64c-0d281bfd9225/launchpad-liveramp.js
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.93.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-93-44.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f13cdbf91c29d4b2370068222179233633d7922313fbe315ff2ed2b0c1fc1e0e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id
OqAxgyZ5SvrtTnWsEK5nr4rey5Kh.3hL
content-encoding
gzip
via
1.1 14b9e21ac67dd643dc9e782cb20c49a2.cloudfront.net (CloudFront)
date
Sat, 02 Dec 2023 06:55:05 GMT
x-amz-cf-pop
JFK50-P8
age
66830
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-disposition
attachment; filename="launchpad-liveramp.js"
last-modified
Mon, 23 Oct 2023 20:37:41 GMT
server
AmazonS3
etag
W/"51e5766ceaa2422d0288fec39e4fde2a"
vary
Accept-Encoding
content-type
text/javascript
x-amz-cf-id
d5auaYnjiDTcK_5uLevqyB7rq1E47PVtKHchABb44dz7gy6S2NGPEA==
fed
ups.analytics.yahoo.com/ups/58404/ 		2 B
203 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ups.analytics.yahoo.com/ups/58404/fed?v=1&1p=0&gdpr=0&gdpr_consent=&us_privacy=&url=https://gfieldmoney.com/&pixelId=58404
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-65-202.compute-1.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://gfieldmoney.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 03 Dec 2023 01:28:54 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
vary
Origin
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin
https://gfieldmoney.com
content-type
application/json
access-control-allow-credentials
true
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fgfieldmoney.com%2F&domain=gfieldmoney.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=mpYAGHwvM2VNNWFMZ3VPSTNpK2ZCdEFkWjNJSzNlZEdOMFQ4M2dVdW5DV2JWWG9ocU5BbmpLQTduTEdpei83bmM3T1BTZDhTT2VJVzBmeTcxOGdWZXlBSU41Y0pSanplMTJVRFJITHk5eWJ0QXpvaDg1M2ZXRnN3WUZyZ3...
351 B
642 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=mpYAGHwvM2VNNWFMZ3VPSTNpK2ZCdEFkWjNJSzNlZEdOMFQ4M2dVdW5DV2JWWG9ocU5BbmpLQTduTEdpei83bmM3T1BTZDhTT2VJVzBmeTcxOGdWZXlBSU41Y0pSanplMTJVRFJITHk5eWJ0QXpvaDg1M2ZXRnN3WUZyZ3hxUi93V3p6RTM1MEFhUW1PYWY4ajQ4R3grUnkwLzBlbXZiTlVVVGtWcjU3R1ZyV0xYVGFjOG14cnd0QjBDVWtXN1VUa2M4cmorTkVVZWRwQU1FdFBaZSttaUFqdzRBZkpwNlYyUmh1dy82SllaaEp3b2s0PXw&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
7201bd93dfc0fadf877f18e9a0a61424ded6fca24012fea37da17574ea915f28
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 01:28:54 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1215466
expires
0

Redirect headers

pragma
no-cache
date
Sun, 03 Dec 2023 01:28:53 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
access-control-allow-origin
https://gfieldmoney.com
location
https://mug.criteo.com/sid?cpp=mpYAGHwvM2VNNWFMZ3VPSTNpK2ZCdEFkWjNJSzNlZEdOMFQ4M2dVdW5DV2JWWG9ocU5BbmpLQTduTEdpei83bmM3T1BTZDhTT2VJVzBmeTcxOGdWZXlBSU41Y0pSanplMTJVRFJITHk5eWJ0QXpvaDg1M2ZXRnN3WUZyZ3hxUi93V3p6RTM1MEFhUW1PYWY4ajQ4R3grUnkwLzBlbXZiTlVVVGtWcjU3R1ZyV0xYVGFjOG14cnd0QjBDVWtXN1VUa2M4cmorTkVVZWRwQU1FdFBaZSttaUFqdzRBZkpwNlYyUmh1dy82SllaaEp3b2s0PXw&cppv=2
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
507260
content-length
0
expires
0
envelope
api.rlcdn.com/api/identity/ 		0
0
rid
match.adsrvr.org/track/ 		108 B
563 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=iowij76&fmt=json
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
145ac358c31cd9d9e18d241dba05113e28e01f1e272e8b33503e6f5dcfce3e17

Request headers

Referer
https://gfieldmoney.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 03 Dec 2023 01:28:54 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://gfieldmoney.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Tue, 02 Jan 2024 01:28:54 GMT
f
fid.agkn.com/ 		130 B
664 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fid.agkn.com/f?apiKey=2215608639&r=https%3A%2F%2Fgfieldmoney.com%2F
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.141.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-141-217.compute-1.amazonaws.com
Software
AAWebServer /
Resource Hash
ce8b06afc4e79c69fcb4ae099a6df783ab1df215331603429ec46a49ef15a825

Request headers

Referer
https://gfieldmoney.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 01:28:54 GMT
server
AAWebServer
vary
Origin
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
application/javascript;charset=iso-8859-1
access-control-allow-origin
https://gfieldmoney.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
130
expires
0
d9core
d9.flashtalking.com/ 		11 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d9.flashtalking.com/d9core
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.205.131.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-205-131-225.compute-1.amazonaws.com
Software
Apache/2.4.52 () OpenSSL/1.0.2k-fips /
Resource Hash
6f1091f7eb05892c4e63946b7b8fd66892a3a720ddb809cff202d0dae2510057

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Sun, 03 Dec 2023 01:28:54 GMT
Server
Apache/2.4.52 () OpenSSL/1.0.2k-fips
ETag
5bc31bf7d4a298e1bef9d35fce222bfc
Access-Control-Allow-Methods
GET,POST,SERVER
P3P
policyref="localhost/w3c/D9_p3p_.xml", CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Access-Control-Allow-Origin
d9.flashtalking.com
Content-Type
application/javascript;charset=utf-8
Cache-Control
private, must-revalidate, proxy-revalidate, max-age=172800
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
10814
envelope
lexicon.33across.com/v1/
Redirect Chain
  • https://lexicon.33across.com/v1/envelope?pid=0013300001i0fyfAAA&gdpr=0&src=pbjs&ver=8.5.0&coppa=0
  • https://lexicon.33across.com/v1/envelope?pid=0013300001i0fyfAAA&gdpr=0&src=pbjs&ver=8.5.0&coppa=0&b=1&g=7OwXLr1AfjRZfIUoH6Yv4y6rH6mkP2hwDOHXJrAM4sg%3D
42 B
138 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0013300001i0fyfAAA&gdpr=0&src=pbjs&ver=8.5.0&coppa=0&b=1&g=7OwXLr1AfjRZfIUoH6Yv4y6rH6mkP2hwDOHXJrAM4sg%3D
Protocol
H2
Server
35.244.193.51 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:54 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://gfieldmoney.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Sun, 03 Dec 2023 01:28:54 GMT
via
1.1 google
referrer-policy
unsafe-url
vary
origin
access-control-allow-origin
https://gfieldmoney.com
location
https://lexicon.33across.com/v1/envelope?pid=0013300001i0fyfAAA&gdpr=0&src=pbjs&ver=8.5.0&coppa=0&b=1&g=7OwXLr1AfjRZfIUoH6Yv4y6rH6mkP2hwDOHXJrAM4sg%3D
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
any
idx.liadm.com/idex/unknown/ 		169 B
577 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://idx.liadm.com/idex/unknown/any?duid=554e01b63a9f--01hgpmnvkgm6k9ygc3h84r3v1h&resolve=nonId&resolve=uid2&resolve=medianet&resolve=bidswitch&resolve=magnite&resolve=index&resolve=pubmatic
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.82.17.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-82-17-205.compute-1.amazonaws.com
Software
/
Resource Hash
660f7df98133bdd8bff9f2146354c7963d4e6364e843d7a8e0d6026a50bcda9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://gfieldmoney.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 03 Dec 2023 01:28:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin
request-time
14
content-type
application/json
access-control-allow-origin
https://gfieldmoney.com
cache-control
max-age=86399, private
access-control-allow-credentials
true
trace-id
cee1659982519d0c
content-length
169
expires
Mon, 04 Dec 2023 01:28:54 GMT
id
id.crwdcntrl.net/ 		75 B
822 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id?c=17297
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.93.99.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-93-99-238.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
531ba9cadf6cd9e6898d52662c92d959dbd9987bb05e993232022f2e9615e0ad

Request headers

Referer
https://gfieldmoney.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 01:28:54 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://gfieldmoney.com
cache-control
no-cache
x-server
10.40.55.247
access-control-allow-credentials
true
content-length
75
expires
0
event
logger.adthrive.com/ 		21 B
466 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://logger.adthrive.com/event?siteId=5e0fcd6517a8be5a76a36c71&siteName=Pack%20Hacker&bucket=flex-132&branch=36761d1&deployment=2023-12-01-5%3Aade-1165%3Apr4090%3A36761d1&message=VideoUtils%3A%3AgetPlacementElement&pageurl=https%3A%2F%2Fgfieldmoney.com%2F&body=%5B%7B%22name%22%3A%22Error%22%2C%22message%22%3A%22ESNF%3A%20.adthrive-playlist-player%20does%20not%20exist%20on%20the%20page%22%2C%22stack%22%3A%22Error%3A%20ESNF%3A%20.adthrive-playlist-player%20does%20not%20exist%20on%20the%20page%5Cn%20%20%20%20at%20fo._getElementSelector%20(https%3A%2F%2Fads.adthrive.com%2Fbuilds%2Fcore%2F36761d1%2Fes2018%2Fjs%2Fadthrive.min.js%3Fdeployment%3D2023-12-01-5%3Aade-1165%3Apr4090%3A36761d1%26bucket%3Dflex-132%26deliveryFeatures%3DrubiconFloors%2CrecencyFrequency%2CttdSync%2CreissuingSticky%2CmanualCookieSync%2CraptiveFloors%2CswitzerlandGdpr%26siteid%3D5e0fcd6517a8be5a76a36c71%3A1119%3A459)%5Cn%20%20%20%20at%20fo._getPlacementElement%20(https%3A%2F%2Fads.adthrive.com%2Fbuilds%2Fcore%2F36761d1%2Fes2018%2Fjs%2Fadthrive.min.js%3Fdeployment%3D2023-12-01-5%3Aade-1165%3Apr4090%3A36761d1%26bucket%3Dflex-132%26deliveryFeatures%3DrubiconFloors%2CrecencyFrequency%2CttdSync%2CreissuingSticky%2CmanualCookieSync%2CraptiveFloors%2CswitzerlandGdpr%26siteid%3D5e0fcd6517a8be5a76a36c71%3A1120%3A203)%5Cn%20%20%20%20at%20https%3A%2F%2Fads.adthrive.com%2Fbuilds%2Fcore%2F36761d1%2Fes2018%2Fjs%2Fadthrive.min.js%3Fdeployment%3D2023-12-01-5%3Aade-1165%3Apr4090%3A36761d1%26bucket%3Dflex-132%26deliveryFeatures%3DrubiconFloors%2CrecencyFrequency%2CttdSync%2CreissuingSticky%2CmanualCookieSync%2CraptiveFloors%2CswitzerlandGdpr%26siteid%3D5e0fcd6517a8be5a76a36c71%3A1118%3A131%5Cn%20%20%20%20at%20Array.map%20(%3Canonymous%3E)%5Cn%20%20%20%20at%20fo._checkPlayerSelectorOnPage%20(https%3A%2F%2Fads.adthrive.com%2Fbuilds%2Fcore%2F36761d1%2Fes2018%2Fjs%2Fadthrive.min.js%3Fdeployment%3D2023-12-01-5%3Aade-1165%3Apr4090%3A36761d1%26bucket%3Dflex-132%26deliveryFeatures%3DrubiconFloors%2CrecencyFrequency%2CttdSync%2CreissuingSticky%2CmanualCookieSync%2CraptiveFloors%2CswitzerlandGdpr%26siteid%3D5e0fcd6517a8be5a76a36c71%3A1118%3A94)%5Cn%20%20%20%20at%20fo._determineAutoplayPlayers%20(https%3A%2F%2Fads.adthrive.com%2Fbuilds%2Fcore%2F36761d1%2Fes2018%2Fjs%2Fadthrive.min.js%3Fdeployment%3D2023-12-01-5%3Aade-1165%3Apr4090%3A36761d1%26bucket%3Dflex-132%26deliveryFeatures%3DrubiconFloors%2CrecencyFrequency%2CttdSync%2CreissuingSticky%2CmanualCookieSync%2CraptiveFloors%2CswitzerlandGdpr%26siteid%3D5e0fcd6517a8be5a76a36c71%3A1124%3A6)%5Cn%20%20%20%20at%20fo._initializePlayers%20(https%3A%2F%2Fads.adthrive.com%2Fbuilds%2Fcore%2F36761d1%2Fes2018%2Fjs%2Fadthrive.min.js%3Fdeployment%3D2023-12-01-5%3Aade-1165%3Apr4090%3A36761d1%26bucket%3Dflex-132%26deliveryFeatures%3DrubiconFloors%2CrecencyFrequency%2CttdSync%2CreissuingSticky%2CmanualCookieSync%2CraptiveFloors%2CswitzerlandGdpr%26siteid%3D5e0fcd6517a8be5a76a36c71%3A1136%3A460)%5Cn%20%20%20%20at%20fo.init%20(https%3A%2F%2Fads.adthrive.com%2Fbuilds%2Fcore%2F36761d1%2Fes2018%2Fjs%2Fadthrive.min.js%3Fdeployment%3D2023-12-01-5%3Aade-1165%3Apr4090%3A36761d1%26bucket%3Dflex-132%26deliveryFeatures%3DrubiconFloors%2CrecencyFrequency%2CttdSync%2CreissuingSticky%2CmanualCookieSync%2CraptiveFloors%2CswitzerlandGdpr%26siteid%3D5e0fcd6517a8be5a76a36c71%3A1135%3A247)%5Cn%20%20%20%20at%20fo.%3Canonymous%3E%20(https%3A%2F%2Fads.adthrive.com%2Fbuilds%2Fcore%2F36761d1%2Fes2018%2Fjs%2Fadthrive.min.js%3Fdeployment%3D2023-12-01-5%3Aade-1165%3Apr4090%3A36761d1%26bucket%3Dflex-132%26deliveryFeatures%3DrubiconFloors%2CrecencyFrequency%2CttdSync%2CreissuingSticky%2CmanualCookieSync%2CraptiveFloors%2CswitzerlandGdpr%26siteid%3D5e0fcd6517a8be5a76a36c71%3A88%3A423)%5Cn%20%20%20%20at%20https%3A%2F%2Fads.adthrive.com%2Fbuilds%2Fcore%2F36761d1%2Fes2018%2Fjs%2Fadthrive.min.js%3Fdeployment%3D2023-12-01-5%3Aade-1165%3Apr4090%3A36761d1%26bucket%3Dflex-132%26deliveryFeatures%3DrubiconFloors%2CrecencyFrequency%2CttdSync%2CreissuingSticky%2CmanualCookieSync%2CraptiveFloors%2CswitzerlandGdpr%26siteid%3D5e0fcd6517a8be5a76a36c71%3A1282%3A322%22%7D%2C%7B%22abgroup%22%3A%7B%22amzn%22%3A%22on%22%2C%22wvtls%22%3A%22off%4075%22%2C%22mto%22%3A%221.5%4025%22%2C%22flrml1%22%3A%22fbrap%4088%22%2C%22fto%22%3A%223%4025%22%2C%22allbho%22%3A%5B%22off%400%22%5D%2C%22loglev%22%3A%22off%4099%22%2C%22hbho%22%3A%5B%22conversant%4010%22%2C%22resetdigital%4090%22%2C%22sharethrough%4075%22%5D%2C%22optd%22%3A%22off%40100%22%2C%22idho%22%3A%5B%22id5Id%22%2C%22FTrackId%22%2C%22merkleId%22%5D%2C%22pbs2s%22%3A%5B%2233across%40100%22%2C%22conversant%40100%22%2C%22grid%4099%22%2C%22improve_ss%40100%22%2C%22pubm_ss%40100%22%2C%22resetdigital%40100%22%2C%22under_ss%40100%22%2C%22unruly%40100%22%2C%22yieldmo%40100%22%2C%22adform%40100%22%5D%2C%22adt2%22%3A%22500%4085%22%2C%22s2sparam%22%3A%22on%4099%22%2C%22multirefauc%22%3A%22off%4010%22%2C%22coldr%22%3A%22both%40100%22%2C%22krgodr%22%3A%22client%4095%22%2C%22opnxdr%22%3A%22both%4098%22%2C%22magnitedr%22%3A%22both%4098%22%2C%22tripleliftdr%22%3A%22both%4098%22%2C%22yahoodr1%22%3A%22both%4098%22%2C%22ito_ds%22%3A%222800%4050%22%2C%223pho%22%3A%22none%4095%22%2C%22vbho%22%3A%5B%22resetdigital%4090%22%2C%2233across%40100%22%5D%2C%22optv%22%3A%22off%40100%22%2C%22cbt%22%3A%224s%4075%22%2C%22vasttoisv%22%3A%2218s%4020%22%2C%22vasttoosv%22%3A%225s%4060%22%2C%22proto%22%3A%22allr%4015%22%2C%22pbm%22%3A%22on%22%2C%22addur%22%3A%22off%4097%22%2C%22adlifecyc%22%3A%22off%4090%22%2C%22reqTo%22%3A%2220%4020%22%2C%22vadv%22%3A%22on%22%2C%22osp%22%3A%222%40100%22%2C%22dofre%22%3A%22off%4099%22%2C%22soblp%22%3A%22off%4095%22%2C%22csp%22%3A%22on%40100%22%2C%22vmaxdur%22%3A%2230%4098%22%2C%22jwpv%22%3A%228.30.0%4099%22%2C%22smhd100%22%3A%22off%22%2C%22conmax99%22%3A%22off%22%2C%22dcsll_ss2%22%3A%22off%4030%22%2C%22intcfg%22%3A%22on%40100%22%2C%22ainv2%22%3A%221000%40100%22%2C%22scre%22%3A%22on%22%2C%22pbsflr1%22%3A%22off%4095%22%2C%22s2sbuff%22%3A%22100%4025%22%2C%22csync_lim%22%3A%2225%4025%22%2C%22rpbs%22%3A%22on%4010%22%2C%22rmos1%22%3A%22off%4099%22%2C%22socon%22%3A%221.5%4034%22%2C%22rtbf%22%3A%22on%40100%22%2C%22dco%22%3A%22relaxed%40100%22%2C%22dajto%22%3A%22on%40100%22%2C%22jwb%22%3A%22on%4095%22%2C%22fldg%22%3A%22on%4050%22%2C%22vpred_1%22%3A%220.9%4096%22%2C%22crtvmon%22%3A%22off%4090%22%2C%22oxli%22%3A%22off%40100%22%2C%22pba%22%3A%22none%4099%22%2C%22amzn_hold_disp%22%3A%22off%4050%22%2C%22addens%22%3A%22off%4075%22%2C%22bmetrics%22%3A%22on%4099%22%2C%22spa%22%3A%22off%400%22%2C%22fcp%22%3A%22topLeft%40100%22%2C%22confiant1%22%3A%22off%4090%22%2C%22scae%22%3A%22on%22%2C%22essa%22%3A%22on%22%2C%22dssmh%22%3A%221800%4010%22%2C%22dssc%22%3A%2225%4025%22%2C%22rrc%22%3A%22off%22%2C%22refsoflr%22%3A%220%4080%22%2C%22ssff%22%3A%22on%40100%22%2C%22jtte%22%3A%22on%40100%22%2C%22logcls%22%3A%22off%4090%22%2C%22mgncrbn%22%3A%22off%4075%22%2C%22nlsentrckr%22%3A%22off%40100%22%2C%22rebuildslot%22%3A%22on%4095%22%2C%22sre%22%3A%22off%40100%22%2C%22upl%22%3A%22off%4075%22%2C%22datapriv%22%3A%22off%4090%22%2C%22vcsu%22%3A%22on%40100%22%2C%22ssau%22%3A%22off%40100%22%2C%22pale%22%3A%22off%4099%22%2C%22dsle%22%3A%5B%22Continuing%20without%20bids%4099%22%2C%22xhr%20timeout%20after%4099%22%5D%7D%2C%22pubab%22%3A%7B%7D%2C%22sess%22%3A%2201HGPMNVGCGDP9H15J0G670RFM%22%2C%22pvk%22%3A%2201HGPMNVGB7XEA5ZVWYW1QXRRQ%22%2C%22hbho%22%3A%5B%22conversant%22%2C%22resetdigital%22%2C%22sharethrough%22%5D%2C%22vbho%22%3A%5B%22resetdigital%22%2C%2233across%22%5D%2C%22spa%22%3Afalse%2C%22lmdv%22%3A%221.46.0%22%2C%22clsBranch%22%3A%223fe49da%22%2C%22clsBucket%22%3A%22prod%22%7D%5D
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-50.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9a14b700bc2581383cfae352c91f00fc65439392344a2f823a9645e8546a3bde

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 19:26:41 GMT
via
1.1 e5f49cd65618fc548cd417b060a75e76.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P4
age
21734
x-cache
Hit from cloudfront
content-length
21
last-modified
Thu, 12 Nov 2020 16:10:14 GMT
server
AmazonS3
etag
"711ef07ada64abbd94e9099392aa8d74"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
b9URFTh6CNWTh7CNPpzN1_zSlVJ9OZgAaqYI-wE7_gGSo17s-vZN2g==
event
logger.adthrive.com/ 		21 B
466 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://logger.adthrive.com/event?siteId=5e0fcd6517a8be5a76a36c71&siteName=Pack%20Hacker&bucket=flex-132&branch=36761d1&deployment=2023-12-01-5%3Aade-1165%3Apr4090%3A36761d1&message=VideoManagerComponent%3A%3AnoStickyPlaylist&pageurl=https%3A%2F%2Fgfieldmoney.com%2F&body=%5B%7B%22vendor%22%3A%22none%22%2C%22device%22%3A%22desktop%22%2C%22isDesktop%22%3A%22desktop%22%7D%2C%7B%22abgroup%22%3A%7B%22amzn%22%3A%22on%22%2C%22wvtls%22%3A%22off%4075%22%2C%22mto%22%3A%221.5%4025%22%2C%22flrml1%22%3A%22fbrap%4088%22%2C%22fto%22%3A%223%4025%22%2C%22allbho%22%3A%5B%22off%400%22%5D%2C%22loglev%22%3A%22off%4099%22%2C%22hbho%22%3A%5B%22conversant%4010%22%2C%22resetdigital%4090%22%2C%22sharethrough%4075%22%5D%2C%22optd%22%3A%22off%40100%22%2C%22idho%22%3A%5B%22id5Id%22%2C%22FTrackId%22%2C%22merkleId%22%5D%2C%22pbs2s%22%3A%5B%2233across%40100%22%2C%22conversant%40100%22%2C%22grid%4099%22%2C%22improve_ss%40100%22%2C%22pubm_ss%40100%22%2C%22resetdigital%40100%22%2C%22under_ss%40100%22%2C%22unruly%40100%22%2C%22yieldmo%40100%22%2C%22adform%40100%22%5D%2C%22adt2%22%3A%22500%4085%22%2C%22s2sparam%22%3A%22on%4099%22%2C%22multirefauc%22%3A%22off%4010%22%2C%22coldr%22%3A%22both%40100%22%2C%22krgodr%22%3A%22client%4095%22%2C%22opnxdr%22%3A%22both%4098%22%2C%22magnitedr%22%3A%22both%4098%22%2C%22tripleliftdr%22%3A%22both%4098%22%2C%22yahoodr1%22%3A%22both%4098%22%2C%22ito_ds%22%3A%222800%4050%22%2C%223pho%22%3A%22none%4095%22%2C%22vbho%22%3A%5B%22resetdigital%4090%22%2C%2233across%40100%22%5D%2C%22optv%22%3A%22off%40100%22%2C%22cbt%22%3A%224s%4075%22%2C%22vasttoisv%22%3A%2218s%4020%22%2C%22vasttoosv%22%3A%225s%4060%22%2C%22proto%22%3A%22allr%4015%22%2C%22pbm%22%3A%22on%22%2C%22addur%22%3A%22off%4097%22%2C%22adlifecyc%22%3A%22off%4090%22%2C%22reqTo%22%3A%2220%4020%22%2C%22vadv%22%3A%22on%22%2C%22osp%22%3A%222%40100%22%2C%22dofre%22%3A%22off%4099%22%2C%22soblp%22%3A%22off%4095%22%2C%22csp%22%3A%22on%40100%22%2C%22vmaxdur%22%3A%2230%4098%22%2C%22jwpv%22%3A%228.30.0%4099%22%2C%22smhd100%22%3A%22off%22%2C%22conmax99%22%3A%22off%22%2C%22dcsll_ss2%22%3A%22off%4030%22%2C%22intcfg%22%3A%22on%40100%22%2C%22ainv2%22%3A%221000%40100%22%2C%22scre%22%3A%22on%22%2C%22pbsflr1%22%3A%22off%4095%22%2C%22s2sbuff%22%3A%22100%4025%22%2C%22csync_lim%22%3A%2225%4025%22%2C%22rpbs%22%3A%22on%4010%22%2C%22rmos1%22%3A%22off%4099%22%2C%22socon%22%3A%221.5%4034%22%2C%22rtbf%22%3A%22on%40100%22%2C%22dco%22%3A%22relaxed%40100%22%2C%22dajto%22%3A%22on%40100%22%2C%22jwb%22%3A%22on%4095%22%2C%22fldg%22%3A%22on%4050%22%2C%22vpred_1%22%3A%220.9%4096%22%2C%22crtvmon%22%3A%22off%4090%22%2C%22oxli%22%3A%22off%40100%22%2C%22pba%22%3A%22none%4099%22%2C%22amzn_hold_disp%22%3A%22off%4050%22%2C%22addens%22%3A%22off%4075%22%2C%22bmetrics%22%3A%22on%4099%22%2C%22spa%22%3A%22off%400%22%2C%22fcp%22%3A%22topLeft%40100%22%2C%22confiant1%22%3A%22off%4090%22%2C%22scae%22%3A%22on%22%2C%22essa%22%3A%22on%22%2C%22dssmh%22%3A%221800%4010%22%2C%22dssc%22%3A%2225%4025%22%2C%22rrc%22%3A%22off%22%2C%22refsoflr%22%3A%220%4080%22%2C%22ssff%22%3A%22on%40100%22%2C%22jtte%22%3A%22on%40100%22%2C%22logcls%22%3A%22off%4090%22%2C%22mgncrbn%22%3A%22off%4075%22%2C%22nlsentrckr%22%3A%22off%40100%22%2C%22rebuildslot%22%3A%22on%4095%22%2C%22sre%22%3A%22off%40100%22%2C%22upl%22%3A%22off%4075%22%2C%22datapriv%22%3A%22off%4090%22%2C%22vcsu%22%3A%22on%40100%22%2C%22ssau%22%3A%22off%40100%22%2C%22pale%22%3A%22off%4099%22%2C%22dsle%22%3A%5B%22Continuing%20without%20bids%4099%22%2C%22xhr%20timeout%20after%4099%22%5D%7D%2C%22pubab%22%3A%7B%7D%2C%22sess%22%3A%2201HGPMNVGCGDP9H15J0G670RFM%22%2C%22pvk%22%3A%2201HGPMNVGB7XEA5ZVWYW1QXRRQ%22%2C%22hbho%22%3A%5B%22conversant%22%2C%22resetdigital%22%2C%22sharethrough%22%5D%2C%22vbho%22%3A%5B%22resetdigital%22%2C%2233across%22%5D%2C%22spa%22%3Afalse%2C%22lmdv%22%3A%221.46.0%22%2C%22clsBranch%22%3A%223fe49da%22%2C%22clsBucket%22%3A%22prod%22%7D%5D
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-50.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9a14b700bc2581383cfae352c91f00fc65439392344a2f823a9645e8546a3bde

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 19:26:41 GMT
via
1.1 e5f49cd65618fc548cd417b060a75e76.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P4
age
21734
x-cache
Hit from cloudfront
content-length
21
last-modified
Thu, 12 Nov 2020 16:10:14 GMT
server
AmazonS3
etag
"711ef07ada64abbd94e9099392aa8d74"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
MgChm3E1DyWNTzY0Q4PHqM3WLjOGXsQNpv63gPQCOvbtDMEq8ofrjw==
ads.min.css
ads.adthrive.com/sites/5e0fcd6517a8be5a76a36c71/ 		1 KB
755 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ads.adthrive.com/sites/5e0fcd6517a8be5a76a36c71/ads.min.css
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.93.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-93-18.jfk50.r.cloudfront.net
Software
CloudFront /
Resource Hash
176e3e9e46d4e9976af862e271cfcea2ec2db8661100c0c2be6318955bd93306

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 11:18:56 GMT
content-encoding
gzip
via
1.1 d9904d2a7eb0a13ec208dbdb43366b78.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
JFK50-P8
age
50998
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=3600, s-maxage=86400
content-length
452
x-amz-cf-id
GmPv875NQn8lVyCCuKsjekusXVIAriB50cpGa6gvV5EgQ35Srrl1nw==
event
logger.adthrive.com/ 		21 B
465 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://logger.adthrive.com/event?siteId=5e0fcd6517a8be5a76a36c71&siteName=Pack%20Hacker&bucket=flex-132&branch=36761d1&deployment=2023-12-01-5%3Aade-1165%3Apr4090%3A36761d1&message=HealthReporter%3A%3Alog&pageurl=https%3A%2F%2Fgfieldmoney.com%2F&body=%5B%7B%22CLSReporter%22%3A%7B%22details%22%3A%5B%7B%22metric%22%3A%22clsType%22%2C%22value%22%3A%22plugin%22%7D%2C%7B%22metric%22%3A%22clsSlots%22%2C%22value%22%3A0%7D%5D%7D%7D%2C%7B%22abgroup%22%3A%7B%22amzn%22%3A%22on%22%2C%22wvtls%22%3A%22off%4075%22%2C%22mto%22%3A%221.5%4025%22%2C%22flrml1%22%3A%22fbrap%4088%22%2C%22fto%22%3A%223%4025%22%2C%22allbho%22%3A%5B%22off%400%22%5D%2C%22loglev%22%3A%22off%4099%22%2C%22hbho%22%3A%5B%22conversant%4010%22%2C%22resetdigital%4090%22%2C%22sharethrough%4075%22%5D%2C%22optd%22%3A%22off%40100%22%2C%22idho%22%3A%5B%22id5Id%22%2C%22FTrackId%22%2C%22merkleId%22%5D%2C%22pbs2s%22%3A%5B%2233across%40100%22%2C%22conversant%40100%22%2C%22grid%4099%22%2C%22improve_ss%40100%22%2C%22pubm_ss%40100%22%2C%22resetdigital%40100%22%2C%22under_ss%40100%22%2C%22unruly%40100%22%2C%22yieldmo%40100%22%2C%22adform%40100%22%5D%2C%22adt2%22%3A%22500%4085%22%2C%22s2sparam%22%3A%22on%4099%22%2C%22multirefauc%22%3A%22off%4010%22%2C%22coldr%22%3A%22both%40100%22%2C%22krgodr%22%3A%22client%4095%22%2C%22opnxdr%22%3A%22both%4098%22%2C%22magnitedr%22%3A%22both%4098%22%2C%22tripleliftdr%22%3A%22both%4098%22%2C%22yahoodr1%22%3A%22both%4098%22%2C%22ito_ds%22%3A%222800%4050%22%2C%223pho%22%3A%22none%4095%22%2C%22vbho%22%3A%5B%22resetdigital%4090%22%2C%2233across%40100%22%5D%2C%22optv%22%3A%22off%40100%22%2C%22cbt%22%3A%224s%4075%22%2C%22vasttoisv%22%3A%2218s%4020%22%2C%22vasttoosv%22%3A%225s%4060%22%2C%22proto%22%3A%22allr%4015%22%2C%22pbm%22%3A%22on%22%2C%22addur%22%3A%22off%4097%22%2C%22adlifecyc%22%3A%22off%4090%22%2C%22reqTo%22%3A%2220%4020%22%2C%22vadv%22%3A%22on%22%2C%22osp%22%3A%222%40100%22%2C%22dofre%22%3A%22off%4099%22%2C%22soblp%22%3A%22off%4095%22%2C%22csp%22%3A%22on%40100%22%2C%22vmaxdur%22%3A%2230%4098%22%2C%22jwpv%22%3A%228.30.0%4099%22%2C%22smhd100%22%3A%22off%22%2C%22conmax99%22%3A%22off%22%2C%22dcsll_ss2%22%3A%22off%4030%22%2C%22intcfg%22%3A%22on%40100%22%2C%22ainv2%22%3A%221000%40100%22%2C%22scre%22%3A%22on%22%2C%22pbsflr1%22%3A%22off%4095%22%2C%22s2sbuff%22%3A%22100%4025%22%2C%22csync_lim%22%3A%2225%4025%22%2C%22rpbs%22%3A%22on%4010%22%2C%22rmos1%22%3A%22off%4099%22%2C%22socon%22%3A%221.5%4034%22%2C%22rtbf%22%3A%22on%40100%22%2C%22dco%22%3A%22relaxed%40100%22%2C%22dajto%22%3A%22on%40100%22%2C%22jwb%22%3A%22on%4095%22%2C%22fldg%22%3A%22on%4050%22%2C%22vpred_1%22%3A%220.9%4096%22%2C%22crtvmon%22%3A%22off%4090%22%2C%22oxli%22%3A%22off%40100%22%2C%22pba%22%3A%22none%4099%22%2C%22amzn_hold_disp%22%3A%22off%4050%22%2C%22addens%22%3A%22off%4075%22%2C%22bmetrics%22%3A%22on%4099%22%2C%22spa%22%3A%22off%400%22%2C%22fcp%22%3A%22topLeft%40100%22%2C%22confiant1%22%3A%22off%4090%22%2C%22scae%22%3A%22on%22%2C%22essa%22%3A%22on%22%2C%22dssmh%22%3A%221800%4010%22%2C%22dssc%22%3A%2225%4025%22%2C%22rrc%22%3A%22off%22%2C%22refsoflr%22%3A%220%4080%22%2C%22ssff%22%3A%22on%40100%22%2C%22jtte%22%3A%22on%40100%22%2C%22logcls%22%3A%22off%4090%22%2C%22mgncrbn%22%3A%22off%4075%22%2C%22nlsentrckr%22%3A%22off%40100%22%2C%22rebuildslot%22%3A%22on%4095%22%2C%22sre%22%3A%22off%40100%22%2C%22upl%22%3A%22off%4075%22%2C%22datapriv%22%3A%22off%4090%22%2C%22vcsu%22%3A%22on%40100%22%2C%22ssau%22%3A%22off%40100%22%2C%22pale%22%3A%22off%4099%22%2C%22dsle%22%3A%5B%22Continuing%20without%20bids%4099%22%2C%22xhr%20timeout%20after%4099%22%5D%2C%22rmosnv1%22%3A%22off%4099%22%7D%2C%22pubab%22%3A%7B%7D%2C%22sess%22%3A%2201HGPMNVGCGDP9H15J0G670RFM%22%2C%22pvk%22%3A%2201HGPMNVGB7XEA5ZVWYW1QXRRQ%22%2C%22hbho%22%3A%5B%22conversant%22%2C%22resetdigital%22%2C%22sharethrough%22%5D%2C%22vbho%22%3A%5B%22resetdigital%22%2C%2233across%22%5D%2C%22spa%22%3Afalse%2C%22lmdv%22%3A%221.46.0%22%2C%22clsBranch%22%3A%223fe49da%22%2C%22clsBucket%22%3A%22prod%22%7D%5D
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-50.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9a14b700bc2581383cfae352c91f00fc65439392344a2f823a9645e8546a3bde

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 19:26:41 GMT
via
1.1 e5f49cd65618fc548cd417b060a75e76.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P4
age
21734
x-cache
Hit from cloudfront
content-length
21
last-modified
Thu, 12 Nov 2020 16:10:14 GMT
server
AmazonS3
etag
"711ef07ada64abbd94e9099392aa8d74"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
Zw-nTLNzkL6psclnedNL8HqWVVvxUm6oRPFjkFSfR_b9a3r96gP2dg==
token
pixel.rubiconproject.com/ 		0
653 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/token?pid=49096&us_privacy=1YNY
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
2dd9fa24169fa04536d533da131679f8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
4fbba76f-7987-4fa2-9733-c27eb3a2170b
config.aps.amazon-adsystem.com/configs/ 		537 B
804 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/4fbba76f-7987-4fa2-9733-c27eb3a2170b
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.132.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-132-10.jfk52.r.cloudfront.net
Software
CloudFront /
Resource Hash
050a00d3059354f44365e868af5308b56546296cc6033d191d903c1706a12b19

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 00:34:55 GMT
via
1.1 ec677b911dc73d5d7f845b909fe23e68.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
JFK52-P2
age
3239
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
537
x-amz-cf-id
Vsv9SUG8SDD-28vuPJ_xzKs0FiJeUBjt2miqwFb6RKy6Vs3-TzpBAA==
config
c.amazon-adsystem.com/cdn/prod/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fgfieldmoney.com&pubid=4fbba76f-7987-4fa2-9733-c27eb3a2170b
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.107.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-107-138.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
57b3bad1f50d051538d18447c86ff1920934efbad428bdc7707f1415ae64b4c7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:54 GMT
via
1.1 ed8dbde89917eaa6ca93ba7fad809c48.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P3
x-cache
Miss from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://gfieldmoney.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
1520
x-amz-cf-id
uUd26H1VshNn7XBSzZkXhgmIghCOOS4AOfHc36gwUlS5oS5uav1CeQ==
ima.js
cdn-ima.33across.com/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ima.js
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.152.89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5194891d3a8501374db8afe22463ed2a49fa28f22eaa4a1991d2e6e8a15191e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:54 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 30 Oct 2023 20:31:07 GMT
server
cloudflare
age
404839
etag
W/"6540128b-2675"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
82f8091eefe839ea-YYZ
expires
Wed, 06 Dec 2023 01:28:54 GMT
id5-api.js
cdn.id5-sync.com/api/1.0/ 		151 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7571db16348512fc55b35102ce3699733cf0882f4b4fb3e652fa8db700c07fb5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:54 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 28 Nov 2023 11:19:25 GMT
server
cloudflare
x-amz-request-id
5208MN82PY7819AP
age
166
etag
W/"53159e4ae3ffbda2ff6c0204350035be"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
82f8091eed364bc9-BUF
x-amz-id-2
pS2fUXopRmGJPMRuhwQOUMytpIysq6ExAojyIRJHsCJt/KErfUetasQajpTpeYlj/liJIsnitPtpM9Rd6n68Gw==
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=20567959&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1701566934766&ns_c=UTF-8&cs_ucfr=1&c7=https%3A%2F%2Fgfieldmoney.com%2F&c8=Pack%20Hacker%20%7C%20Your%20Guide...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=20567959&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1701566934766&ns_c=UTF-8&cs_ucfr=1&c7=https%3A%2F%2Fgfieldmoney.com%2F&c8=Pack%20Hacker%20%7C%20Your%20Guid...
0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=20567959&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1701566934766&ns_c=UTF-8&cs_ucfr=1&c7=https%3A%2F%2Fgfieldmoney.com%2F&c8=Pack%20Hacker%20%7C%20Your%20Guide%20to%20Smarter%20Travel&c9=
Protocol
H2
Server
18.173.219.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-219-113.jfk52.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:54 GMT
via
1.1 66ea06c52ae44609b3bf6f6054c081b6.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
JFK52-P1
x-amz-cf-id
dS2HJqdnynfkdbaq75F633MREEgX1W5PMzvvV1o6MQbqTEEb_Qf23Q==
x-cache
Miss from cloudfront

Redirect headers

date
Sun, 03 Dec 2023 01:28:54 GMT
via
1.1 66ea06c52ae44609b3bf6f6054c081b6.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
JFK52-P1
x-cache
Miss from cloudfront
location
/b2?c1=2&c2=20567959&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1701566934766&ns_c=UTF-8&cs_ucfr=1&c7=https%3A%2F%2Fgfieldmoney.com%2F&c8=Pack%20Hacker%20%7C%20Your%20Guide%20to%20Smarter%20Travel&c9=
content-length
0
x-amz-cf-id
RIS1C3NmCkT_glvdNEuVy5c6JgkDKwvdy6T4VMwERnsVsC_eFST-iQ==
wrap.js
cdn.confiant-integrations.net/gptprebidnative/202307190925/ 		251 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/gptprebidnative/202307190925/wrap.js
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:90a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e922a199c0736d84f1cb215cb5950484e8cf7c04011a35ccf28fd755aa5e7133

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:54 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 19 Jul 2023 13:26:13 GMT
server
cloudflare
x-amz-request-id
BN2ZVR9H5CPMCJVK
age
826406
etag
W/"6c476793b39193c54a91ff561ef3a8e4"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
82f8091e88844bc3-BUF
alt-svc
h3=":443"; ma=86400
x-amz-id-2
/Cp9AA3V0NG7syN8Q7qD0+wVIiMv2/9IbRkCrGD1Nd8BvE54uIYNEK7wrYQkVJhOLJQ353ffJblzQpRz++YNWTh+OMQUcYPYttvBtQfWFmQ=
launchpad.bundle.js
launchpad.privacymanager.io/latest/ 		126 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://launchpad.privacymanager.io/latest/launchpad.bundle.js
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.116.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-116-85.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
51707ab5853e0c972604927c9eb91a5e7590d2037e33eeb636ab4204495d028c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id
RqxhuEqCNd1s7.WeOk9hr4eUawsbzlx2
content-encoding
gzip
via
1.1 00266a01055b9f1e1ad959f077c1d96a.cloudfront.net (CloudFront)
date
Sun, 03 Dec 2023 00:37:56 GMT
last-modified
Thu, 30 Nov 2023 15:24:46 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
3059
x-amz-server-side-encryption
AES256
etag
W/"2c168941d7d5456860d15b9fc8c8d4e1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
must-revalidate,public,max-age=3600
x-amz-cf-id
ATqpofTAyRiigsgMWgTvtKJrFbvLvYfuVUPwSqeODX6JjsSY-RYtFA==
bid
aax.amazon-adsystem.com/e/dtb/ 		64 B
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fgfieldmoney.com%2F&pid=PZJwrFK3p2mlx&cb=0&ws=1600x1200&v=23.1108.2350&t=2600&slots=%5B%7B%22sd%22%3A%22AdThrive_Footer_1_desktop%22%2C%22s%22%3A%5B%22728x90%22%2C%22320x50%22%2C%22970x90%22%2C%22300x50%22%2C%22320x100%22%2C%22468x60%22%2C%221x1%22%5D%2C%22sn%22%3A%22%2F18190176%2FAdThrive_Footer_1%2F5e0fcd6517a8be5a76a36c71%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A58%7D%5D&pj=%7B%22us_privacy%22%3A%221YNY%22%2C%22adRefresh%22%3A%220%22%7D&sg=%7B%22ortb2%22%3A%7B%22site%22%3A%7B%22content%22%3A%7B%22language%22%3A%22en%22%7D%2C%22cat%22%3A%5B%22IAB20%22%5D%2C%22pagecat%22%3A%5B%22IAB20%22%5D%2C%22privacypolicy%22%3A1%2C%22mobile%22%3A1%2C%22cattax%22%3A1%2C%22ext%22%3A%7B%22data%22%3A%7B%22mcmp%22%3A%5B%5D%2C%22site_code%22%3A%5B%22AFOI_2020%22%2C%22ATZN_2020%22%2C%22EXFP_2020%22%2C%22EXHFCE_2021%22%2C%22GLDM_2021%22%2C%22GLU_2023%22%2C%22HUSA_2023%22%2C%22LBM_LS_2020%22%2C%22MIQWO_2022%22%2C%22MRLOI_22%22%2C%22NSTLE_22%22%2C%22REI_2021%22%2C%22SCPE_2023%22%2C%22TGNAF_21%22%2C%22TRGT_022020%22%2C%22TRVL_2021%22%2C%22TYS_062019%22%2C%22VITFM_21%22%5D%2C%22sens%22%3A%5B%22alc%22%2C%22ast%22%2C%22cbd%22%2C%22dat%22%2C%22gamv%22%2C%22pol%22%2C%22ssr%22%2C%22srh%22%2C%22ske%22%2C%22wtl%22%5D%2C%22site_id%22%3A%5B%225e0fcd6517a8be5a76a36c71%22%5D%2C%22verticals%22%3A%5B%22Travel%22%5D%2C%22pmp_elig%22%3A%5Btrue%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D%7D&schain=1.0%2C1!cafemedia.com%2C5e0fcd6517a8be5a76a36c71%2C1%2C%2C%2C&gpp=DBABzw~1YNY~BVQqAAAAAgA&gpp_sid=%5B6%2C7%5D&pubid=4fbba76f-7987-4fa2-9733-c27eb3a2170b&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&vm=%7B%22ids%22%3A%7B%22pubcommon%22%3A%2227af2596-c78b-4531-9220-fcadc454fe97%22%7D%7D
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.98.157 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-98-157.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:55 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 95708ab75ec6181aa75086df530332d6.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P5
x-amz-rid
W2Y6SC2SBRF1SDG19ETA
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://gfieldmoney.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
64
x-amz-cf-id
eVRN_xk6GBZwT6BfcGWmifFkF-zvHXsT274LlylusT6W-iRcNt8ddw==
error
logger.adthrive.com/ 		21 B
475 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://logger.adthrive.com/error?siteId=5e0fcd6517a8be5a76a36c71&siteName=Pack%20Hacker&bucket=flex-132&branch=36761d1&deployment=2023-12-01-5%3Aade-1165%3Apr4090%3A36761d1&message=PrebidAuctionManager%3A%3A_logAuctionDebug%20auctionDebug&pageurl=https%3A%2F%2Fgfieldmoney.com%2F&body=%5B%7B%22type%22%3A%22ERROR%22%2C%22arguments%22%3A%7B%220%22%3A%22connectId%20module%3A%20UPS%20response%20returned%20an%20invalid%20payload%20%7B%7D%22%7D%7D%2C%7B%22abgroup%22%3A%7B%22amzn%22%3A%22on%22%2C%22wvtls%22%3A%22off%4075%22%2C%22mto%22%3A%221.5%4025%22%2C%22flrml1%22%3A%22fbrap%4088%22%2C%22fto%22%3A%223%4025%22%2C%22allbho%22%3A%5B%22off%400%22%5D%2C%22loglev%22%3A%22off%4099%22%2C%22hbho%22%3A%5B%22conversant%4010%22%2C%22resetdigital%4090%22%2C%22sharethrough%4075%22%5D%2C%22optd%22%3A%22off%40100%22%2C%22idho%22%3A%5B%22id5Id%22%2C%22FTrackId%22%2C%22merkleId%22%5D%2C%22pbs2s%22%3A%5B%2233across%40100%22%2C%22conversant%40100%22%2C%22grid%4099%22%2C%22improve_ss%40100%22%2C%22pubm_ss%40100%22%2C%22resetdigital%40100%22%2C%22under_ss%40100%22%2C%22unruly%40100%22%2C%22yieldmo%40100%22%2C%22adform%40100%22%5D%2C%22adt2%22%3A%22500%4085%22%2C%22s2sparam%22%3A%22on%4099%22%2C%22multirefauc%22%3A%22off%4010%22%2C%22coldr%22%3A%22both%40100%22%2C%22krgodr%22%3A%22client%4095%22%2C%22opnxdr%22%3A%22both%4098%22%2C%22magnitedr%22%3A%22both%4098%22%2C%22tripleliftdr%22%3A%22both%4098%22%2C%22yahoodr1%22%3A%22both%4098%22%2C%22ito_ds%22%3A%222800%4050%22%2C%223pho%22%3A%22none%4095%22%2C%22vbho%22%3A%5B%22resetdigital%4090%22%2C%2233across%40100%22%5D%2C%22optv%22%3A%22off%40100%22%2C%22cbt%22%3A%224s%4075%22%2C%22vasttoisv%22%3A%2218s%4020%22%2C%22vasttoosv%22%3A%225s%4060%22%2C%22proto%22%3A%22allr%4015%22%2C%22pbm%22%3A%22on%22%2C%22addur%22%3A%22off%4097%22%2C%22adlifecyc%22%3A%22off%4090%22%2C%22reqTo%22%3A%2220%4020%22%2C%22vadv%22%3A%22on%22%2C%22osp%22%3A%222%40100%22%2C%22dofre%22%3A%22off%4099%22%2C%22soblp%22%3A%22off%4095%22%2C%22csp%22%3A%22on%40100%22%2C%22vmaxdur%22%3A%2230%4098%22%2C%22jwpv%22%3A%228.30.0%4099%22%2C%22smhd100%22%3A%22off%22%2C%22conmax99%22%3A%22off%22%2C%22dcsll_ss2%22%3A%22off%4030%22%2C%22intcfg%22%3A%22on%40100%22%2C%22ainv2%22%3A%221000%40100%22%2C%22scre%22%3A%22on%22%2C%22pbsflr1%22%3A%22off%4095%22%2C%22s2sbuff%22%3A%22100%4025%22%2C%22csync_lim%22%3A%2225%4025%22%2C%22rpbs%22%3A%22on%4010%22%2C%22rmos1%22%3A%22off%4099%22%2C%22socon%22%3A%221.5%4034%22%2C%22rtbf%22%3A%22on%40100%22%2C%22dco%22%3A%22relaxed%40100%22%2C%22dajto%22%3A%22on%40100%22%2C%22jwb%22%3A%22on%4095%22%2C%22fldg%22%3A%22on%4050%22%2C%22vpred_1%22%3A%220.9%4096%22%2C%22crtvmon%22%3A%22off%4090%22%2C%22oxli%22%3A%22off%40100%22%2C%22pba%22%3A%22none%4099%22%2C%22amzn_hold_disp%22%3A%22off%4050%22%2C%22addens%22%3A%22off%4075%22%2C%22bmetrics%22%3A%22on%4099%22%2C%22spa%22%3A%22off%400%22%2C%22fcp%22%3A%22topLeft%40100%22%2C%22confiant1%22%3A%22off%4090%22%2C%22scae%22%3A%22on%22%2C%22essa%22%3A%22on%22%2C%22dssmh%22%3A%221800%4010%22%2C%22dssc%22%3A%2225%4025%22%2C%22rrc%22%3A%22off%22%2C%22refsoflr%22%3A%220%4080%22%2C%22ssff%22%3A%22on%40100%22%2C%22jtte%22%3A%22on%40100%22%2C%22logcls%22%3A%22off%4090%22%2C%22mgncrbn%22%3A%22off%4075%22%2C%22nlsentrckr%22%3A%22off%40100%22%2C%22rebuildslot%22%3A%22on%4095%22%2C%22sre%22%3A%22off%40100%22%2C%22upl%22%3A%22off%4075%22%2C%22datapriv%22%3A%22off%4090%22%2C%22vcsu%22%3A%22on%40100%22%2C%22ssau%22%3A%22off%40100%22%2C%22pale%22%3A%22off%4099%22%2C%22dsle%22%3A%5B%22Continuing%20without%20bids%4099%22%2C%22xhr%20timeout%20after%4099%22%5D%2C%22rmosnv1%22%3A%22off%4099%22%7D%2C%22pubab%22%3A%7B%7D%2C%22sess%22%3A%2201HGPMNVGCGDP9H15J0G670RFM%22%2C%22pvk%22%3A%2201HGPMNVGB7XEA5ZVWYW1QXRRQ%22%2C%22hbho%22%3A%5B%22conversant%22%2C%22resetdigital%22%2C%22sharethrough%22%5D%2C%22vbho%22%3A%5B%22resetdigital%22%2C%2233across%22%5D%2C%22spa%22%3Afalse%2C%22lmdv%22%3A%221.46.0%22%2C%22clsBranch%22%3A%223fe49da%22%2C%22clsBucket%22%3A%22prod%22%7D%5D
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-50.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9a14b700bc2581383cfae352c91f00fc65439392344a2f823a9645e8546a3bde

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 20:50:47 GMT
via
1.1 e5f49cd65618fc548cd417b060a75e76.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P4
age
16688
x-cache
Hit from cloudfront
content-length
21
last-modified
Thu, 12 Nov 2020 16:17:57 GMT
server
AmazonS3
etag
"711ef07ada64abbd94e9099392aa8d74"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
RK4UtNgmNFahlKDuupmF15IMYmSUALxyhJf3F_Xp0wHvZ9GdYJDlSQ==
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=mpYAGHwvM2VNNWFMZ3VPSTNpK2ZCdEFkWjNJSzNlZEdOMFQ4M2dVdW5DV2JWWG9ocU5BbmpLQTduTEdpei83bmM3T1BTZDhTT2VJVzBmeTcxOGdWZXlBSU41Y0pSanplMTJVRFJITHk5eWJ0QXpvaDg1M2ZXRnN3WUZyZ3hxUi93V3p6RTM1MEFhUW1PYWY4ajQ4R3grUnkwLzBlbXZiTlVVVGtWcjU3R1ZyV0xYVGFjOG14cnd0QjBDVWtXN1VUa2M4cmorTkVVZWRwQU1FdFBaZSttaUFqdzRBZkpwNlYyUmh1dy82SllaaEp3b2s0PXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sun, 03 Dec 2023 01:28:54 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
160882
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
lgc
d9.flashtalking.com/ 		147 B
754 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d9.flashtalking.com/lgc
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.205.131.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-205-131-225.compute-1.amazonaws.com
Software
Apache/2.4.52 () OpenSSL/1.0.2k-fips /
Resource Hash
38a0d302813f9df65b596a32c5b94c32384f2638ab9f3cf6d41c5b1f00e6d856

Request headers

Referer
https://gfieldmoney.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Sun, 03 Dec 2023 01:28:54 GMT
Server
Apache/2.4.52 () OpenSSL/1.0.2k-fips
Access-Control-Allow-Methods
GET,POST,SERVER
P3P
policyref="localhost/w3c/D9_p3p_.xml", CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Access-Control-Allow-Origin
https://gfieldmoney.com
Content-Type
application/json;charset=ISO-8859-1
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
147
/
geo.privacymanager.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.151.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-151-81.iad66.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://gfieldmoney.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Sun, 03 Dec 2023 01:28:55 GMT
via
1.1 b052b62106bf04b3d8195399a6b77186.cloudfront.net (CloudFront), 1.1 de76d1656e59021109584b73dc63d3aa.cloudfront.net (CloudFront)
x-amz-apigw-id
PV75sEj6DoEEHvg=
x-amz-cf-id
6DbWs6DyiWTEXYHU8OEIW0JP-FuL-PF1Ik1JbPN5jQyt9Al4pYbofQ==
x-amz-cf-pop
IAD61-P2 IAD66-C2
x-amzn-requestid
196655e0-24ef-43a8-b40a-81c86c5d6b2c
x-cache
Miss from cloudfront
/
geo.privacymanager.io/ 		30 B
608 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.151.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-151-81.iad66.r.cloudfront.net
Software
/
Resource Hash
8f8ba42d03a7c5a04626835a48b8212f61a3440e51d66b4b866a8d20acf32f57

Request headers

Accept
application/json
Referer
https://gfieldmoney.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 02 Dec 2023 06:25:29 GMT
via
1.1 02db209838c99b1e3d9f7e6b74ddf272.cloudfront.net (CloudFront), 1.1 de76d1656e59021109584b73dc63d3aa.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD61-P2, IAD66-C2
age
68606
x-amzn-requestid
f3055ba1-258b-4260-9413-613025cf70b4
x-amzn-trace-id
Root=1-656acdd9-53b1a3a018f7f877162b4538;Sampled=0;lineage=06620786:0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
PTUaEGaujoEEJ7w=
content-length
30
x-amz-cf-id
nttMGqeBhU1UpBaI8eVIuVhHFaz4IkZMKyfhq6yhR7OH9udm7xfdOw==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
j
rp4.liadm.com/
Redirect Chain
  • https://rp.liadm.com/j?dtstmp=1701566935193&se=e30&duid=554e01b63a9f--01hgpmnvkgm6k9ygc3h84r3v1h&pu=https%3A%2F%2Fgfieldmoney.com%2F&wpn=prebid
  • https://rp4.liadm.com/j?se=e30&duid=554e01b63a9f--01hgpmnvkgm6k9ygc3h84r3v1h&dtstmp=1701566935193&wpn=prebid&pu=https%3A%2F%2Fgfieldmoney.com%2F&i6=MjYwMjpmZmM4OjI6MTA0OjoxNw%3D%3D
13 B
319 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rp4.liadm.com/j?se=e30&duid=554e01b63a9f--01hgpmnvkgm6k9ygc3h84r3v1h&dtstmp=1701566935193&wpn=prebid&pu=https%3A%2F%2Fgfieldmoney.com%2F&i6=MjYwMjpmZmM4OjI6MTA0OjoxNw%3D%3D
Protocol
H2
Server
3.227.126.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-126-241.compute-1.amazonaws.com
Software
/
Resource Hash
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:55 GMT
x-pixel-event-id
c912a776-e02e-4680-b5df-504682f328dc
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
null
access-control-expose-headers
*
access-control-allow-credentials
true
content-length
13

Redirect headers

location
https://rp4.liadm.com/j?se=e30&duid=554e01b63a9f--01hgpmnvkgm6k9ygc3h84r3v1h&dtstmp=1701566935193&wpn=prebid&pu=https%3A%2F%2Fgfieldmoney.com%2F&i6=MjYwMjpmZmM4OjI6MTA0OjoxNw%3D%3D
access-control-allow-origin
https://gfieldmoney.com
date
Sun, 03 Dec 2023 01:28:55 GMT
access-control-expose-headers
*
access-control-allow-credentials
true
content-length
0
access-control-allow-methods
GET
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-83-94.compute-1.amazonaws.com
Software
ATS/9.1.10.90 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://gfieldmoney.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://gfieldmoney.com
access-control-max-age
600
age
0
content-length
0
date
Sun, 03 Dec 2023 01:28:55 GMT
server
ATS/9.1.10.90
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-83-94.compute-1.amazonaws.com
Software
ATS/9.1.10.90 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://gfieldmoney.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://gfieldmoney.com
access-control-max-age
600
age
0
content-length
0
date
Sun, 03 Dec 2023 01:28:55 GMT
server
ATS/9.1.10.90
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-83-94.compute-1.amazonaws.com
Software
ATS/9.1.10.90 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://gfieldmoney.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://gfieldmoney.com
access-control-max-age
600
age
0
content-length
0
date
Sun, 03 Dec 2023 01:28:55 GMT
server
ATS/9.1.10.90
cafemedia.js
cdn.brandmetrics.com/tag/aa466d868b2742ffa2cc31bb6341dc12/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.brandmetrics.com/tag/aa466d868b2742ffa2cc31bb6341dc12/cafemedia.js
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23b668033de64061af82bd1f71a46d6a84e7abc049e28b4552ff70d9e6d51ff8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:55 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Sun, 03 Dec 2023 01:21:52 GMT
server
cloudflare
age
423
cf-polished
origSize=5446
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BzbA5h2EpGmu58mrVoGeTqEYTMFgyvBagnVBoLLOVfFv70zou088PIQZB8vpyAv5MEz4HQ80US1Exrc7FyDlrhqJN8PjvucDb46FjDnBeegr3LPs0r78PpwJmUqYxx9pomww9Y%2BTQ1827MUBAOXEpI6h"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
82f80921e95f4bc3-BUF
request-context
appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937
cookie_sync
prebid.production.adthrive.com/ 		6 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.production.adthrive.com/cookie_sync
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.237.208.214 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-237-208-214.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
02ffb5efcd9e35e2e986cda75f56becd488167ee3596f133d04ebfb8d4639428

Request headers

Referer
https://gfieldmoney.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 01:28:55 GMT
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://gfieldmoney.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
1048
expires
0
auction
prebid.production.adthrive.com/openrtb2/ 		208 B
421 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.production.adthrive.com/openrtb2/auction
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.237.208.214 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-237-208-214.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
a93c8bb31c5701107a050ad8efc430a37cbd4706a5dd3ad59ba1f59abcd5a73e

Request headers

Referer
https://gfieldmoney.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 01:28:55 GMT
content-encoding
gzip
x-prebid
pbs-java/2.0.0
content-type
application/json
access-control-allow-origin
https://gfieldmoney.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
188
expires
0
cookie_sync
prebid-server.rubiconproject.com/ 		8 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/cookie_sync
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
99813490187b142685a3b162e41b6f4c780da5a9fefa4ccc42c3f00da94666b9

Request headers

Referer
https://gfieldmoney.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
Content-Type
application/json
access-control-allow-origin
https://gfieldmoney.com
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
1372
Expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		278 B
525 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
f70b3c9c450f0e49ebe2491cd759bd2728d9a8729b191e15eb71301ece8b17fa

Request headers

Referer
https://gfieldmoney.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/2.4.0
Content-Type
application/json
access-control-allow-origin
https://gfieldmoney.com
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
227
Expires
0
bid-request
a.teads.tv/hb/ 		16 B
614 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.217.173.155 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-217-173-155.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://gfieldmoney.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 01:28:55 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://gfieldmoney.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Sun, 03 Dec 2023 01:28:55 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
549 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=185770
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7abaa56868c0e59fe1d0bd9d3cd3ebbe8f9bb8cdc1e0ddeeff907135b8717f17

Request headers

Referer
https://gfieldmoney.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 01:28:55 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gl78KbRfT5e%2F9qQH5YBjr8YTkABOOlFy7XOO5JGe713Hcnwm%2FewhXBa5dP%2F9E%2FPkoZWipyGFcLinlv8tH1MBKLOyz4F%2FafHyPHi7OTevAwSScxt3Vcpxc48rZubo0phUbnwcuGHK"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://gfieldmoney.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
82f80921d8b854af-YYZ
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
prebid
krk2.kargo.com/api/v1/ 		2 B
465 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://krk2.kargo.com/api/v1/prebid
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.243.45.130 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-243-45-130.compute-1.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://gfieldmoney.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 01:28:55 GMT
content-encoding
gzip
x-accel-expires
0
nbr
510
vary
Accept-Encoding
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://gfieldmoney.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
content-length
26
expires
Thu, 01 Jan 1970 00:00:00 UTC
cdb
bidder.criteo.com/ 		0
194 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.5.0&cb=34594795423&lsavail=1&bundle=dn7B5V9teGxxRWNuJTJGSkJCR2lZeWlwcmhTNlJ6eWolMkZ0MGxBN2pPWUVkMW9vT2lEekxvSDlTd3FOTFB2dTFPY0ZqV2ZtUmJyVDEwalg2b0Vma2tpWDdValRLSEx2YTVnVHRId3ZjYXlaallWM1hIVVZEZmZkQml5VDh0VjZncnRCSm9namI
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://gfieldmoney.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://gfieldmoney.com
date
Sun, 03 Dec 2023 01:28:54 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
auction
tlx.3lift.com/header/ 		19 B
542 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.5.0&referrer=https%3A%2F%2Fgfieldmoney.com%2F&tmax=2800&us_privacy=1YNY
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.205.137.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-137-103.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://gfieldmoney.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 01:28:55 GMT
accept-ch
sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr
x-auction-status
3
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gfieldmoney.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebidjs
rtb.openx.net/openrtbb/ 		53 B
349 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
ba65e0dceddf399c9f5f90e84cf0fb75a208031aa9b3056562acdf00ff46b8e6

Request headers

Referer
https://gfieldmoney.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 03 Dec 2023 01:28:55 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://gfieldmoney.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
505 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694d00177771bcae21c6941d30023&pos=8a9694d00177771bcae21c6a7d880025&cmd=bid&sens=alc%2Cast%2Ccbd%2Cdat%2Cgamv%2Cpol%2Cssr%2Csrh%2Cske%2Cwtl&eidcriteo.com=t_rYxl9abnJTbnlIU3VBcnp2cnJhVUozVHJVcHh0VnFyVGhab1BVY3BGUDhHSmtLSHdWSnB3cTQlMkZmdzBvR2Z3b2NRUzVZcTBUYzZmSW5Ha3hTckNva0s4dlJnJTNEJTNE&eidpubcid.org=27af2596-c78b-4531-9220-fcadc454fe97&eidadserver.org=0aefc4a5-4b50-4aeb-845b-55f3253f3643&eidneustar.biz=E1%3AGN6SAUs6V4x-WHdj8N2wsoJ_N-bdCHvin6Kct001vU8PlzUf5l5x0IDobQ3WPprkzX0M3wzlGOxVAK891Gf1xpj7b0QrACECdHSvUTU1u4k&eidliveintent.com=csrHcqKh3V0sV3eeStJiZhlZDMWVlWoL_OCzdw&secure=1&us_privacy=1YNY&gpp=DBABzw~1YNY~BVQqAAAAAgA&gpp_sid=6%2C7
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.90 /
Resource Hash
aa1e2eb922274f4fa594e58c2ba74cc84a8e62aa2fcd3bd56cbf66504158eab8

Request headers

Referer
https://gfieldmoney.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 03 Dec 2023 01:28:55 GMT
content-encoding
gzip
server
ATS/9.1.10.90
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://gfieldmoney.com
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
278 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694d00177771bcae21c6941d30023&pos=8a969d580177771bc13c2046cd280081&cmd=bid&sens=alc%2Cast%2Ccbd%2Cdat%2Cgamv%2Cpol%2Cssr%2Csrh%2Cske%2Cwtl&eidcriteo.com=t_rYxl9abnJTbnlIU3VBcnp2cnJhVUozVHJVcHh0VnFyVGhab1BVY3BGUDhHSmtLSHdWSnB3cTQlMkZmdzBvR2Z3b2NRUzVZcTBUYzZmSW5Ha3hTckNva0s4dlJnJTNEJTNE&eidpubcid.org=27af2596-c78b-4531-9220-fcadc454fe97&eidadserver.org=0aefc4a5-4b50-4aeb-845b-55f3253f3643&eidneustar.biz=E1%3AGN6SAUs6V4x-WHdj8N2wsoJ_N-bdCHvin6Kct001vU8PlzUf5l5x0IDobQ3WPprkzX0M3wzlGOxVAK891Gf1xpj7b0QrACECdHSvUTU1u4k&eidliveintent.com=csrHcqKh3V0sV3eeStJiZhlZDMWVlWoL_OCzdw&secure=1&us_privacy=1YNY&gpp=DBABzw~1YNY~BVQqAAAAAgA&gpp_sid=6%2C7
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.90 /
Resource Hash
2036a0bd1ad6387be62c55f1f1edb220b1065ce6b90be06182584db6b8aea4ae

Request headers

Referer
https://gfieldmoney.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 03 Dec 2023 01:28:55 GMT
content-encoding
gzip
server
ATS/9.1.10.90
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://gfieldmoney.com
access-control-allow-credentials
true
content-length
78
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694d00177771bcae21c6941d30023&pos=8a9694d00177771bcae2204408520056&cmd=bid&sens=alc%2Cast%2Ccbd%2Cdat%2Cgamv%2Cpol%2Cssr%2Csrh%2Cske%2Cwtl&eidcriteo.com=t_rYxl9abnJTbnlIU3VBcnp2cnJhVUozVHJVcHh0VnFyVGhab1BVY3BGUDhHSmtLSHdWSnB3cTQlMkZmdzBvR2Z3b2NRUzVZcTBUYzZmSW5Ha3hTckNva0s4dlJnJTNEJTNE&eidpubcid.org=27af2596-c78b-4531-9220-fcadc454fe97&eidadserver.org=0aefc4a5-4b50-4aeb-845b-55f3253f3643&eidneustar.biz=E1%3AGN6SAUs6V4x-WHdj8N2wsoJ_N-bdCHvin6Kct001vU8PlzUf5l5x0IDobQ3WPprkzX0M3wzlGOxVAK891Gf1xpj7b0QrACECdHSvUTU1u4k&eidliveintent.com=csrHcqKh3V0sV3eeStJiZhlZDMWVlWoL_OCzdw&secure=1&us_privacy=1YNY&gpp=DBABzw~1YNY~BVQqAAAAAgA&gpp_sid=6%2C7
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.90 /
Resource Hash
5a989bc5feb3eadc2ddec74b81ffe3a20ec3af800ebc404619a8b6d32517baa8

Request headers

Referer
https://gfieldmoney.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 03 Dec 2023 01:28:55 GMT
content-encoding
gzip
server
ATS/9.1.10.90
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://gfieldmoney.com
access-control-allow-credentials
true
content-length
78
translator
hbopenbid.pubmatic.com/ 		0
116 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gfieldmoney.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://gfieldmoney.com
date
Sun, 03 Dec 2023 01:28:54 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ 		889 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9262&site_id=180726&zone_id=881416&size_id=2&alt_size_ids=1%2C43%2C44%2C55%2C117%2C221&p_pos=atf&us_privacy=1YNY&rp_schain=1.0,1!cafemedia.com,5e0fcd6517a8be5a76a36c71,1,,,&eid_criteo.com=t_rYxl9abnJTbnlIU3VBcnp2cnJhVUozVHJVcHh0VnFyVGhab1BVY3BGUDhHSmtLSHdWSnB3cTQlMkZmdzBvR2Z3b2NRUzVZcTBUYzZmSW5Ha3hTckNva0s4dlJnJTNEJTNE%5E1&eid_pubcid.org=27af2596-c78b-4531-9220-fcadc454fe97%5E1&tpid_tdid=0aefc4a5-4b50-4aeb-845b-55f3253f3643&eid_adserver.org=0aefc4a5-4b50-4aeb-845b-55f3253f3643&eid_neustar.biz=E1%3AGN6SAUs6V4x-WHdj8N2wsoJ_N-bdCHvin6Kct001vU8PlzUf5l5x0IDobQ3WPprkzX0M3wzlGOxVAK891Gf1xpj7b0QrACECdHSvUTU1u4k%5E1&eid_flashtalking.com=c25b308a75c444bb83d9d219cc3dd799%5E1&tpid_liveintent.com=csrHcqKh3V0sV3eeStJiZhlZDMWVlWoL_OCzdw&eid_liveintent.com=csrHcqKh3V0sV3eeStJiZhlZDMWVlWoL_OCzdw&eid_bidswitch.net=c9eb4231-2994-4a17-9a3b-db5e43b7986e%5E3&eid_rubiconproject.com=LPJU6D21-U-BU6G%5E3&eid_liveintent.indexexchange.com=ZWdOdvnPkdG.EVnP0vyuWgAA%261665%5E3&rf=https%3A%2F%2Fgfieldmoney.com%2F&tg_i.domain=gfieldmoney.com&tg_i.page=https%3A%2F%2Fgfieldmoney.com%2F&tg_i.cat=IAB20&tg_i.pagecat=IAB20&tg_i.privacypolicy=1&tg_i.mobile=1&tg_i.site_code=AFOI_2020%2CATZN_2020%2CEXFP_2020%2CEXHFCE_2021%2CGLDM_2021%2CGLU_2023%2CHUSA_2023%2CLBM_LS_2020%2CMIQWO_2022%2CMRLOI_22%2CNSTLE_22%2CREI_2021%2CSCPE_2023%2CTGNAF_21%2CTRGT_022020%2CTRVL_2021%2CTYS_062019%2CVITFM_21&tg_i.sens=alc%2Cast%2Ccbd%2Cdat%2Cgamv%2Cpol%2Cssr%2Csrh%2Cske%2Cwtl&tg_i.site_id=5e0fcd6517a8be5a76a36c71&tg_i.verticals=Travel&tg_i.pmp_elig=true&tg_i.refresh=false&tg_i.vp=0&tg_i.hvp=80&tg_i.pos=atf&tg_i.pbadslot=%2F18190176%2FAdThrive_Footer_1%2F5e0fcd6517a8be5a76a36c71&tk_flint=pbjs_lite_v8.5.0&x_source.tid=79b3195a-7d19-48ee-bdb8-1e2489ff1b78&l_pb_bid_id=599d7354b3b6a04&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=15638260-cdcd-4569-93ce-7d4f1c1525c4&rp_hard_floor=2.1174&rp_maxbids=1&p_gpid=%2F18190176%2FAdThrive_Footer_1%2F5e0fcd6517a8be5a76a36c71&slots=1&rand=0.3638024136755609
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::42 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
5605c7888dd495432694bf7b623af844f81c4d4d995ab81f6269c7d008fe6119

Request headers

Referer
https://gfieldmoney.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 01:28:56 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://gfieldmoney.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
889
expires
Wed, 17 Sep 1975 21:32:10 GMT
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.90 /
Resource Hash
767dfbf3a45b3fb9c344451fc7f8047dec0c82ed23145005a0fd8f9717eb78c7

Request headers

Referer
https://gfieldmoney.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 03 Dec 2023 01:28:55 GMT
content-encoding
gzip
server
ATS/9.1.10.90
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://gfieldmoney.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
283 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.90 /
Resource Hash
f66fa410bf48a6afecb2bebfc1133fd59439381a45f9f3af3c7ea0d5f38437ef

Request headers

Referer
https://gfieldmoney.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 03 Dec 2023 01:28:55 GMT
content-encoding
gzip
server
ATS/9.1.10.90
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://gfieldmoney.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
285 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.90 /
Resource Hash
0046837c37a779d4b5836fbbf9354c16d530e01454e892c9a7658e4195ed52ea

Request headers

Referer
https://gfieldmoney.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 03 Dec 2023 01:28:55 GMT
content-encoding
gzip
server
ATS/9.1.10.90
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://gfieldmoney.com
access-control-allow-credentials
true
content-length
84
prebid
ib.adnxs.com/ut/v3/ 		20 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.208 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
734322036fe5b2569df13370f8ee8b631065c2285a4fc6ced6c7fccdb1c556b0
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://gfieldmoney.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 01:28:55 GMT
content-encoding
gzip
an-x-request-uuid
4b7dcc32-f5b6-4e89-a3f1-f075eeb2728e
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gfieldmoney.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
96.9.249.43; 96.9.249.43; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cafemedia
direct.adsrvr.org/bid/bidder/ 		0
399 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://direct.adsrvr.org/bid/bidder/cafemedia
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.250.161.129 , United States, ASN26459 (TTD-ASN-01, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gfieldmoney.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 03 Dec 2023 01:28:54 GMT
x-openrtb-version
2.3
server
Kestrel
content-type
application/json
access-control-allow-origin
https://gfieldmoney.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
0
/
colossusssp.com/ 		2 B
138 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://colossusssp.com/?c=o&m=multi
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.237.69.4 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
openresty /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://gfieldmoney.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://gfieldmoney.com
date
Sun, 03 Dec 2023 01:28:56 GMT
access-control-allow-credentials
true
server
openresty
content-length
2
content-type
application/json
imp
g2.gumgum.com/hbid/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1701566935313&to=600&aun=AdThrive_Footer_1_desktop&criteoId=t_rYxl9abnJTbnlIU3VBcnp2cnJhVUozVHJVcHh0VnFyVGhab1BVY3BGUDhHSmtLSHdWSnB3cTQlMkZmdzBvR2Z3b2NRUzVZcTBUYzZmSW5Ha3hTckNva0s4dlJnJTNEJTNE&pubcid=27af2596-c78b-4531-9220-fcadc454fe97&tdid=0aefc4a5-4b50-4aeb-845b-55f3253f3643&fabrickId=E1%3AGN6SAUs6V4x-WHdj8N2wsoJ_N-bdCHvin6Kct001vU8PlzUf5l5x0IDobQ3WPprkzX0M3wzlGOxVAK891Gf1xpj7b0QrACECdHSvUTU1u4k&ftrackId=c25b308a75c444bb83d9d219cc3dd799&lipb=csrHcqKh3V0sV3eeStJiZhlZDMWVlWoL_OCzdw&gpid=%2F18190176%2FAdThrive_Footer_1%2F5e0fcd6517a8be5a76a36c71&fp=2.1109&fpc=USD&t=g95nznmj&pi=2&uspConsent=1YNY&gppConsent=%5Bobject%20Object%5D&schain=1.0%2C1!cafemedia.com%2C5e0fcd6517a8be5a76a36c71%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fgfieldmoney.com%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.5.0%22%7D&ogu=null&ns=9933
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.219.135.98 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-219-135-98.compute-1.amazonaws.com
Software
nginx /
Resource Hash
719d791da949c130217b1e0daded6f800dcc734055d96f3e55cd675164145b41

Request headers

Referer
https://gfieldmoney.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 01:28:55 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://gfieldmoney.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
prebid
exchange.postrelease.com/ 		0
393 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://exchange.postrelease.com/prebid?ntv_pb_eid=W3sic291cmNlIjoiY3JpdGVvLmNvbSIsInVpZHMiOlt7ImlkIjoidF9yWXhsOWFibkpUYm5sSVUzVkJjbnAyY25KaFZVb3pWSEpWY0hoMFZuRnlWR2hhYjFCVlkzQkdVRGhIU210TFNIZFdTbkIzY1RRbE1rWm1kekJ2UjJaM2IyTlJVelZaY1RCVVl6Wm1TVzVIYTNoVGNrTnZhMHM0ZGxKbkpUTkVKVE5FIiwiYXR5cGUiOjF9XX0seyJzb3VyY2UiOiJwdWJjaWQub3JnIiwidWlkcyI6W3siaWQiOiIyN2FmMjU5Ni1jNzhiLTQ1MzEtOTIyMC1mY2FkYzQ1NGZlOTciLCJhdHlwZSI6MX1dfSx7InNvdXJjZSI6ImFkc2VydmVyLm9yZyIsInVpZHMiOlt7ImlkIjoiMGFlZmM0YTUtNGI1MC00YWViLTg0NWItNTVmMzI1M2YzNjQzIiwiYXR5cGUiOjEsImV4dCI6eyJydGlQYXJ0bmVyIjoiVERJRCJ9fV19LHsic291cmNlIjoibmV1c3Rhci5iaXoiLCJ1aWRzIjpbeyJpZCI6IkUxOkdONlNBVXM2VjR4LVdIZGo4TjJ3c29KX04tYmRDSHZpbjZLY3QwMDF2VThQbHpVZjVsNXgwSURvYlEzV1Bwcmt6WDBNM3d6bEdPeFZBSzg5MUdmMXhwajdiMFFyQUNFQ2RIU3ZVVFUxdTRrIiwiYXR5cGUiOjF9XX0seyJzb3VyY2UiOiJmbGFzaHRhbGtpbmcuY29tIiwidWlkcyI6W3siaWQiOiJjMjViMzA4YTc1YzQ0NGJiODNkOWQyMTljYzNkZDc5OSIsImF0eXBlIjoxLCJleHQiOnsiSEhJRCI6ImMxNGNjMzllNWY2MzRkMDk4ZjBhY2IxN2JjNWNjMGNlIiwiRGV2aWNlSUQiOiJjMjViMzA4YTc1YzQ0NGJiODNkOWQyMTljYzNkZDc5OSIsIlNpbmdsZURldmljZUlEIjoiYzI1YjMwOGE3NWM0NDRiYjgzZDlkMjE5Y2MzZGQ3OTkifX1dfSx7InNvdXJjZSI6ImxpdmVpbnRlbnQuY29tIiwidWlkcyI6W3siaWQiOiJjc3JIY3FLaDNWMHNWM2VlU3RKaVpobFpETVdWbFdvTF9PQ3pkdyIsImF0eXBlIjozfV19LHsic291cmNlIjoiYmlkc3dpdGNoLm5ldCIsInVpZHMiOlt7ImlkIjoiYzllYjQyMzEtMjk5NC00YTE3LTlhM2ItZGI1ZTQzYjc5ODZlIiwiYXR5cGUiOjMsImV4dCI6eyJwcm92aWRlciI6ImxpdmVpbnRlbnQuY29tIn19XX0seyJzb3VyY2UiOiJydWJpY29ucHJvamVjdC5jb20iLCJ1aWRzIjpbeyJpZCI6IkxQSlU2RDIxLVUtQlU2RyIsImF0eXBlIjozLCJleHQiOnsicHJvdmlkZXIiOiJsaXZlaW50ZW50LmNvbSJ9fV19LHsic291cmNlIjoibGl2ZWludGVudC5pbmRleGV4Y2hhbmdlLmNvbSIsInVpZHMiOlt7ImlkIjoiWldkT2R2blBrZEcuRVZuUDB2eXVXZ0FBJjE2NjUiLCJhdHlwZSI6MywiZXh0Ijp7InByb3ZpZGVyIjoibGl2ZWludGVudC5jb20ifX1dfV0=&us_privacy=1YNY&ntv_ppf=eyJBZFRocml2ZV9Gb290ZXJfMV9kZXNrdG9wIjp7ImJhbm5lciI6eyI3Mjh4OTAiOjIuMDc2NiwiMzIweDUwIjoyLjA3NjYsIjk3MHg5MCI6Mi4wNzY2LCIzMDB4NTAiOjIuMDc2NiwiMzIweDEwMCI6Mi4wNzY2LCI0Njh4NjAiOjIuMDc2NiwiMXgxIjoyLjA3NjYsIioiOjIuMDc2Nn0sIioiOnsiKiI6Mi4wNzY2LCI3Mjh4OTAiOjIuMDc2NiwiMzIweDUwIjoyLjA3NjYsIjk3MHg5MCI6Mi4wNzY2LCIzMDB4NTAiOjIuMDc2NiwiMzIweDEwMCI6Mi4wNzY2LCI0Njh4NjAiOjIuMDc2NiwiMXgxIjoyLjA3NjZ9fX0=&ntv_pbv=v8.5.0&ntv_pb_rid=784d92a13494fd2&ntv_ppc=W3siYWRVbml0Q29kZSI6IkFkVGhyaXZlX0Zvb3Rlcl8xX2Rlc2t0b3AiLCJtZWRpYVR5cGVzIjp7ImJhbm5lciI6eyJzaXplcyI6W1s3MjgsOTBdLFszMjAsNTBdLFs5NzAsOTBdLFszMDAsNTBdLFszMjAsMTAwXSxbNDY4LDYwXSxbMSwxXV0sInBvcyI6MX19fV0=&ntv_dbr=eyJBZFRocml2ZV9Gb290ZXJfMV9kZXNrdG9wIjowfQ==&ntv_url=https%3A%2F%2Fgfieldmoney.com%2F
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.237.88.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-88-142.compute-1.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gfieldmoney.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 01:28:56 GMT
content-encoding
gzip
server
nginx/1.12.2
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://gfieldmoney.com
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials
true
content-length
20
expires
Mon, 1 Jan 1990 12:00:00 GMT
65568.js
cdn.brandmetrics.com/scripts/bundle/ 		55 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.brandmetrics.com/scripts/bundle/65568.js?sid=f9816ecc-b51b-4747-bc3e-1ea86a0677a2&toploc=gfieldmoney.com
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3f82b622d1618afcb5ad8a7d12fe1b59d4dd737711fce445344403e7df85fbc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:55 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Sat, 02 Dec 2023 22:38:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aZvB%2FjgSc4u%2FHX%2Fwr92ArQrtINQUqMn%2BZLZfqttMcK9P%2BXNhlkMXXai3fMBh0cMdbJfu3xQDZLQw2UeAzyyOOXNHvfMuCn3Kxl6TeKbu%2Fh9IditP7NdPoqJTwgK1KqtU6x5CRZ0bds5SkNdQIyrVSoHW"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
82f8092229624bc3-BUF
request-context
appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937
setuid
prebid.production.adthrive.com/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58830/sync?redir=true&gdpr=&gdpr_consent=
  • https://prebid.production.adthrive.com/setuid?bidder=yahooAds&f=b&uid=y-lnwetbRE2uJrUWexT4ASlJWiv0c_ctkI~A
0
321 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.production.adthrive.com/setuid?bidder=yahooAds&f=b&uid=y-lnwetbRE2uJrUWexT4ASlJWiv0c_ctkI~A
Protocol
H2
Server
44.237.208.214 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-237-208-214.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
text/html
pragma
no-cache
date
Sun, 03 Dec 2023 01:28:55 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0

Redirect headers

location
https://prebid.production.adthrive.com/setuid?bidder=yahooAds&f=b&uid=y-lnwetbRE2uJrUWexT4ASlJWiv0c_ctkI~A
date
Sun, 03 Dec 2023 01:28:55 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
c.js
collector.brandmetrics.com/ 		0
188 B 		Script
General
Check archive.org
Download Go to
Full URL
https://collector.brandmetrics.com/c.js?siteid=f9816ecc-b51b-4747-bc3e-1ea86a0677a2&toploc=gfieldmoney.com&rnd=398818
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.40.202.2 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Request-Context
appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937
Date
Sun, 03 Dec 2023 01:28:56 GMT
Content-Length
0
Content-Type
text/javascript;charset=utf-8
setuid
prebid.production.adthrive.com/
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24%7B...
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D...
  • https://prebid.production.adthrive.com/setuid?bidder=grid&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&f=i&uid=a79111c6-27ff-47f3-a668-26bb7e3273b1
86 B
566 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.production.adthrive.com/setuid?bidder=grid&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&f=i&uid=a79111c6-27ff-47f3-a668-26bb7e3273b1
Protocol
H2
Server
44.237.208.214 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-237-208-214.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Sun, 03 Dec 2023 01:28:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
expires
0

Redirect headers

Location
https://prebid.production.adthrive.com/setuid?bidder=grid&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&f=i&uid=a79111c6-27ff-47f3-a668-26bb7e3273b1
Date
Sun, 03 Dec 2023 01:28:56 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
275 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
1e00c938e982fc73eff225be23da669f49ff24cc256276d617f6a05661eb2982
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin
https://gfieldmoney.com
date
Sun, 03 Dec 2023 01:28:56 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
setuid
prebid-server.rubiconproject.com/
Redirect Chain
  • https://sync.colossusssp.com/pbs.gif?gdpr=&gdpr_consent=&us_privacy=1YNY&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dcolossus%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3...
  • https://prebid-server.rubiconproject.com/setuid?bidder=colossus&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&account=&f=i&uid=16e6afb7-db8b-4b83-ad02-d372fee35d19
86 B
711 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=colossus&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&account=&f=i&uid=16e6afb7-db8b-4b83-ad02-d372fee35d19
Protocol
HTTP/1.1
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
image/png
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-encoding
gzip
transfer-encoding
chunked
Expires
0

Redirect headers

Pragma
no-cache
Date
Sun, 03 Dec 2023 01:28:56 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Server
nginx
Transfer-Encoding
chunked
Location
https://prebid-server.rubiconproject.com/setuid?bidder=colossus&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&account=&f=i&uid=16e6afb7-db8b-4b83-ad02-d372fee35d19
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
v3
id5-sync.com/gm/ 		765 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/gm/v3
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
bd8fe145138c25116feeb45853c4bce86abd3275b3b32d3b9a2945632f9a1d36
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://gfieldmoney.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://gfieldmoney.com
date
Sun, 03 Dec 2023 01:28:57 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
p3p
CP="CAO PSA OUR"
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
setuid
prebid.production.adthrive.com/
Redirect Chain
  • https://ads.yieldmo.com/pbsync?gdpr=&gdpr_consent=&us_privacy=1YNY&redirectUri=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3Dyieldmo%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1Y...
  • https://prebid.production.adthrive.com/setuid?bidder=yieldmo&gpp=&gpp_sid=&f=i&uid=3zqHuII00HIIAnFOzesw&gdpr=&gdpr_consent=&us_privacy=1YNY
86 B
656 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.production.adthrive.com/setuid?bidder=yieldmo&gpp=&gpp_sid=&f=i&uid=3zqHuII00HIIAnFOzesw&gdpr=&gdpr_consent=&us_privacy=1YNY
Protocol
H2
Server
44.237.208.214 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-237-208-214.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Sun, 03 Dec 2023 01:28:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
expires
0

Redirect headers

pragma
no-cache
date
Sun, 03 Dec 2023 01:28:56 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://prebid.production.adthrive.com/setuid?bidder=yieldmo&gpp=&gpp_sid=&f=i&uid=3zqHuII00HIIAnFOzesw&gdpr=&gdpr_consent=&us_privacy=1YNY
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
setuid
prebid-server.rubiconproject.com/
Redirect Chain
  • https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&rurl=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidde...
  • https://prebid-match.dotomi.com/match/bounce/current?DotomiTest=5994db7ab097105e&is_secure=true&version=1&networkId=72582&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&rurl=https%3A%2F%2Fprebid...
  • https://prebid-server.rubiconproject.com/setuid?bidder=conversant&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&account=&f=i&uid=AAAGTasqO-j0GANyuVIrAAAAAAA&expiration=1701653337
86 B
839 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=conversant&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&account=&f=i&uid=AAAGTasqO-j0GANyuVIrAAAAAAA&expiration=1701653337
Protocol
HTTP/1.1
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
image/png
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-encoding
gzip
transfer-encoding
chunked
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 03 Dec 2023 01:28:57 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://prebid-server.rubiconproject.com/setuid?bidder=conversant&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&account=&f=i&uid=AAAGTasqO-j0GANyuVIrAAAAAAA&expiration=1701653337
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
ads
securepubads.g.doubleclick.net/gampad/ 		719 B
393 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1832854516823858&correlator=3008616388142913&eid=31077976%2C31078987%2C31079832%2C31079783%2C31078989&output=ldjh&gdfp_req=1&vrg=202311150101&ptt=17&impl=fifs&us_privacy=1YNY&tfcd=0&gpp=GPP_ERROR_STRING_IS_DEPRECATED_SPEC&iu_parts=18190176%3A22575277881%2CAdThrive_Footer_1%2C5e0fcd6517a8be5a76a36c71&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C728x90%7C320x50%7C970x90%7C300x50%7C320x100%7C468x60%7C1x1&fluid=height&ifi=1&sfv=1-0-40&fsbs=1&eri=5&sc=1&cookie_enabled=1&abxe=1&dt=1701566936648&adxs=200&adys=1130&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fgfieldmoney.com%2F&vis=1&psz=1600x5726&msz=1600x-1&fws=516&ohw=1600&ga_vid=1358099714.1701566937&ga_sid=1701566937&ga_hid=1409304440&ga_fc=false&a3p=EvICCggxODE5MDE3NhLcAmV5SnphV2R1WVd4eklqcGJleUp6YjNWeVkyVWlPaUpoWkhObGNuWmxjaTV2Y21jaUxDSmtZWFJoSWpvaU1HRmxabU0wWVRVdE5HSTFNQzAwWVdWaUxUZzBOV0l0TlRWbU16STFNMll6TmpReklpd2lhWE5RZFdKRGNtVmhkR1ZrSWpwMGNuVmxmU3g3SW5OdmRYSmpaU0k2SW0xamJYQWlMQ0prWVhSaElqcGJYU3dpYVhOUWRXSkRjbVZoZEdWa0lqcDBjblZsZlN4N0luTnZkWEpqWlNJNkluTmxibk1pTENKa1lYUmhJanBiSW1Gc1l5SXNJbUZ6ZENJc0ltTmlaQ0lzSW1SaGRDSXNJbWRoYlhZaUxDSndiMndpTENKemMzSWlMQ0p6Y21naUxDSnphMlVpTENKM2RHd2lYU3dpYVhOUWRXSkRjbVZoZEdWa0lqcDBjblZsZlYxORje3qvqwjFIAQ..&dlt=1701566930863&idt=3947&ppid=27af2596c78b45319220fcadc454fe97&prev_scp=location%3DFooter%26sequence%3D1%26id%3DAdThrive_Footer_1_desktop%26ATF%3Dtrue%26sticky%3Dtrue%26lazy%3Dfalse%26refresh%3D00%26nref%3D0%26hvp%3D80%26amznbid%3D2%26amznp%3D2%26flag_slot%3Dtid%253A15638260-cdcd-4569-93ce-7d4f1c1525c4%2Cidp%253Ashl%2Cidp%253Acid%2Cidp%253Auid1%2Cidp%253Acri%2Cidp%253Afab%2Cidp%253Aftr%2Cidp%253Aliid%2Cfv%253Ann_v4_0.22%2Chbf%253A2.05%2Coseq%253A1%26hb_format_appnexus%3Dbanner%26hb_size_appnexus%3D728x90%26hb_pb_appnexus%3D0.05%26hb_adid_appnexus%3D80099c7f4ce2258%26hb_crid%3D450043583%26hb_dsp%3D11882%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.05%26hb_adid%3D80099c7f4ce2258%26hb_bidder%3Dappnexus%26hb_bsid%3D11882&cust_params=flag%3Dtarget%253Aes2018%252Cadsmnche%253A167%252Cbrwsrv%253A119.0.6045.199%252Cpmp_elig%253A1%252Clf_elig%253A1%252Cclson%253Atrue%252CclsBranch%253A3fe49da%252CclsBucket%253Aprod%252Cintegration%253Aplugin%252Clmdv%253A1.46.0%252Crf%253A1%252Cppid%253Ash_id%26siteId%3D5e0fcd6517a8be5a76a36c71%26organizationId%3D6233884d2bb0fa708866afdc%26siteName%3DPack%2520Hacker%26verticals%3DTravel%26abgroup%3Damzn%253Aon%252Cwvtls%253Aoff%254075%252Cmto%253A1.5%254025%252Cflrml1%253Afbrap%254088%252Cfto%253A3%254025%252Callbho%253Aoff%25400%252Cloglev%253Aoff%254099%252Chbho%253Aconversant%254010%252Chbho%253Aresetdigital%254090%252Chbho%253Asharethrough%254075%252Coptd%253Aoff%2540100%252Cidho%253Aid5Id%252Cidho%253AFTrackId%252Cidho%253AmerkleId%252Cpbs2s%253A33across%2540100%252Cpbs2s%253Aconversant%2540100%252Cpbs2s%253Agrid%254099%252Cpbs2s%253Aimprove_ss%2540100%252Cpbs2s%253Apubm_ss%2540100%252Cpbs2s%253Aresetdigital%2540100%252Cpbs2s%253Aunder_ss%2540100%252Cpbs2s%253Aunruly%2540100%252Cpbs2s%253Ayieldmo%2540100%252Cpbs2s%253Aadform%2540100%252Cadt2%253A500%254085%252Cs2sparam%253Aon%254099%252Cmultirefauc%253Aoff%254010%252Ccoldr%253Aboth%2540100%252Ckrgodr%253Aclient%254095%252Copnxdr%253Aboth%254098%252Cmagnitedr%253Aboth%254098%252Ctripleliftdr%253Aboth%254098%252Cyahoodr1%253Aboth%254098%252Cito_ds%253A2800%254050%252C3pho%253Anone%254095%252Cvbho%253Aresetdigital%254090%252Cvbho%253A33across%2540100%252Coptv%253Aoff%2540100%252Ccbt%253A4s%254075%252Cvasttoisv%253A18s%254020%252Cvasttoosv%253A5s%254060%252Cproto%253Aallr%254015%252Cpbm%253Aon%252Caddur%253Aoff%254097%252Cadlifecyc%253Aoff%254090%252CreqTo%253A20%254020%252Cvadv%253Aon%252Cosp%253A2%2540100%252Cdofre%253Aoff%254099%252Csoblp%253Aoff%254095%252Ccsp%253Aon%2540100%252Cvmaxdur%253A30%254098%252Cjwpv%253A8.30.0%254099%252Csmhd100%253Aoff%252Cconmax99%253Aoff%252Cdcsll_ss2%253Aoff%254030%252Cdcsllm_ss%253Aundefined%252Cintcfg%253Aon%2540100%252Cainv2%253A1000%2540100%252Cscre%253Aon%252Cpbsflr1%253Aoff%254095%252Cs2sbuff%253A100%254025%252Ccsync_lim%253A25%254025%252Crpbs%253Aon%254010%252Crmos1%253Aoff%254099%252Csocon%253A1.5%254034%252Crtbf%253Aon%2540100%252Cdco%253Arelaxed%2540100%252Cdajto%253Aon%2540100%252Cjwb%253Aon%254095%252Cfldg%253Aon%254050%252Cvpred_1%253A0.9%254096%252Ccrtvmon%253Aoff%254090%252Coxli%253Aoff%2540100%252Cpba%253Anone%254099%252Camzn_hold_disp%253Aoff%254050%252Caddens%253Aoff%254075%252Cbmetrics%253Aon%254099%252Cspa%253Aoff%25400%252Cfcp%253AtopLeft%2540100%252Cconfiant1%253Aoff%254090%252Cscae%253Aon%252Cessa%253Aon%252Cdssmh%253A1800%254010%252Cdssc%253A25%254025%252Crrc%253Aoff%252Crefsoflr%253A0%254080%252Cssff%253Aon%2540100%252Cjtte%253Aon%2540100%252Clogcls%253Aoff%254090%252Cmgncrbn%253Aoff%254075%252Cnlsentrckr%253Aoff%2540100%252Crebuildslot%253Aon%254095%252Csre%253Aoff%2540100%252Cupl%253Aoff%254075%252Cdatapriv%253Aoff%254090%252Cvcsu%253Aon%2540100%252Cssau%253Aoff%2540100%252Cpale%253Aoff%254099%252Cdsle%253AContinuing%2520without%2520bids%254099%252Cdsle%253Axhr%2520timeout%2520after%254099%252Crmosnv1%253Aoff%254099%26idho_p%3Did5Id%253A50%252CidentityLink%253A1%252CpairId%253A1%252CunifiedId%253A1%252CunifiedId2%253A1%252CsharedId%253A1%252Ccriteo%253A5%252CconnectId%253A5%252CfabrickId%253A5%252CFTrackId%253A95%252C33acrossId%253A5%252CliveIntentId%253A1%252ClotamePanoramaId%253A5%252CmerkleId%253A25%252CmerkuryId%253A5%26bucket%3Dflex-132%26sens%3Dalc%252Cast%252Ccbd%252Cdat%252Cgamv%252Cpol%252Cssr%252Csrh%252Cske%252Cwtl%26domain%3Dgfieldmoney.com%26plugin%3Dadthrive-ads-3.5.2%26vpwxvph%3D1600x1200%26ri%3D156%26rsi%3D102%26pvk%3D01HGPMNVGB7XEA5ZVWYW1QXRRQ%26sess%3D01HGPMNVGCGDP9H15J0G670RFM%26branch%3D36761d1%26deployment%3D2023-12-01-5%253Aade-1165%253Apr4090%253A36761d1%26hbho%3Dconversant%252Cresetdigital%252Csharethrough%26vbho%3Dresetdigital%252C33across%26doba%3Dix%252Cmn%252Cox%252Cpu%252Cun%252Cma%252Csh%252Cst%252Csb%252Csv%252Ctl%252Cym%252Cmg%252Cxr%252Cot%252Cax%252Cch%252Ccr%252Cgg%252Ckg%252Ctd%252Cym%26gptv%3D202311150101%26gpid%3Dgpid%2520unavailable%26id_region%3Dus%26connection%3Dniet%253A4g%252Cdl%253A9.7%26ccpaOptOut%3D0%26fpv%3D1%26site_code%3DAFOI_2020%252CATZN_2020%252CEXFP_2020%252CEXHFCE_2021%252CGLDM_2021%252CGLU_2023%252CHUSA_2023%252CLBM_LS_2020%252CMIQWO_2022%252CMRLOI_22%252CNSTLE_22%252CREI_2021%252CSCPE_2023%252CTGNAF_21%252CTRGT_022020%252CTRVL_2021%252CTYS_062019%252CVITFM_21%26marmalade%3Dtrue&adks=3289955659&frm=20
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
925c486c5bb5fc25f81b3f3383d13147750c4dbe6d81a64a998ddf4a322821e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:56 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
363
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://gfieldmoney.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311150101&st=env
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8a299277cca4f1988bc0cc5d97b9e2714ab1cc3b32ed60b3339ab67e62f6358a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:56 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12203
x-xss-protection
0
container.html
6d1730eefb63013d47e63f0f9e1a6912.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BE5F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://6d1730eefb63013d47e63f0f9e1a6912.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gfieldmoney.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 03 Dec 2023 01:28:57 GMT
expires
Mon, 02 Dec 2024 01:28:57 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
setuid
prebid.production.adthrive.com/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24UID
  • https://prebid.production.adthrive.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&f=i&uid=6848836367408275229
86 B
745 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.production.adthrive.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&f=i&uid=6848836367408275229
Protocol
H2
Server
44.237.208.214 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-237-208-214.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Sun, 03 Dec 2023 01:28:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
expires
0

Redirect headers

pragma
no-cache
date
Sun, 03 Dec 2023 01:28:56 GMT
an-x-request-uuid
f149c4ca-6923-43e1-aa0c-d8420f58d36b
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://prebid.production.adthrive.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&f=i&uid=6848836367408275229
x-proxy-origin
96.9.249.43; 96.9.249.43; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
prebid.production.adthrive.com/
Redirect Chain
  • https://sync.resetdigital.co/csync?pid=rubicon&puid={Publisher%20UID}&redir=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3Dresetdigital%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D...
  • https://prebid.production.adthrive.com/setuid?bidder=resetdigital&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&f=i&uid=0000012016C3AC42
86 B
826 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.production.adthrive.com/setuid?bidder=resetdigital&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&f=i&uid=0000012016C3AC42
Protocol
H2
Server
44.237.208.214 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-237-208-214.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Sun, 03 Dec 2023 01:28:57 GMT
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
expires
0

Redirect headers

location
https://prebid.production.adthrive.com/setuid?bidder=resetdigital&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&f=i&uid=0000012016C3AC42
date
Sun, 03 Dec 2023 01:28:56 GMT
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
content-length
0
content-type
text/html
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 03 Dec 2023 01:28:57 GMT
9.gif
id5-sync.com/c/367/1242/0/
Redirect Chain
  • https://id5-sync.com/i/367/8.gif?id5id=ID5*p11bvzOanJwcEIAy7cUbttIDVO2qk3C8Hqjt0DC-JAByZ0HGtU2NVetFC6Ya6AFlcmhGVH21slvYSOt-mkYAnw&o=api&gdpr_consent=undefined&gdpr=false
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=id5&cspid=18&cb=&redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F367%2F796%2F7%2F2.gif%3Fpuid%3D%24%7BADELPHIC_CUID%7D%26gdpr%3D0%26gdpr_consent...
  • https://id5-sync.com/c/367/796/7/2.gif?puid=5a4df778-f627-4743-8570-98b1bd159585&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=0aefc4a5-4b50-4aeb-845b-55f3253f3643&ttl=%%TTL%%
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-6af9oqahGo0svbR8-SYwQz9pazuvTTqPlNBWoYIZhg&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F367%2F124%2F5%2F4.gif%3Fpuid%3D...
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-6af9oqahGo0svbR8-SYwQz9pazuvTTqPlNBWoYIZhg&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F367%2F124%2F5%2F4.gif%3Fp...
  • https://id5-sync.com/cq/367/124/5/4.gif?puid=044b2f34-390c-453e-b062-89487d94c2a7&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F367%2F441%2F4%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/367/441/4/5.gif?puid=u_79a0f9f2-0294-4ebf-ad95-660dab14ef74&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/367/2/3/6.gif?puid=$UID&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/367/2/3/6.gif?puid=6848836367408275229&gdpr=0&gdpr_consent=
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F367%2F429%2F2%2F7.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://id5-sync.com/c/367/429/2/7.gif?puid=7B075CE7-101E-4A79-8D4A-D4FF4B2C5B19&gdpr=0&gdpr_consent=
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F367%2F434%2F1%2F8.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent=
  • https://id5-sync.com/c/367/434/1/8.gif?puid=900bcf57-04e2-4f5d-964f-53669d1e435f&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=58&3pid=7B075CE7-101E-4A79-8D4A-D4FF4B2C5B19&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F367%2F1242%2F0%2F9.gif%3Fpuid%3D%5BSOVRNID%5D%...
  • https://id5-sync.com/c/367/1242/0/9.gif?puid=HwbYeQZHcHvqV0qFTXOwyLEy&gdpr=0&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/c/367/1242/0/9.gif?puid=HwbYeQZHcHvqV0qFTXOwyLEy&gdpr=0&gdpr_consent=
Protocol
H2
Server
162.19.138.120 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Sun, 03 Dec 2023 01:28:58 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"

Redirect headers

Pragma
no-cache
Date
Sun, 03 Dec 2023 01:28:59 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://id5-sync.com/c/367/1242/0/9.gif?puid=HwbYeQZHcHvqV0qFTXOwyLEy&gdpr=0&gdpr_consent=
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap6ewr1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
/
hde.tynt.com/deb/ Frame 293C
Redirect Chain
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdp...
  • https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consen...
  • https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_conse...
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip33.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
006fba401b7876d38e393b927ef52f46e2db905d29c93d92e30f45919d9808b6

Request headers

Referer
https://gfieldmoney.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
1723
content-type
text/html
date
Sun, 03 Dec 2023 01:28:57 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
0
date
Sun, 03 Dec 2023 01:28:56 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
location
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url
/
hde.tynt.com/deb/ Frame E2C8
Redirect Chain
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26g...
  • https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_cons...
  • https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_con...
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip33.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
dcf1d99d8bedf160d51105831f01c84b362c4b31e508d5d6761b3b64faa92213

Request headers

Referer
https://gfieldmoney.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
1738
content-type
text/html
date
Sun, 03 Dec 2023 01:28:57 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
0
date
Sun, 03 Dec 2023 01:28:57 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
location
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F42F 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gfieldmoney.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
192022
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 30 Nov 2023 20:08:35 GMT
expires
Fri, 29 Nov 2024 20:08:35 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 568A 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
4fcc863743fe3fa2fa4cffc0b4d7bfaa5a3f23551ddb018ba7a2aa3e52aac5bc
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-PiFbbPV3kU6inlusF11R9A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gfieldmoney.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-PiFbbPV3kU6inlusF11R9A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 03 Dec 2023 01:28:57 GMT
expires
Sun, 03 Dec 2023 01:28:57 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame F42F 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 20:06:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
19338
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 01 Dec 2024 20:06:39 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 568A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311150101&jk=1832854516823858&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame F42F 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?84BZaQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:57 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usync.html
eus.rubiconproject.com/ Frame 7343
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy=1YNY
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1YNY
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1YNY
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.217.173.107 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-217-173-107.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 03 Dec 2023 01:28:58 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 03 Dec 2023 01:28:57 GMT
location
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1YNY
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0309
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=1YNY&ts=1701566937800.7&ri=25&ru=https%3A%2F%2Fads.pubmatic.com%2FAdServer%2Fjs%2Fuser_sync.html%3F%26p%3D156423%26us_privacy%3D%24%7BUS_PRIVACY%7D%26pre...
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=1YNY&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D1YNY%26bidder_id%3D25%26external_user_...
16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=1YNY&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D1YNY%26bidder_id%3D25%26external_user_id%3D
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.62.105.11 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-62-105-11.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=132086
content-encoding
gzip
content-length
5622
content-type
text/html
date
Sun, 03 Dec 2023 01:28:57 GMT
expires
Mon, 04 Dec 2023 14:10:23 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
date
Sun, 03 Dec 2023 01:28:57 GMT
expires
Thu, 01-Jan-70 00:00:01 GMT
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=1YNY&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D1YNY%26bidder_id%3D25%26external_user_id%3D
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma
no-cache
referrer-policy
unsafe-url
server
33XP005
x-33x-status
40000000008200000A
setuid
prebid-server.rubiconproject.com/ Frame E2C8
Redirect Chain
  • https://ssc-cms.33across.com/ps/?_=1701566937800.&ri=zzz000000000002zzz&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1YNY&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%...
  • https://prebid-server.rubiconproject.com/setuid?bidder=33across&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&account=&f=b&uid=212365417016861
0
796 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=33across&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&account=&f=b&uid=212365417016861
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
HTTP/1.1
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html

Redirect headers

pragma
no-cache
date
Sun, 03 Dec 2023 01:28:57 GMT
referrer-policy
unsafe-url
server
33XP007
x-33x-status
100000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://prebid-server.rubiconproject.com/setuid?bidder=33across&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&account=&f=b&uid=212365417016861
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame E2C8
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy=1YNY
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=the33across&bsw_user_id=a79111c6-27ff-47f3-a668-26bb7e3273b1&gdpr=&gdpr_consent=&us_privacy=1YNY
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=the33across&bsw_user_id=a79111c6-27ff-47f3-a668-26bb7e3273b1&gdpr=&gdpr_consent=&us_privacy=1YNY
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=3fd4a5c6-c1b7-4e65-a25c-d64c9546866e&ssp=the33across&us_privacy=1YNY
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=1YNY&xu=a79111c6-27ff-47f3-a668-26bb7e3273b1
  • https://events-ssc.33across.com/match?bidder_id=10&external_user_id=a79111c6-27ff-47f3-a668-26bb7e3273b1&ts=1701566938&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1YNY
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=a79111c6-27ff-47f3-a668-26bb7e3273b1&ts=1701566938&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1YNY
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:58 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sun, 03 Dec 2023 01:28:57 GMT
referrer-policy
unsafe-url
server
33XP012
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=a79111c6-27ff-47f3-a668-26bb7e3273b1&ts=1701566938&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1YNY
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame E2C8
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-LARzBQ9E2uGEfg3BzrPmhMGWmAOAA9i4~A
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-LARzBQ9E2uGEfg3BzrPmhMGWmAOAA9i4%7EA&ts=1701566937&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-LARzBQ9E2uGEfg3BzrPmhMGWmAOAA9i4%7EA&ts=1701566937&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:58 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sun, 03 Dec 2023 01:28:57 GMT
referrer-policy
unsafe-url
server
33XP006
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-LARzBQ9E2uGEfg3BzrPmhMGWmAOAA9i4%7EA&ts=1701566937&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame E2C8
Redirect Chain
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy=1YNY
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=1541c18b361504&is_secure=true&networkId=78390&version=1&us_privacy=1YNY
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAAHd2LSLliL9wMwsizvAAAAAAA&expiration=1701653337&is_secure=true&us_privacy=1YNY
  • https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAHd2LSLliL9wMwsizvAAAAAAA&ts=1701566938&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1YNY
68 B
117 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAHd2LSLliL9wMwsizvAAAAAAA&ts=1701566938&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1YNY
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:58 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sun, 03 Dec 2023 01:28:57 GMT
referrer-policy
unsafe-url
server
33XP008
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAHd2LSLliL9wMwsizvAAAAAAA&ts=1701566938&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1YNY
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame E2C8
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=1YNY&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D1YNY%26xi%3D33%26xu%3D%24UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=1YNY&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D1YNY%26xi%3D33%26xu%3D%24UID
  • https://ssc-cms.33across.com/ps/?us_privacy=1YNY&xi=33&xu=1522299549400378201894
  • https://events-ssc.33across.com/match?bidder_id=33&external_user_id=1522299549400378201894&ts=1701566938&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1YNY
68 B
117 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=33&external_user_id=1522299549400378201894&ts=1701566938&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1YNY
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:58 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sun, 03 Dec 2023 01:28:57 GMT
referrer-policy
unsafe-url
server
33XP016
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=33&external_user_id=1522299549400378201894&ts=1701566938&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1YNY
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
usync.html
eus.rubiconproject.com/ Frame B9CC
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy=1YNY
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1YNY
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1YNY
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.217.173.107 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-217-173-107.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 03 Dec 2023 01:28:58 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 03 Dec 2023 01:28:57 GMT
location
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1YNY
server
AkamaiGHost
match
events-ssc.33across.com/ Frame 293C
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy=1YNY
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dthe33...
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=09213d99cd244062811ca84e9c789758&ssp=the33across&bsw_param=a79111c6-27ff-47f3-a668-26bb7e3273b1&gdpr=&consent=&gdpr_pd=&expires=7
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=a79111c6-27ff-47f3-a668-26bb7e3273b1
  • https://events-ssc.33across.com/match?bidder_id=10&external_user_id=a79111c6-27ff-47f3-a668-26bb7e3273b1&ts=1701566938&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=a79111c6-27ff-47f3-a668-26bb7e3273b1&ts=1701566938&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:58 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sun, 03 Dec 2023 01:28:58 GMT
referrer-policy
unsafe-url
server
33XP016
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=a79111c6-27ff-47f3-a668-26bb7e3273b1&ts=1701566938&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 293C
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-LARzBQ9E2uGEfg3BzrPmhMGWmAOAA9i4~A
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-LARzBQ9E2uGEfg3BzrPmhMGWmAOAA9i4%7EA&ts=1701566937&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-LARzBQ9E2uGEfg3BzrPmhMGWmAOAA9i4%7EA&ts=1701566937&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:58 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sun, 03 Dec 2023 01:28:57 GMT
referrer-policy
unsafe-url
server
33XP017
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-LARzBQ9E2uGEfg3BzrPmhMGWmAOAA9i4%7EA&ts=1701566937&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 293C
Redirect Chain
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy=1YNY
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=494ddc10859d1504&is_secure=true&networkId=78390&version=1&us_privacy=1YNY
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAAG9Ep3bJaonANQVhqkAAAAAAA&expiration=1701653337&is_secure=true&us_privacy=1YNY
  • https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAG9Ep3bJaonANQVhqkAAAAAAA&ts=1701566938&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1YNY
68 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAG9Ep3bJaonANQVhqkAAAAAAA&ts=1701566938&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1YNY
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:58 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sun, 03 Dec 2023 01:28:57 GMT
referrer-policy
unsafe-url
server
33XP007
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAG9Ep3bJaonANQVhqkAAAAAAA&ts=1701566938&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1YNY
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 293C
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=1YNY&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D1YNY%26xi%3D33%26xu%3D%24UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=1YNY&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D1YNY%26xi%3D33%26xu%3D%24UID
  • https://ssc-cms.33across.com/ps/?us_privacy=1YNY&xi=33&xu=1522299549400378201894
  • https://events-ssc.33across.com/match?bidder_id=33&external_user_id=1522299549400378201894&ts=1701566938&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1YNY
68 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=33&external_user_id=1522299549400378201894&ts=1701566938&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1YNY
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:58 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sun, 03 Dec 2023 01:28:57 GMT
referrer-policy
unsafe-url
server
33XP005
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=33&external_user_id=1522299549400378201894&ts=1701566938&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1YNY
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F0CE
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=1YNY&ts=1701566937800.7&ri=25&ru=https%3A%2F%2Fads.pubmatic.com%2FAdServer%2Fjs%2Fuser_sync.html%3F%26p%3D156423%26us_privacy%3D%24%7BUS_PRIVACY%7D%26pre...
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=1YNY&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D1YNY%26bidder_id%3D25%26external_user_...
16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=1YNY&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D1YNY%26bidder_id%3D25%26external_user_id%3D
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.62.105.11 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-62-105-11.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=132086
content-encoding
gzip
content-length
5622
content-type
text/html
date
Sun, 03 Dec 2023 01:28:57 GMT
expires
Mon, 04 Dec 2023 14:10:23 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
date
Sun, 03 Dec 2023 01:28:57 GMT
expires
Thu, 01-Jan-70 00:00:01 GMT
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=1YNY&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D1YNY%26bidder_id%3D25%26external_user_id%3D
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma
no-cache
referrer-policy
unsafe-url
server
33XP020
x-33x-status
40000000008200000A
setuid
prebid.production.adthrive.com/ Frame 293C
Redirect Chain
  • https://ssc-cms.33across.com/ps/?_=1701566937800.&ri=zzz000000000002zzz&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1YNY&ru=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3D33across%26...
  • https://prebid.production.adthrive.com/setuid?bidder=33across&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&f=b&uid=212365417016861
0
783 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.production.adthrive.com/setuid?bidder=33across&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&f=b&uid=212365417016861
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
H2
Server
44.237.208.214 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-237-208-214.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
text/html
pragma
no-cache
date
Sun, 03 Dec 2023 01:28:57 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0

Redirect headers

pragma
no-cache
date
Sun, 03 Dec 2023 01:28:57 GMT
referrer-policy
unsafe-url
server
33XP004
x-33x-status
100000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://prebid.production.adthrive.com/setuid?bidder=33across&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&f=b&uid=212365417016861
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311150101&jk=1832854516823858&bg=!lZalltnNAAY3kmNgF5I7ADQBe5WfOI2h3hTEA3KPqBG6l-j6nLfTciNhfs6PLLK0ebHySr92H2oIUwoS47kdQzpKqb6MAgAAAGhSAAAABGgBBwoAQtLWtYLu2-QVGTv7dBYYHbxmB6k2IE15WAEDCObAVyVVCf5iZ5BQEel5t5dwigrbr-9rae-gbQZfL7RvLQRL4em7UZkCt5diDNSGvEwrDxzfHsQJM6ObzyFRKXqxeFYcJri-rGcMxNnjUEfCRO-iBeY-vi131db0cGXVohb7ustIK8enhJ2JcFjeDyle61z6LPW8PNMeDgVLyZyQ9FvmJvDL6sFPYl1ctZcULsug8xh_648JLR2ktdcNdAf09xWf-OiYk6nEeOtEqjhM-wDIJrdvMcifTCH-d2jisQXdNUD7cVZW7KzdHfT1W-1UkLtfCveBH64GldpFAgn_tO6NY_7sxgnRNn_R81_cja7hXt5zg9oG87ydCHDCGwNUk8mg-dBaTjXALZT1u7xGeU5eGXD85i-x6XtWhyNnki3ZtBZsuQqIb0T91Z2b3KuN5i1WFWmSTEzmZ-92TE35Tjjn2w3cQnpegUVG_lGqtdnhup-DZ3IXwuycHZrL7DA3C19TZCxSnXKWsABWQUmpUcrLc4BbLmcEbS3wAAGcT0Iv6zAynwRcNX8zALbMBCXA9stvlLVW-4H7KCXU8cBNSbJgA-VIdY8zvvURbMM4nLJHcggEp8zcVp9zthvxACbl0rolDaG6ZVvQBRbAV3FqLEykLJglCo2er5pJnNqGEp3euQtklEBjl_VYRkWNE0nw3eQY9TUpBujYUfdZIzio4S6n75wXea3_xXgW9BN3P3OeYU7Sh00cuYql9vaUuOs91TZr-iB1zjbpHfqeoDYk074hO2uoo5BmpFZe1IVAr3ZL39LrZFgfHXEmDoBP9J3ryS65igmBMcRL8iqqFiDV3g2-OyDrvl77Dja_PK51hwV_iOJqLy_0UPekL0zMNn4Sjc3sr471jqSQW352VqwZS0oWcVLiYvxQamC3ueXE1AWjnoC5omf3kGypQdRThba7wjO3Tcy1woodVcS3A0fK3cQQdsgjBhjDX8DYJg7hp0BH4XuAHpxAE57rw8t8bC9u
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
PugMaster
image6.pubmatic.com/AdServer/ Frame 0309 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=21917138&p=156423&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YNY
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=1YNY&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D1YNY%26bidder_id%3D25%26external_user_id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
07ab10c24484e859e8cba23f35d20dcf27102b29a2bfb458bef2f2d861087783

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Sun, 03 Dec 2023 01:28:57 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usync.js
eus.rubiconproject.com/ Frame 7343 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1YNY
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.217.173.107 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-217-173-107.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
967955e0fe2f5def1affe5e2189e858bf82c9f989074b242dcb5643e42912101

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1YNY
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Sun, 03 Dec 2023 01:28:58 GMT
Content-Encoding
gzip
Last-Modified
Sat, 02 Dec 2023 18:12:58 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=60270
Connection
keep-alive
Content-Length
13236
Expires
Sun, 03 Dec 2023 18:13:28 GMT
usync.js
eus.rubiconproject.com/ Frame B9CC 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1YNY
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.217.173.107 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-217-173-107.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
967955e0fe2f5def1affe5e2189e858bf82c9f989074b242dcb5643e42912101

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1YNY
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Sun, 03 Dec 2023 01:28:58 GMT
Content-Encoding
gzip
Last-Modified
Sat, 02 Dec 2023 18:12:58 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=60270
Connection
keep-alive
Content-Length
13236
Expires
Sun, 03 Dec 2023 18:13:28 GMT
dcm
s.amazon-adsystem.com/ Frame 3954
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=7B075CE7-101E-4A79-8D4A-D4FF4B2C5B19&redir=true&gdpr=0&gdpr_consent=
  • https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=7B075CE7-101E-4A79-8D4A-D4FF4B2C5B19&redir=true&gdpr=0&gdpr_consent=&dcc=t
43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=7B075CE7-101E-4A79-8D4A-D4FF4B2C5B19&redir=true&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=1YNY&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D1YNY%26bidder_id%3D25%26external_user_id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sun, 03 Dec 2023 01:28:58 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
Y3H4S2ZR01EEAQ1VXE4Q

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Sun, 03 Dec 2023 01:28:58 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=7B075CE7-101E-4A79-8D4A-D4FF4B2C5B19&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
VRFQ4G09RZHY2JVT7X08
Pug
simage2.pubmatic.com/AdServer/ Frame 9312
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6848836367408275229&gdpr=0&gdpr_consent=
42 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6848836367408275229&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=1YNY&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D1YNY%26bidder_id%3D25%26external_user_id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 03 Dec 2023 01:28:58 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
9f389bb1-514c-4ad9-a150-d50cc21ebe52
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Sun, 03 Dec 2023 01:28:58 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6848836367408275229&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
96.9.249.43; 96.9.249.43; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
Pug
image2.pubmatic.com/AdServer/ Frame EF0F
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCRy0wN0sxN1FBQUJhb1gzeEtHUQ&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Csyn%2Cpm&bee_sync_current_partner=adx&b...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AABG-07K17QAABaoX3xKGQ&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Csyn%252C...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Csyn%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=9176360673980405968&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?ev=AABG-07K17QAABaoX3xKGQ&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D9176360673980405968%26gdpr%3D0%26gdpr_consen...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=9176360673980405968&gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=A...
  • https://sync.technoratimedia.com/services?uid=AABG-07K17QAABaoX3xKGQ&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D9176360673980405968%26gdpr%3D0%26gdpr%3D0%...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=9176360673980405968&gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=4
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABG-07K17QAABaoX3xKGQ&gdpr=0
42 B
278 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABG-07K17QAABaoX3xKGQ&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=1YNY&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D1YNY%26bidder_id%3D25%26external_user_id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 03 Dec 2023 01:28:59 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Sun, 03 Dec 2023 01:28:59 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABG-07K17QAABaoX3xKGQ&gdpr=0
strict-transport-security
max-age=2592000; includeSubDomains
141
match.deepintent.com/usersync/ Frame A450 		0
337 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=1YNY&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D1YNY%26bidder_id%3D25%26external_user_id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 Ashburn, United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
0
content-type
image/gif
date
Sun, 03 Dec 2023 01:28:57 GMT
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
server
b
Pug
image2.pubmatic.com/AdServer/ Frame 103C
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=WZx6eQuQKHpCkX9_Wcthf1_LdCtCynR9W5_oKrAs
42 B
337 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=WZx6eQuQKHpCkX9_Wcthf1_LdCtCynR9W5_oKrAs
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=1YNY&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D1YNY%26bidder_id%3D25%26external_user_id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 03 Dec 2023 01:28:58 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Sun, 03 Dec 2023 01:28:58 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=WZx6eQuQKHpCkX9_Wcthf1_LdCtCynR9W5_oKrAs
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/ Frame AFCB
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...
85 B
236 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZWvZ2gAEFI0d-gBU
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=1YNY&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D1YNY%26bidder_id%3D25%26external_user_id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Sun, 03 Dec 2023 01:28:58 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-yyz4529-YYZ
x-timer
S1701566939.543351,VS0,VE21

Redirect headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
0
date
Sun, 03 Dec 2023 01:28:58 GMT
location
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZWvZ2gAEFI0d-gBU
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-yyz4529-YYZ
x-timer
S1701566938.471995,VS0,VE22
Pug
simage2.pubmatic.com/AdServer/ Frame 4F2D
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=a79111c6-27ff-47f3-a668-26bb7e3273b1&gdpr=0&gdpr_consent=&gdpr_pd=
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=pubmatic&user_id=csonata_020ec5e4-5835-4ca2-8dfd-164e6858431f&bsw_param=a79111c6-27ff-47f3-a668-26bb7e3273b1&expires=10&gdpr=0&gdpr_consent=&gdpr_pd=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=a79111c6-27ff-47f3-a668-26bb7e3273b1&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
1 B
165 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=a79111c6-27ff-47f3-a668-26bb7e3273b1&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=1YNY&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D1YNY%26bidder_id%3D25%26external_user_id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Sun, 03 Dec 2023 01:28:58 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Sun, 03 Dec 2023 01:28:58 GMT
Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=a79111c6-27ff-47f3-a668-26bb7e3273b1&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Server
nginx
pbmtc.gif
beacon.lynx.cognitivlabs.com/ Frame ABF0
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=599d435b-0934-4e88-96dd-836ec3b5a894&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=$...
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=7B075CE7-101E-4A79-8D4A-D4FF4B2C5B19
42 B
489 B 		Document
General
Check archive.org
Download Go to
Full URL
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=7B075CE7-101E-4A79-8D4A-D4FF4B2C5B19
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=1YNY&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D1YNY%26bidder_id%3D25%26external_user_id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.81.68.127 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-81-68-127.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Content-Length
42
Content-Type
image/gif
Date
Sun, 03 Dec 2023 01:28:58 GMT
Server
Kestrel

Redirect headers

cache-control
no-store, no-cache, private
date
Sun, 03 Dec 2023 01:28:58 GMT
location
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=7B075CE7-101E-4A79-8D4A-D4FF4B2C5B19
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame 6BF3
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=54d6d3ea-917b-11ee-bfe1-024aadfc323b
42 B
243 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=54d6d3ea-917b-11ee-bfe1-024aadfc323b
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=1YNY&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D1YNY%26bidder_id%3D25%26external_user_id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 03 Dec 2023 01:28:57 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
0
content-type
image/gif
date
Sun, 03 Dec 2023 01:28:58 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=54d6d3ea-917b-11ee-bfe1-024aadfc323b
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
lga-delivery-7
Pug
simage2.pubmatic.com/AdServer/ Frame 4DE6
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=ZGHPi6SLXD9Csh2xxgNtGmAJ-Ss&gdpr=0&gdpr_consent=
42 B
378 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=ZGHPi6SLXD9Csh2xxgNtGmAJ-Ss&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=1YNY&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D1YNY%26bidder_id%3D25%26external_user_id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 03 Dec 2023 01:28:56 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Sun, 03 Dec 2023 01:28:58 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=ZGHPi6SLXD9Csh2xxgNtGmAJ-Ss&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame 756B
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:kabkwUtO1R9Bi25&gdpr=0&gdpr_consent=
42 B
219 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:kabkwUtO1R9Bi25&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=1YNY&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D1YNY%26bidder_id%3D25%26external_user_id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 03 Dec 2023 01:28:57 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Sun, 03 Dec 2023 01:28:57 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:kabkwUtO1R9Bi25&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-01c3d2cfb37128ead@us-east-1e@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
usersync.aspx
dis.criteo.com/dis/ Frame F84C 		43 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=1YNY&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D1YNY%26bidder_id%3D25%26external_user_id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Sun, 03 Dec 2023 01:28:58 GMT
expires
Sun, 03 Dec 2023 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
171393
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
image2.pubmatic.com/AdServer/ Frame 6010
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1791377154225342206
42 B
194 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1791377154225342206
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=1YNY&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D1YNY%26bidder_id%3D25%26external_user_id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 03 Dec 2023 01:28:58 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Sun, 03 Dec 2023 01:28:58 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1791377154225342206
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
i.match
s.tribalfusion.com/z/ Frame 7E3E
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
418 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=1YNY&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D1YNY%26bidder_id%3D25%26external_user_id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
82f809363b1c4bbd-BUF
content-length
43
content-type
image/gif; charset=utf-8
date
Sun, 03 Dec 2023 01:28:58 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
82f809359b184bbd-BUF
content-type
text/html
date
Sun, 03 Dec 2023 01:28:58 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
23045
Pug
image2.pubmatic.com/AdServer/ Frame 59CA
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUf6bd816491224d8bb8b02247b0c4128b
42 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUf6bd816491224d8bb8b02247b0c4128b
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=1YNY&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D1YNY%26bidder_id%3D25%26external_user_id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 03 Dec 2023 01:28:58 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
166
content-type
text/html; charset=utf-8
date
Sun, 03 Dec 2023 01:28:58 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUf6bd816491224d8bb8b02247b0c4128b
pragma
no-cache
server
nginx
pubmatic
ad.mrtnsvr.com/sync/ Frame C822 		0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 4AFE
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
79 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=1YNY&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D1YNY%26bidder_id%3D25%26external_user_id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sun, 03 Dec 2023 01:28:58 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Sun, 03 Dec 2023 01:28:58 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
match
events-ssc.33across.com/ Frame B5F9 		68 B
82 B 		Document
General
Check archive.org
Download Go to
Full URL
https://events-ssc.33across.com/match?liv=h&us_privacy=1YNY&bidder_id=25&external_user_id=7B075CE7-101E-4A79-8D4A-D4FF4B2C5B19
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=1YNY&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D1YNY%26bidder_id%3D25%26external_user_id%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png
date
Sun, 03 Dec 2023 01:28:58 GMT
via
1.1 google
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0309
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ewdc5xAeSnmNStT_SyxbGQ%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
H2
Server
23.62.105.11 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-62-105-11.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:58 GMT
content-encoding
gzip
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=132085
accept-ranges
bytes
content-length
5622
expires
Mon, 04 Dec 2023 14:10:23 GMT

Redirect headers

pragma
no-cache
date
Sun, 03 Dec 2023 01:28:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame 0309
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=7B075CE7-101E-4A79-8D4A-D4FF4B2C5B19
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=7B075CE7-101E-4A79-8D4A-D4FF4B2C5B19
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=55b7d429-6808-4fd5-b678-70879cd1adec%252C%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=0aefc4a5-4b50-4aeb-845b-55f3253f3643&ttd_puid=55b7d429-6808-4fd5-b678-70879cd1adec%2C%2C
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=0aefc4a5-4b50-4aeb-845b-55f3253f3643&ttd_puid=55b7d429-6808-4fd5-b678-70879cd1adec%2C%2C
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:58 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=0aefc4a5-4b50-4aeb-845b-55f3253f3643&ttd_puid=55b7d429-6808-4fd5-b678-70879cd1adec%2C%2C
date
Sun, 03 Dec 2023 01:28:58 GMT
server
Kestrel
content-length
359
FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3A...
us01.z.antigena.com/l/ Frame 0309 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%207B075CE7-101E-4A79-8D4A-D4FF4B2C5B19&rnd=RND
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
40.76.134.238 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
xuid
eb2.3lift.com/ Frame 0309 		37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7976&xuid=7B075CE7-101E-4A79-8D4A-D4FF4B2C5B19&dongle=u6nf&gdpr=0&gdpr_consent=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 03 Dec 2023 01:28:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
Pug
image2.pubmatic.com/AdServer/ Frame 0309
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=N0IwNzVDRTctMTAxRS00QTc5LThENEEtRDRGRjRCMkM1QjE5&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 03 Dec 2023 01:28:57 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 03 Dec 2023 01:28:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 0309
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEP70c1f3ON7H_16blMC1dCk&google_cver=1
42 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEP70c1f3ON7H_16blMC1dCk&google_cver=1
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 03 Dec 2023 01:28:58 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 03 Dec 2023 01:28:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEP70c1f3ON7H_16blMC1dCk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 0309
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:A0094357F4164D11BAF4FA6E045A129E
42 B
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:A0094357F4164D11BAF4FA6E045A129E
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 03 Dec 2023 01:28:58 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Sun, 03 Dec 2023 01:28:58 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:A0094357F4164D11BAF4FA6E045A129E
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sat, 02 Dec 2023 01:28:58 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 0309
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=0aefc4a5-4b50-4aeb-845b-55f3253f3643&gdpr=0&gdpr_consent=
42 B
393 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=0aefc4a5-4b50-4aeb-845b-55f3253f3643&gdpr=0&gdpr_consent=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 02 Dec 2023 16:20:18 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=0aefc4a5-4b50-4aeb-845b-55f3253f3643&gdpr=0&gdpr_consent=
date
Sun, 03 Dec 2023 01:28:58 GMT
server
Kestrel
content-length
355
7B075CE7-101E-4A79-8D4A-D4FF4B2C5B19
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 0309 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/7B075CE7-101E-4A79-8D4A-D4FF4B2C5B19?gdpr=0&gdpr_consent=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:739a:80b0:b95:4dd1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:58 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
SPug
image4.pubmatic.com/AdServer/ Frame 0309
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=7B075CE7-101E-4A79-8D4A-D4FF4B2C5B19&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-l85RRYpE2uU2YGAxgLDsl7CiIcAoiHc-~A&gdpr=0
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-l85RRYpE2uU2YGAxgLDsl7CiIcAoiHc-~A&gdpr=0
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
H2
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 16:19:20 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-l85RRYpE2uU2YGAxgLDsl7CiIcAoiHc-~A&gdpr=0
date
Sun, 03 Dec 2023 01:28:58 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 0309
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=7B075CE7-101E-4A79-8D4A-D4FF4B2C5B19&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=2e18ff97413a1504&is_secure=true&networkId=17100&version=1&nuid=7B075CE7-101E-4A79-8D4A-D4FF4B2C5B19&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAHVrN4QL-q8gMIgchfAAAAAAA&expiration=1701653338&nuid=7B075CE7-101E-4A79-8D4A-D4FF4B2C5B19&...
42 B
524 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAHVrN4QL-q8gMIgchfAAAAAAA&expiration=1701653338&nuid=7B075CE7-101E-4A79-8D4A-D4FF4B2C5B19&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 03 Dec 2023 01:28:57 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 03 Dec 2023 01:28:58 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAHVrN4QL-q8gMIgchfAAAAAAA&expiration=1701653338&nuid=7B075CE7-101E-4A79-8D4A-D4FF4B2C5B19&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 0309
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=5a4df778-f627-4743-8570-98b1bd159585&gdpr=0&gdpr_consent=
1 B
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=5a4df778-f627-4743-8570-98b1bd159585&gdpr=0&gdpr_consent=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Sat, 02 Dec 2023 15:53:59 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=5a4df778-f627-4743-8570-98b1bd159585&gdpr=0&gdpr_consent=
Date
Sun, 03 Dec 2023 01:28:58 GMT
Connection
keep-alive
X-CI-RTID
8bc4ccd8-1543-429e-aed5-ee443ef420cc
Content-Length
205
Content-Type
text/html; charset=utf-8
CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame 0309 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.175.39.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-175-39-171.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:58 GMT
sn.ashx
pmp.mxptint.net/ Frame 0309
Redirect Chain
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R35CA5_10D16C7E3_D30EA2AF&r=https://pmp.mxptint.net/sn.ashx?ak=1
  • https://pmp.mxptint.net/sn.ashx?ak=1
43 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pmp.mxptint.net/sn.ashx?ak=1
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
HTTP/1.1
Server
38.68.201.140 Ashburn, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=-384571738; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Expires
-1
Pragma
no-cache
Date
Sun, 03 Dec 2023 01:28:58 GMT
Cache-Control
no-cache
Strict-Transport-Security
max-age=-384571738; includeSubDomains
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://pmp.mxptint.net/sn.ashx?ak=1
date
Sat, 02 Dec 2023 16:21:17 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame 0309
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3447890898502012593&gdpr=0&gdpr_consent=&us_privacy=
1 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3447890898502012593&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Sun, 03 Dec 2023 01:28:58 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3447890898502012593&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sun, 03 Dec 2023 01:28:58 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
image2.pubmatic.com/AdServer/ Frame 0309
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=0995b0c7-515f-4d0c-8d64-3489ea5938b1-656bd9da-5553&gdpr=0&gdpr_consent=
42 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=0995b0c7-515f-4d0c-8d64-3489ea5938b1-656bd9da-5553&gdpr=0&gdpr_consent=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 03 Dec 2023 01:28:58 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 03 Dec 2023 01:28:58 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=0995b0c7-515f-4d0c-8d64-3489ea5938b1-656bd9da-5553&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 0309
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=231339593526673310
42 B
241 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=231339593526673310
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 03 Dec 2023 01:28:57 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 03 Dec 2023 01:28:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=231339593526673310
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
khaos.json
token.rubiconproject.com/ Frame 7343 		7 B
819 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?us_privacy=1YNY
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
a3627e8efa32d23b7838eace974fecff
Expires
0
khaos.json
token.rubiconproject.com/ Frame B9CC 		7 B
819 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?us_privacy=1YNY
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
a3627e8efa32d23b7838eace974fecff
Expires
0
setuid
prebid.production.adthrive.com/
Redirect Chain
  • https://crb.kargo.com/api/v1/dsync/PrebidServer?gdpr=&gdpr_consent=&us_privacy=1YNY&r=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3Dkargo%26gdpr%3D%26gdpr_consent%3D%26us_privacy...
  • https://prebid.production.adthrive.com/setuid?bidder=kargo&f=i&uid=715ff07b-5a38-8ad3-faae-56d15b4034d2&us_privacy=1YNY
86 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.production.adthrive.com/setuid?bidder=kargo&f=i&uid=715ff07b-5a38-8ad3-faae-56d15b4034d2&us_privacy=1YNY
Protocol
H2
Server
44.237.208.214 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-237-208-214.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Sun, 03 Dec 2023 01:28:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
expires
0

Redirect headers

pragma
no-cache
date
Sun, 03 Dec 2023 01:28:58 GMT
content-encoding
gzip
x-accel-expires
0
vary
Origin
content-type
text/html; charset=utf-8
location
https://prebid.production.adthrive.com/setuid?bidder=kargo&f=i&uid=715ff07b-5a38-8ad3-faae-56d15b4034d2&us_privacy=1YNY
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
160
expires
Thu, 01 Jan 1970 00:00:00 UTC
match
events-ssc.33across.com/ Frame 7343
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=1YNY&us_privacy=1YNY&khaos=LPOT0PQP-U-9UAG
  • https://ssc-cms.33across.com/ps/?xi=1&xu=LPOT0PQP-U-9UAG&us_privacy=1YNY
  • https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LPOT0PQP-U-9UAG&ts=1701566938&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1YNY
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LPOT0PQP-U-9UAG&ts=1701566938&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1YNY
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:58 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sun, 03 Dec 2023 01:28:58 GMT
referrer-policy
unsafe-url
server
33XP016
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LPOT0PQP-U-9UAG&ts=1701566938&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1YNY
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
pixel
cm.g.doubleclick.net/ Frame 7343
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&us_privacy=1YNY
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFBPVDBQUVAtVS05VUFH&us_privacy=1YNY
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELXedqFOV1_DzhbOjY_1b3M&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBPVDBQUVAtVS05VUFH&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBPVDBQUVAtVS05VUFH&google_push=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
H3
Server
142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 01:28:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBPVDBQUVAtVS05VUFH&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
2dd9fa24169fa04536d533da131679f8
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 7343
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon?us_privacy=1YNY
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=0aefc4a5-4b50-4aeb-845b-55f3253f3643&gdpr=0&gdpr_consent=&expires=30
42 B
884 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=0aefc4a5-4b50-4aeb-845b-55f3253f3643&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
6734403d2cb3625dc1fef1bbd4a17cf3
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=0aefc4a5-4b50-4aeb-845b-55f3253f3643&gdpr=0&gdpr_consent=&expires=30
date
Sun, 03 Dec 2023 01:28:58 GMT
server
Kestrel
content-length
289
tap.php
pixel.rubiconproject.com/ Frame 7343
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1YNY
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENthpKR7VvYpsr7Dq7DZomU&google_cver=1
42 B
884 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENthpKR7VvYpsr7Dq7DZomU&google_cver=1
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
2dd9fa24169fa04536d533da131679f8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sun, 03 Dec 2023 01:28:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENthpKR7VvYpsr7Dq7DZomU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
px.ads.linkedin.com/ Frame 7343
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584&us_privacy=1YNY
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LPOT0PQP-U-9UAG&us_privacy=1YNY
0
730 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LPOT0PQP-U-9UAG&us_privacy=1YNY
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:57 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 033924A2D7CA426E8273AC891A7E543B Ref B: EWR311000102031 Ref C: 2023-12-03T01:28:58Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYLkOzzc78j4oJZpc2PgQ==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LPOT0PQP-U-9UAG&us_privacy=1YNY
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a3627e8efa32d23b7838eace974fecff
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 7343
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1YNY
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/YGKT0y1IhFxe8r8vrk8KjQ?csrc=&us_privacy=1YNY
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-8PnyjJ5E2oJ3OmYotXJxDbKpdp1xgtvKPjRT1w--~A
42 B
884 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-8PnyjJ5E2oJ3OmYotXJxDbKpdp1xgtvKPjRT1w--~A
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
6734403d2cb3625dc1fef1bbd4a17cf3
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Sun, 03 Dec 2023 01:28:58 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-8PnyjJ5E2oJ3OmYotXJxDbKpdp1xgtvKPjRT1w--~A
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 7343
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us&us_privacy=1YNY
  • https://s.amazon-adsystem.com/ecm3?id=LPOT0PQP-U-9UAG&ex=d-rubiconproject.com&status=ok&us_privacy=1YNY
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LPOT0PQP-U-9UAG&ex=d-rubiconproject.com&status=ok&us_privacy=1YNY
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 03 Dec 2023 01:28:58 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
QFA714MQH4NA9MQZ13BJ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LPOT0PQP-U-9UAG&ex=d-rubiconproject.com&status=ok&us_privacy=1YNY
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
2dd9fa24169fa04536d533da131679f8
Expires
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 7343 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&us_privacy=1YNY
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.126.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 03 Dec 2023 01:28:59 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
SZ5QS9NA7YANNS8HP71P
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7343
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1YNY
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjY2NzMxYTliNGU0NDVkZDhlNGU3MzFhMjAzMGI2MjQyZmNkOGEyYw&us_privacy=1YNY
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjY2NzMxYTliNGU0NDVkZDhlNGU3MzFhMjAzMGI2MjQyZmNkOGEyYw&us_privacy=1YNY
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
H3
Server
142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 01:28:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjY2NzMxYTliNGU0NDVkZDhlNGU3MzFhMjAzMGI2MjQyZmNkOGEyYw&us_privacy=1YNY
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a3627e8efa32d23b7838eace974fecff
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 7343
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1YNY
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=7gTfNIEOSTOy6fqyiHCmYw&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=7gTfNIEOSTOy6fqyiHCmYw
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=7gTfNIEOSTOy6fqyiHCmYw
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 03 Dec 2023 01:28:58 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
EPHCSE2QNW8AKSYNGGA0
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=7gTfNIEOSTOy6fqyiHCmYw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
2dd9fa24169fa04536d533da131679f8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 7343
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&us_privacy=1YNY
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AABG-07K17QAABaoX3xKGQ&expires=30
42 B
884 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AABG-07K17QAABaoX3xKGQ&expires=30
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
6734403d2cb3625dc1fef1bbd4a17cf3
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AABG-07K17QAABaoX3xKGQ&expires=30
Date
Sun, 03 Dec 2023 01:28:58 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
setuid
ib.adnxs.com/prebid/ Frame 7343
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn&us_privacy=1YNY
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LPOT0PQP-U-9UAG&us_privacy=1YNY
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LPOT0PQP-U-9UAG&us_privacy=1YNY
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
H2
Server
68.67.161.208 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 01:28:58 GMT
an-x-request-uuid
fd92e0b0-e260-4ae0-871a-4b902a94f7bf
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
96.9.249.43; 96.9.249.43; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LPOT0PQP-U-9UAG&us_privacy=1YNY
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
2dd9fa24169fa04536d533da131679f8
Expires
0
receive
pixel.tapad.com/idsync/ex/ Frame 7343
Redirect Chain
  • https://token.rubiconproject.com/token?pid=37556&a=1&us_privacy=1YNY
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LPOT0PQP-U-9UAG&us_privacy=1YNY
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LPOT0PQP-U-9UAG&us_privacy=1YNY
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:58 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

Location
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LPOT0PQP-U-9UAG&us_privacy=1YNY
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a3627e8efa32d23b7838eace974fecff
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ProfilesEngineServlet
sync1.intentiq.com/profiles_engine/ Frame 7343
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis&us_privacy=1YNY
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LPOT0PQP-U-9UAG&us_privacy=1YNY
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LPOT0PQP-U-9UAG
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LPOT0PQP-U-9UAG&ckls=true&ci=8quKQ5G2VG&nc=false&trid=-312443412
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LPOT0PQP-U-9UAG&ckls=true&ci=8quKQ5G2VG&nc=false&trid=-312443412
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
H2
Server
18.173.219.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-219-5.jfk52.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 01:28:59 GMT
via
1.1 78a5d96d9c348edf8a3fca2ba77f8e64.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
JFK52-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
PjtC677715xE_u60UVhDgZdetOyaWAotNBVwwjAWhDepPFmCHZbX1Q==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 03 Dec 2023 01:28:59 GMT
via
1.1 a3cc1cfce2f0f18de36e3834e18556b8.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
JFK52-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LPOT0PQP-U-9UAG&ckls=true&ci=8quKQ5G2VG&nc=false&trid=-312443412
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
patent
https://www.almondnet.com/ip
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
pIMVXDPiXA40d3kMsG0dnCW8ReLVWX61jaUOKHzBIrJaysC5qFL2SA==
expires
Thu, 01 Jan 1970 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 7343
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30&us_privacy=1YNY
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=5a4df778-f627-4743-8570-98b1bd159585&expires=30&us_privacy=1YNY
42 B
884 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=5a4df778-f627-4743-8570-98b1bd159585&expires=30&us_privacy=1YNY
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
6734403d2cb3625dc1fef1bbd4a17cf3
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=5a4df778-f627-4743-8570-98b1bd159585&expires=30&us_privacy=1YNY
Date
Sun, 03 Dec 2023 01:28:58 GMT
Connection
keep-alive
X-CI-RTID
531b56c2-5ec8-40bd-81f3-9c98955f8e55
Content-Length
164
Content-Type
text/html; charset=utf-8
merge
ce.lijit.com/ Frame 7343
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn&us_privacy=1YNY
  • https://ce.lijit.com/merge?pid=80&3pid=LPOT0PQP-U-9UAG&us_privacy=1YNY
  • https://ce.lijit.com/merge?pid=80&3pid=LPOT0PQP-U-9UAG&us_privacy=1YNY&dnr=1
43 B
663 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=80&3pid=LPOT0PQP-U-9UAG&us_privacy=1YNY&dnr=1
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
HTTP/1.1
Server
63.251.114.137 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 03 Dec 2023 01:28:59 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap6ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 03 Dec 2023 01:28:59 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ce.lijit.com/merge?pid=80&3pid=LPOT0PQP-U-9UAG&us_privacy=1YNY&dnr=1
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap6ewr1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
magnite
prebid.a-mo.net/setuid/ Frame 7343
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&us_privacy=1YNY
  • https://prebid.a-mo.net/setuid/magnite?uid=LPOT0PQP-U-9UAG&us_privacy=1YNY
0
450 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=LPOT0PQP-U-9UAG&us_privacy=1YNY
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
H2
Server
147.75.198.144 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:58 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid.a-mo.net/setuid/magnite?uid=LPOT0PQP-U-9UAG&us_privacy=1YNY
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6734403d2cb3625dc1fef1bbd4a17cf3
Expires
0
cksync
hb.yahoo.net/ Frame B9CC
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594&us_privacy=1YNY
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LPOT0PQP-U-9UAG&redir=true&us_privacy=1YNY
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LPOT0PQP-U-9UAG&redir=true&us_privacy=1YNY
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1yY0p0RWY1RTJ1RXJuNW13Q3RYSlBfX3lwTlhqMVg5R35B&ovsid=LPOT0PQP-U-9UAG&us_privacy=1YNY&dpid=58160
53 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1yY0p0RWY1RTJ1RXJuNW13Q3RYSlBfX3lwTlhqMVg5R35B&ovsid=LPOT0PQP-U-9UAG&us_privacy=1YNY&dpid=58160
Protocol
H2
Server
23.57.90.81 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-57-90-81.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Sun, 03 Dec 2023 01:28:59 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Sun, 03 Dec 2023 01:28:59 GMT

Redirect headers

location
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1yY0p0RWY1RTJ1RXJuNW13Q3RYSlBfX3lwTlhqMVg5R35B&ovsid=LPOT0PQP-U-9UAG&us_privacy=1YNY&dpid=58160
date
Sun, 03 Dec 2023 01:28:58 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
v1
match.sharethrough.com/sync/ Frame B9CC
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694&us_privacy=1YNY
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LPOT0PQP-U-9UAG&us_privacy=1YNY
68 B
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LPOT0PQP-U-9UAG&us_privacy=1YNY
Protocol
H2
Server
34.193.82.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-82-223.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:58 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LPOT0PQP-U-9UAG&us_privacy=1YNY
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6734403d2cb3625dc1fef1bbd4a17cf3
Expires
0
pixel
capi.connatix.com/us/ Frame B9CC
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564&us_privacy=1YNY
  • https://capi.connatix.com/us/pixel?puid=LPOT0PQP-U-9UAG&pId=11&gdpr=&gdpr_consent=&us_privacy=&us_privacy=1YNY
  • https://capi.connatix.com/us/pixel?puid=LPOT0PQP-U-9UAG&pId=11&gdpr=&gdpr_consent=&us_privacy=&us_privacy=1YNY&final=true
82 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/us/pixel?puid=LPOT0PQP-U-9UAG&pId=11&gdpr=&gdpr_consent=&us_privacy=&us_privacy=1YNY&final=true
Protocol
H2
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:59 GMT
cf-cache-status
DYNAMIC
server
cloudflare
surrogate-control
no-cache, no-store, must-revalidate, max-age=0
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
82f809388f2139ef-YYZ
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Sun, 03 Dec 2023 01:28:58 GMT
cf-cache-status
DYNAMIC
server
cloudflare
location
https://capi.connatix.com/us/pixel?puid=LPOT0PQP-U-9UAG&pId=11&gdpr=&gdpr_consent=&us_privacy=&us_privacy=1YNY&final=true
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
82f809382e6839ef-YYZ
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400
Rubicon
s.seedtag.com/cs/cookiesync/ Frame B9CC
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=seedtag&us_privacy=1YNY
  • https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LPOT0PQP-U-9UAG&us_privacy=1YNY
0
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LPOT0PQP-U-9UAG&us_privacy=1YNY
Protocol
H2
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:58 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LPOT0PQP-U-9UAG&us_privacy=1YNY
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6734403d2cb3625dc1fef1bbd4a17cf3
Expires
0
tap.php
pixel.rubiconproject.com/ Frame B9CC
Redirect Chain
  • https://bttrack.com/pixel/cookiesync?source=c91bfcce-bb43-46f7-b14e-567c0a4332b3&us_privacy=1YNY
  • https://pixel.rubiconproject.com/tap.php?v=71772&nid=3664&put=b293706b-673d-4ba4-8fd8-b9d18272d497
42 B
884 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=71772&nid=3664&put=b293706b-673d-4ba4-8fd8-b9d18272d497
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
6734403d2cb3625dc1fef1bbd4a17cf3
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-servername
Track001-iad
pragma
no-cache
date
Sun, 03 Dec 2023 01:28:02 GMT
strict-transport-security
max-age=31536000;
content-type
text/html; charset=utf-8
location
https://pixel.rubiconproject.com/tap.php?v=71772&nid=3664&put=b293706b-673d-4ba4-8fd8-b9d18272d497
cache-control
private,no-cache
content-length
223
expires
-1
tap.php
pixel.rubiconproject.com/ Frame B9CC
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=14&us_privacy=1YNY
  • https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=ZGHPi6SLXD9Csh2xxgNtGmAJ-Ss
42 B
884 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=ZGHPi6SLXD9Csh2xxgNtGmAJ-Ss
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
6734403d2cb3625dc1fef1bbd4a17cf3
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=ZGHPi6SLXD9Csh2xxgNtGmAJ-Ss
Date
Sun, 03 Dec 2023 01:28:58 GMT
Connection
keep-alive
Content-Length
121
Content-Type
text/html; charset=utf-8
tap.php
pixel.rubiconproject.com/ Frame B9CC
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1164&us_privacy=1YNY
  • https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=2679859129782140740
42 B
884 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=2679859129782140740
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
6734403d2cb3625dc1fef1bbd4a17cf3
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sun, 03 Dec 2023 01:28:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=2679859129782140740
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
tap.php
pixel.rubiconproject.com/ Frame B9CC
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=6&p=70&cp=Rubicon&cu=1&url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D6434%26nid%3D2149%26put%3D%40%40CRITEO_USERID%40%40&us_privacy=1YNY
  • https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=a736b975-dbe4-4d4a-9be8-324f2de4e5e0&us_privacy=1YNY
42 B
884 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=a736b975-dbe4-4d4a-9be8-324f2de4e5e0&us_privacy=1YNY
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
6734403d2cb3625dc1fef1bbd4a17cf3
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sun, 03 Dec 2023 01:28:58 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=a736b975-dbe4-4d4a-9be8-324f2de4e5e0&us_privacy=1YNY
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1516041
content-length
0
expires
Sun, 03 Dec 2023 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame B9CC
Redirect Chain
  • https://ad.turn.com/r/cs?pid=6&us_privacy=1YNY
  • https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=9068383233460391601&expires=60&gdpr=&gdpr_consent=
42 B
884 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=9068383233460391601&expires=60&gdpr=&gdpr_consent=
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
6734403d2cb3625dc1fef1bbd4a17cf3
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=9068383233460391601&expires=60&gdpr=&gdpr_consent=
pragma
no-cache
date
Sun, 03 Dec 2023 01:28:58 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
tap.php
pixel.rubiconproject.com/ Frame B9CC
Redirect Chain
  • https://secure.adnxs.com/getuidnb?https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4894%26nid%3D1986%26put%3D$UID%26expires%3D30&us_privacy=1YNY
  • https://pixel.rubiconproject.com/tap.php?v=4894&nid=1986&put=6848836367408275229&expires=30&us_privacy=1YNY
42 B
884 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4894&nid=1986&put=6848836367408275229&expires=30&us_privacy=1YNY
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
2dd9fa24169fa04536d533da131679f8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sun, 03 Dec 2023 01:28:58 GMT
an-x-request-uuid
1a0f3c31-5e32-44a5-8df9-71837d3eb31b
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://pixel.rubiconproject.com/tap.php?v=4894&nid=1986&put=6848836367408275229&expires=30&us_privacy=1YNY
x-proxy-origin
96.9.249.43; 96.9.249.43; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame B9CC
Redirect Chain
  • https://sync.1rx.io/usersync2/rubicon?us_privacy=1YNY
  • https://sync.1rx.io/usersync2/rubicon?zcc=1&cb=1701566938941&us_privacy=1YNY
  • https://sync.targeting.unrulymedia.com/csync/RX-dec0b61f-6e1a-4358-9cea-225ed68296c4-005?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D186028%26nid%3D4112%26put%3DRX-dec0b61f-6e1a-43...
  • https://pixel.rubiconproject.com/tap.php?v=186028&nid=4112&put=RX-dec0b61f-6e1a-4358-9cea-225ed68296c4-005&expires=30&us_privacy=1YNY
42 B
884 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=186028&nid=4112&put=RX-dec0b61f-6e1a-4358-9cea-225ed68296c4-005&expires=30&us_privacy=1YNY
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
6734403d2cb3625dc1fef1bbd4a17cf3
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Date
Sun, 03 Dec 2023 01:28:59 GMT
Server
Tengine
ETag
RXdec0b61f6e1a43589cea225ed68296c4005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://pixel.rubiconproject.com/tap.php?v=186028&nid=4112&put=RX-dec0b61f-6e1a-4358-9cea-225ed68296c4-005&expires=30&us_privacy=1YNY
Content-Type
text/html
Connection
keep-alive
esync
token.rubiconproject.com/ Frame B9CC
Redirect Chain
  • https://id.rlcdn.com/709414.gif?us_privacy=1YNY
  • https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
a3627e8efa32d23b7838eace974fecff
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Sun, 03 Dec 2023 01:28:58 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
setuid
s2s.t13.io/ Frame B9CC
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-triple13&us_privacy=1YNY
  • https://s2s.t13.io/setuid?bidder=rubicon&uid=LPOT0PQP-U-9UAG&us_privacy=1YNY
86 B
449 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2s.t13.io/setuid?bidder=rubicon&uid=LPOT0PQP-U-9UAG&us_privacy=1YNY
Protocol
H2
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 01:28:58 GMT
content-encoding
gzip
via
1.1 google
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s2s.t13.io/setuid?bidder=rubicon&uid=LPOT0PQP-U-9UAG&us_privacy=1YNY
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6734403d2cb3625dc1fef1bbd4a17cf3
Expires
0
cs
cs.yellowblue.io/ Frame B9CC
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=rise_engage&us_privacy=1YNY
  • https://cs.yellowblue.io/cs?aid=11590&id=LPOT0PQP-U-9UAG&us_privacy=1YNY
0
326 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11590&id=LPOT0PQP-U-9UAG&us_privacy=1YNY
Protocol
H2
Server
54.147.45.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-147-45-225.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:59 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://eus.rubiconproject.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cs.yellowblue.io/cs?aid=11590&id=LPOT0PQP-U-9UAG&us_privacy=1YNY
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
2dd9fa24169fa04536d533da131679f8
Expires
0
cs
cs.minutemedia-prebid.com/ Frame B9CC
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=minute_media&us_privacy=1YNY
  • https://cs.minutemedia-prebid.com/cs?aid=21479&id=LPOT0PQP-U-9UAG&us_privacy=1YNY
0
326 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21479&id=LPOT0PQP-U-9UAG&us_privacy=1YNY
Protocol
H2
Server
54.147.45.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-147-45-225.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:59 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://eus.rubiconproject.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cs.minutemedia-prebid.com/cs?aid=21479&id=LPOT0PQP-U-9UAG&us_privacy=1YNY
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6734403d2cb3625dc1fef1bbd4a17cf3
Expires
0
sync
visitor.omnitagjs.com/visitor/ Frame B9CC
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=adyoulike&us_privacy=1YNY
  • https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LPOT0PQP-U-9UAG&name=RUBICON&us_privacy=1YNY
49 B
385 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LPOT0PQP-U-9UAG&name=RUBICON&us_privacy=1YNY
Protocol
H2
Server
3.138.132.40 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-138-132-40.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 01:28:59 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
3
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LPOT0PQP-U-9UAG&name=RUBICON&us_privacy=1YNY
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6734403d2cb3625dc1fef1bbd4a17cf3
Expires
0
sync
eb2.3lift.com/ Frame BDC2 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1YNY&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
762bca50da8dd07ac3b20443fe8ed7d3e6e48976736cadb3d581a8b882eb878e

Request headers

Referer
https://gfieldmoney.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1510
content-type
text/html; charset=utf-8
date
Sun, 03 Dec 2023 01:28:58 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
xuid
eb2.3lift.com/ Frame BDC2
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=0aefc4a5-4b50-4aeb-845b-55f3253f3643&dongle=0cfd&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=0aefc4a5-4b50-4aeb-845b-55f3253f3643&dongle=0cfd&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1YNY&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 03 Dec 2023 01:28:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=3658&xuid=0aefc4a5-4b50-4aeb-845b-55f3253f3643&dongle=0cfd&gdpr=0&gdpr_consent=
date
Sun, 03 Dec 2023 01:28:58 GMT
server
Kestrel
content-length
251
ebda
eb2.3lift.com/ Frame BDC2
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTUyMjI5OTU0OTQwMDM3ODIwMTg5NA%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1YNY&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:59 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 03 Dec 2023 01:28:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame BDC2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEEkc4rtkt_QLgBDbCXQu-ng&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEEkc4rtkt_QLgBDbCXQu-ng&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1YNY&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 03 Dec 2023 01:28:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sun, 03 Dec 2023 01:28:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEEkc4rtkt_QLgBDbCXQu-ng&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame BDC2
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTUyMjI5OTU0OTQwMDM3ODIwMTg5NA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTUyMjI5OTU0OTQwMDM3ODIwMTg5NA%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1YNY&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
H3
Server
142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 01:28:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTUyMjI5OTU0OTQwMDM3ODIwMTg5NA%3D%3D
date
Sun, 03 Dec 2023 01:28:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame BDC2 		0
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=1522299549400378201894&dbredirect=true&gdpr=0&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1YNY&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:58 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 377A56FBC3B54BFF944F623C42408C73 Ref B: EWR311000102031 Ref C: 2023-12-03T01:28:58Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYLkOz02KRZsLIx3WAarw==
xuid
eb2.3lift.com/ Frame BDC2
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/1522299549400378201894?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-_oIO1klE2oRnHx2Jfls9PvPhn5edKfgQaUpB6MU_Ww--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-_oIO1klE2oRnHx2Jfls9PvPhn5edKfgQaUpB6MU_Ww--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1YNY&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 03 Dec 2023 01:28:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Sun, 03 Dec 2023 01:28:58 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-_oIO1klE2oRnHx2Jfls9PvPhn5edKfgQaUpB6MU_Ww--~A&dongle=0883
content-length
0
xuid
eb2.3lift.com/ Frame BDC2
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=1522299549400378201894&gdpr=0&gdpr_consent=${GDPR_CONSENT}
  • https://beacon.lynx.cognitivlabs.com/bidSwitch.gif?bidswitch_ssp_id=triplelift&bsw_custom_parameter=a79111c6-27ff-47f3-a668-26bb7e3273b1
  • https://x.bidswitch.net/sync?dsp_id=425&user_group=1&expires=365&user_id=c003aa7a-5d6a-4212-9526-67620fdc6587&ssp=triplelift&bsw_param=a79111c6-27ff-47f3-a668-26bb7e3273b1
  • https://eb2.3lift.com/xuid?mid=2409&xuid=a79111c6-27ff-47f3-a668-26bb7e3273b1&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=a79111c6-27ff-47f3-a668-26bb7e3273b1&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1YNY&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 03 Dec 2023 01:28:59 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=a79111c6-27ff-47f3-a668-26bb7e3273b1&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Date
Sun, 03 Dec 2023 01:28:59 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
xuid
eb2.3lift.com/ Frame BDC2
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=44&p=75&cp=triplelift&cu=1&gdpr=0&gdpr_consent=&us_privacy=1YNY&gpp=${GPP_STRING_28}&gpp_sid=&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2711%26xuid%3...
  • https://eb2.3lift.com/xuid?mid=2711&xuid=a736b975-dbe4-4d4a-9be8-324f2de4e5e0&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=1YNY
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2711&xuid=a736b975-dbe4-4d4a-9be8-324f2de4e5e0&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=1YNY
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1YNY&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 03 Dec 2023 01:28:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sun, 03 Dec 2023 01:28:58 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://eb2.3lift.com/xuid?mid=2711&xuid=a736b975-dbe4-4d4a-9be8-324f2de4e5e0&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=1YNY
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1599605
content-length
0
expires
Sun, 03 Dec 2023 00:00:00 GMT
xuid
eb2.3lift.com/ Frame BDC2
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=6848836367408275229&dongle=4d58&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=6848836367408275229&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1YNY&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 03 Dec 2023 01:28:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sun, 03 Dec 2023 01:28:58 GMT
an-x-request-uuid
aab9400f-679b-423c-b365-084884c88428
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://eb2.3lift.com/xuid?mid=3335&xuid=6848836367408275229&dongle=4d58&gdpr=0&gdpr_consent=
x-proxy-origin
96.9.249.43; 96.9.249.43; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ib.adnxs.com/prebid/ Frame BDC2 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=0&gdpr_consent=&uid=1522299549400378201894
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1YNY&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.208 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 01:28:58 GMT
an-x-request-uuid
1bc0cfd0-cc2d-4adf-bf5d-30d8643a7aa6
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
96.9.249.43; 96.9.249.43; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
prebid.production.adthrive.com/ Frame BDC2 		0
986 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.production.adthrive.com/setuid?bidder=triplelift&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&f=b&uid=1522299549400378201894
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1YNY&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.237.208.214 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-237-208-214.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
text/html
pragma
no-cache
date
Sun, 03 Dec 2023 01:28:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
setuid
prebid.production.adthrive.com/
Redirect Chain
  • https://sync.colossusssp.com/pbs.gif?gdpr=&gdpr_consent=&us_privacy=1YNY&redir=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3Dcolossus%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1...
  • https://prebid.production.adthrive.com/setuid?bidder=colossus&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&f=i&uid=16e6afb7-db8b-4b83-ad02-d372fee35d19
86 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.production.adthrive.com/setuid?bidder=colossus&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&f=i&uid=16e6afb7-db8b-4b83-ad02-d372fee35d19
Protocol
H2
Server
44.237.208.214 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-237-208-214.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Sun, 03 Dec 2023 01:28:59 GMT
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
expires
0

Redirect headers

Pragma
no-cache
Date
Sun, 03 Dec 2023 01:28:59 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Server
nginx
Transfer-Encoding
chunked
Location
https://prebid.production.adthrive.com/setuid?bidder=colossus&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&f=i&uid=16e6afb7-db8b-4b83-ad02-d372fee35d19
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
usersync.html
cdn.undertone.com/js/ Frame FEB5 		12 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.undertone.com/js/usersync.html?gdpr=&gdpr_consent=&us_privacy=1YNY&redirect=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3Dundertone%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:261f:8800:1f:2473:9080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0e4bc8f1a2c59e9e8e12e9f32a6812c46570925e9f72770d1475d8a1ee85476b

Request headers

Referer
https://gfieldmoney.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
59113
content-encoding
gzip
content-type
text/html
date
Sat, 02 Dec 2023 09:03:47 GMT
etag
W/"9f69f355a69e650f4a86354e76e60d40"
last-modified
Tue, 18 Jul 2023 10:31:18 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 8ca7450d970f904109dac7e068234b78.cloudfront.net (CloudFront)
x-amz-cf-id
YoZmD_z4tMpDi9x3sWMFv_Ur9l4KvkXOL7mNbTuAZahcVXUduLaRmw==
x-amz-cf-pop
JFK52-P3
x-amz-replication-status
COMPLETED
x-amz-server-side-encryption
AES256
x-amz-version-id
5cDzvCPt5iTw_HTWM8q.kHMVnUk7Smec
x-cache
Hit from cloudfront
usermatch
ssum-sec.casalemedia.com/ Frame 9DE6
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&us_privacy=1YNY
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3Fus_privacy%3D1YNY%26partnerId%3D57%26uid%3D&s=197137&us_privacy=1YNY&C=1
2 KB
882 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3Fus_privacy%3D1YNY%26partnerId%3D57%26uid%3D&s=197137&us_privacy=1YNY&C=1
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=&gdpr_consent=&us_privacy=1YNY&redirect=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3Dundertone%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b68bec4bc5150c039de2d3c9a87a9ca747f8b9a08d3f03a8e5dc2943ce42fc8

Request headers

Referer
https://cdn.undertone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
82f8093bcefd54af-YYZ
content-encoding
br
content-type
text/html
date
Sun, 03 Dec 2023 01:28:59 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KtaVVkFA95Prz1LVMoNjThF242OC3PMyNMavjoNXhfyL6%2BntEgi72UdApSdWcXFVkXvhLav%2FEEIegykal1Je1b4twT%2FtRLZ3Nsn8iKHYeeo8XoWuhbe9nFvWSHeYlrfuB1kLouiKRuVDWA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
82f8093b4e3354af-YYZ
content-length
0
date
Sun, 03 Dec 2023 01:28:59 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3Fus_privacy%3D1YNY%26partnerId%3D57%26uid%3D&s=197137&us_privacy=1YNY&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DXFWRFh2BeERvhI%2FVwSV67VzfiRGbHBNc0SjvoHYzhaqxbIJW55SC0rvI6yYPqLK6eRSBnv55vaEdyrAxP3lQdPJZEqcgdiL%2F%2FJA7couBF5CbBCSLG54Uklb1tv29MMe6RtX8GARmXedBw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 0B33
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776&us_privacy=1YNY
  • https://eus.rubiconproject.com/usync.html?p=12776&us_privacy=1YNY
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=12776&us_privacy=1YNY
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=&gdpr_consent=&us_privacy=1YNY&redirect=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3Dundertone%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.217.173.107 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-217-173-107.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cdn.undertone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 03 Dec 2023 01:28:59 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 03 Dec 2023 01:28:59 GMT
location
https://eus.rubiconproject.com/usync.html?p=12776&us_privacy=1YNY
server
AkamaiGHost
sync
usr.undertone.com/userPixel/ Frame FEB5
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid=&us_privacy=1YNY
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid=&us_privacy=1YNY
  • https://usr.undertone.com/userPixel/sync?partnerId=39&uid=&us_privacy=1YNY60026f13-f5d0-4c71-9058-89c16c7ce985
0
192 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=39&uid=&us_privacy=1YNY60026f13-f5d0-4c71-9058-89c16c7ce985
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=&gdpr_consent=&us_privacy=1YNY&redirect=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3Dundertone%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
18.173.132.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-132-67.jfk52.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:59 GMT
via
1.1 e8977de5589675c37360cfbb1bfac24a.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P2
content-length
0
x-amz-cf-id
uTqh9HuD8GA1upc1CjkCG0Ys0kKhK0ak0_kmyfn4oZ76wIjuv4oKpQ==
x-cache
Miss from cloudfront

Redirect headers

date
Sun, 03 Dec 2023 01:28:59 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usr.undertone.com/userPixel/sync?partnerId=39&uid=&us_privacy=1YNY60026f13-f5d0-4c71-9058-89c16c7ce985
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
usr.undertone.com/userPixel/ Frame FEB5
Redirect Chain
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&us_privacy=1YNY
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&us_privacy=1YNY
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-knJsIeNE2uHcwcHzh_RjLJ0HimLIdafh~A&us_privacy=1YNY
0
193 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-knJsIeNE2uHcwcHzh_RjLJ0HimLIdafh~A&us_privacy=1YNY
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=&gdpr_consent=&us_privacy=1YNY&redirect=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3Dundertone%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
18.173.132.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-132-67.jfk52.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:59 GMT
via
1.1 e8977de5589675c37360cfbb1bfac24a.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P2
content-length
0
x-amz-cf-id
NnhqVb_vbCIh0dLYzhMvLcs-DRgtBiFeZJ192-ZUaVXYoqSEOr95-w==
x-cache
Miss from cloudfront

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-knJsIeNE2uHcwcHzh_RjLJ0HimLIdafh~A&us_privacy=1YNY
date
Sun, 03 Dec 2023 01:28:59 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
usr.undertone.com/userPixel/ Frame FEB5
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent=&us_privacy=1YNY
  • https://usr.undertone.com/userPixel/sync?partnerId=46&uid=0aefc4a5-4b50-4aeb-845b-55f3253f3643&ttl=1704158939
0
306 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=46&uid=0aefc4a5-4b50-4aeb-845b-55f3253f3643&ttl=1704158939
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=&gdpr_consent=&us_privacy=1YNY&redirect=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3Dundertone%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
18.173.132.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-132-67.jfk52.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:59 GMT
via
1.1 e8977de5589675c37360cfbb1bfac24a.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P2
content-length
0
x-amz-cf-id
LUFsaQ4jiynRK_nPNcJL4Av5HzUw9luVAAm9JFn8o-nx298xoeVb5Q==
x-cache
Miss from cloudfront

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partnerId=46&uid=0aefc4a5-4b50-4aeb-845b-55f3253f3643&ttl=1704158939
date
Sun, 03 Dec 2023 01:28:59 GMT
server
Kestrel
content-length
249
sync
usr.undertone.com/userPixel/ Frame FEB5
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776&us_privacy=1YNY
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LPOT0PQP-U-9UAG&us_privacy=1YNY
0
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LPOT0PQP-U-9UAG&us_privacy=1YNY
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=&gdpr_consent=&us_privacy=1YNY&redirect=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3Dundertone%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
18.173.132.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-132-67.jfk52.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:59 GMT
via
1.1 e8977de5589675c37360cfbb1bfac24a.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P2
content-length
0
x-amz-cf-id
E44FsFZaG5Hei9JsN8vbEkqJunwdZZs3GrHPolwCJobqAD8n3ESnzQ==
x-cache
Miss from cloudfront

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LPOT0PQP-U-9UAG&us_privacy=1YNY
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6734403d2cb3625dc1fef1bbd4a17cf3
Expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame FEB5
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone...
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=-1&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=-1&piggybackCookie=uid:2fd65ec0-1b9d-40fe-8f48-be1721570a9c&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=-1&piggybackCookie=uid:2fd65ec0-1b9d-40fe-8f48-be1721570a9c&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=&gdpr_consent=&us_privacy=1YNY&redirect=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3Dundertone%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 03 Dec 2023 01:28:59 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=-1&piggybackCookie=uid:2fd65ec0-1b9d-40fe-8f48-be1721570a9c&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Sun, 03 Dec 2023 01:28:59 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
sync
usr.undertone.com/userPixel/ Frame FEB5
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D%7BuserId%7D&us_privacy=1YNY
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=0995b0c7-515f-4d0c-8d64-3489ea5938b1-656bd9da-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=0995b0c7-515f-4d0c-8d64-3489ea5938b1-656bd9da-5553&partner_url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerI...
  • https://usr.undertone.com/userPixel/sync?partnerId=54&uid=0995b0c7-515f-4d0c-8d64-3489ea5938b1-656bd9da-5553&us_privacy=1YNY
0
318 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=54&uid=0995b0c7-515f-4d0c-8d64-3489ea5938b1-656bd9da-5553&us_privacy=1YNY
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=&gdpr_consent=&us_privacy=1YNY&redirect=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3Dundertone%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
18.173.132.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-132-67.jfk52.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:59 GMT
via
1.1 e8977de5589675c37360cfbb1bfac24a.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P2
content-length
0
x-amz-cf-id
4VlQrbl-VlDinz1op0vkrP4GJ2U-k4jVVSsna2OU3TGppzNUx_TP3w==
x-cache
Miss from cloudfront

Redirect headers

date
Sun, 03 Dec 2023 01:28:59 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://usr.undertone.com/userPixel/sync?partnerId=54&uid=0995b0c7-515f-4d0c-8d64-3489ea5938b1-656bd9da-5553&us_privacy=1YNY
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
usr.undertone.com/userPixel/ Frame FEB5
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58545/occ?us_privacy=1YNY
  • https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-FMe37kBE2uHM08_jMnqJk2VGEtnPXDaf5Jwkfo8-~A
0
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-FMe37kBE2uHM08_jMnqJk2VGEtnPXDaf5Jwkfo8-~A
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=&gdpr_consent=&us_privacy=1YNY&redirect=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3Dundertone%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
18.173.132.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-132-67.jfk52.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:59 GMT
via
1.1 e8977de5589675c37360cfbb1bfac24a.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P2
content-length
0
x-amz-cf-id
xA1sBpL-ljBSxJBSwMMuCxTAyHa8IrMU8r5osV8ztg3vuuiR6N7hGg==
x-cache
Miss from cloudfront

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-FMe37kBE2uHM08_jMnqJk2VGEtnPXDaf5Jwkfo8-~A
date
Sun, 03 Dec 2023 01:28:59 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
setuid
prebid.production.adthrive.com/ Frame FEB5
Redirect Chain
  • https://usr.undertone.com/userPixel/syncr?gdpr=&gdprstr=&partnerId=null&r=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3Dundertone%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%...
  • https://prebid.production.adthrive.com/setuid?bidder=undertone&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&f=b&uid=2ssbmxy2m5doqb7ooe8p8ovwc
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.production.adthrive.com/setuid?bidder=undertone&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&f=b&uid=2ssbmxy2m5doqb7ooe8p8ovwc
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=&gdpr_consent=&us_privacy=1YNY&redirect=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3Dundertone%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
44.237.208.214 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-237-208-214.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
text/html
pragma
no-cache
date
Sun, 03 Dec 2023 01:28:59 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0

Redirect headers

location
https://prebid.production.adthrive.com/setuid?bidder=undertone&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&f=b&uid=2ssbmxy2m5doqb7ooe8p8ovwc
date
Sun, 03 Dec 2023 01:28:59 GMT
via
1.1 e8977de5589675c37360cfbb1bfac24a.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P2
content-length
0
x-amz-cf-id
kjz9erbgafFeduNTAZhQaJNMRVcz509hriiCsfRTbTw_VgkMY0JPwA==
x-cache
Miss from cloudfront
usync.js
eus.rubiconproject.com/ Frame 0B33 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776&us_privacy=1YNY
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.217.173.107 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-217-173-107.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
967955e0fe2f5def1affe5e2189e858bf82c9f989074b242dcb5643e42912101

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=12776&us_privacy=1YNY
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Sun, 03 Dec 2023 01:28:59 GMT
Content-Encoding
gzip
Last-Modified
Sat, 02 Dec 2023 18:12:58 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=60269
Connection
keep-alive
Content-Length
13236
Expires
Sun, 03 Dec 2023 18:13:28 GMT
khaos.json
token.rubiconproject.com/ Frame 0B33 		7 B
819 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?us_privacy=1YNY&khaos=LPOT0PQP-U-9UAG
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
a3627e8efa32d23b7838eace974fecff
Expires
0
dcm
s.amazon-adsystem.com/ Frame 9DE6 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=1YNY&gdpr=&gdpr_consent=&id=ZWvZ20srsfvbC5CJReY1awAADZUAAAAB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3Fus_privacy%3D1YNY%26partnerId%3D57%26uid%3D&s=197137&us_privacy=1YNY&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 03 Dec 2023 01:28:59 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
RWF1PCN1NW6QR98D2TDF
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
35759
i6.liadm.com/s/ Frame 9DE6
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZWvZ20srsfvbC5CJReY1awAA%263477&gpdr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0&us_privacy=1YNY
  • https://i.liadm.com/s/35759?bidder_id=44489&bidder_uuid=0aefc4a5-4b50-4aeb-845b-55f3253f3643
  • https://i6.liadm.com/s/35759?bidder_id=44489&bidder_uuid=0aefc4a5-4b50-4aeb-845b-55f3253f3643
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i6.liadm.com/s/35759?bidder_id=44489&bidder_uuid=0aefc4a5-4b50-4aeb-845b-55f3253f3643
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3Fus_privacy%3D1YNY%26partnerId%3D57%26uid%3D&s=197137&us_privacy=1YNY&C=1
Protocol
HTTP/1.1
Server
2600:1f18:ed:550a:a53:c6a7:6bd2:86fa Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Sun, 03 Dec 2023 01:29:00 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
0
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/35759?bidder_id=44489&bidder_uuid=0aefc4a5-4b50-4aeb-845b-55f3253f3643
Date
Sun, 03 Dec 2023 01:28:59 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
2
crum
dsum-sec.casalemedia.com/ Frame 9DE6
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&us_privacy=1YNY
  • https://cm.g.doubleclick.net/pixel?us_privacy=1YNY&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZWvZ20srsfvbC5CJReY1awAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMMh7wNj48sp3j8MJTcKaVQ&google_cver=1
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMMh7wNj48sp3j8MJTcKaVQ&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3Fus_privacy%3D1YNY%26partnerId%3D57%26uid%3D&s=197137&us_privacy=1YNY&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 01:28:59 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yKkovlp4IpC6mdEvoP8zEhVCbCA5mcXt8pOSFoY5keDCoXGUyetFibYKGIi%2FBOdTDRu6NI3FLk8HJkJTMzU6G%2FGc7Vx9k7VwnplrvUZUlIT6DbA6G8uqwQ3eL2viZ%2FzM7lUHd9W1nbipTw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82f8093ce809a21c-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 03 Dec 2023 01:28:59 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMMh7wNj48sp3j8MJTcKaVQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 9DE6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZWvZ20srsfvbC5CJReY1awAADZUAAAAB&gdpr_consent=&us_privacy=1YNY&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIqfJoSikGuuwbUBGSSuZOY&google_cver=1
43 B
767 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIqfJoSikGuuwbUBGSSuZOY&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3Fus_privacy%3D1YNY%26partnerId%3D57%26uid%3D&s=197137&us_privacy=1YNY&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 01:28:59 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RSsa9GvvsT2loSmVafZ83zQpdBkNw8ejGK9gBasyePa44IEG5OlgqAq4%2FpQjsdCEx68VlpTPGjD%2BSFdK002A%2Fgds8yj2Rr5hnVaTJGyAya4o9MdS7AtT9E8pDO7maud2vZGjQuIwhjwUXg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82f8093c7f77a21c-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 03 Dec 2023 01:28:59 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIqfJoSikGuuwbUBGSSuZOY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum.casalemedia.com/ Frame 9DE6
Redirect Chain
  • https://match.deepintent.com/usersync/113?us_privacy=1YNY
  • https://dsum.casalemedia.com/crum?cm_dsp_id=176&external_user_id=di_4319d0045c914814a2239
43 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=176&external_user_id=di_4319d0045c914814a2239
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3Fus_privacy%3D1YNY%26partnerId%3D57%26uid%3D&s=197137&us_privacy=1YNY&C=1
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 01:28:59 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8sfTJ8j88sWgS30dszmOe7tusKUytRL%2FhGpEdfCwqZ30Fb5P5Q8xeDvG29ZWsvbz7SrhAd5b%2FP7y%2F5n14isRQbRjGwDrs5wjTxMYhozFtR5ji203hdeVd0JvnOVIhp2Hc6KcvApo"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82f8093c7fd354af-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum.casalemedia.com/crum?cm_dsp_id=176&external_user_id=di_4319d0045c914814a2239
date
Sun, 03 Dec 2023 01:28:59 GMT
content-type
image/gif
server
b
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
crum
dsum-sec.casalemedia.com/ Frame 9DE6
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=9176360673980405968&gdpr=0&gdpr_consent=
43 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=9176360673980405968&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3Fus_privacy%3D1YNY%26partnerId%3D57%26uid%3D&s=197137&us_privacy=1YNY&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 01:28:59 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2wmeS6W4gEHoE82GEAFSfkoZJyVl6oVER%2BBTtSCCFuzVM2a8ndM%2FnjZxiJ4byRlpCPTPTr5XAy6604rhEfanjEFWK9%2BGlSHPehnnp9%2F8iTPWmTTKG5%2F%2FeZZPUZEaofCANvvzF7AtqItslw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82f8093d386ca21c-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=9176360673980405968&gdpr=0&gdpr_consent=
date
Sun, 03 Dec 2023 01:28:58 GMT
content-length
0
crum
dsum-sec.casalemedia.com/ Frame 9DE6
Redirect Chain
  • https://cm.ctnsnet.com/int/cm?exc=19&us_privacy=1YNY
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=6af3e138149b4245a806f141129f11ff&expiration=1704158939
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=6af3e138149b4245a806f141129f11ff&expiration=1704158939
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3Fus_privacy%3D1YNY%26partnerId%3D57%26uid%3D&s=197137&us_privacy=1YNY&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 01:28:59 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=waBkINSTQca6eFGApLSTjNzZww%2BeRoE4zxoAKsf2tv%2BhAzVDZT092JaVGekrkjw2xlu0xGRa%2FqIvt630kigl%2BQ0zDyurMErNWq8FPcDYBk058wI9YPtZ3G1ZLZOblCuqgH8T2rz%2FgEhuGw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82f8093d182da21c-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 03 Dec 2023 01:28:58 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=6af3e138149b4245a806f141129f11ff&expiration=1704158939
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 9DE6
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=1YNY&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1717378139&external_user_id=f0cad712-5058-42ca-9ad1-7da0447458f7
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1717378139&external_user_id=f0cad712-5058-42ca-9ad1-7da0447458f7
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3Fus_privacy%3D1YNY%26partnerId%3D57%26uid%3D&s=197137&us_privacy=1YNY&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 01:28:59 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HBMd8o1xUucTo3WqODoDXG9d69Bsc40rJdKZ6YGF5dl%2FV1ZmPDL0dj2382IoXdfz4g4gh7Y%2B%2F2MlrDxkKTeQjEzGamMIbSxPFxDSl7anXrzc%2FMuOV3cRl%2FUdY%2Fz2nLOADHr9Q1cguziinQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82f8093d3861a21c-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Sun, 03 Dec 2023 01:28:59 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.casalemedia.com
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1717378139&external_user_id=f0cad712-5058-42ca-9ad1-7da0447458f7
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
sync
usr.undertone.com/userPixel/ Frame 9DE6 		0
307 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?us_privacy=1YNY&partnerId=57&uid=ZWvZ20srsfvbC5CJReY1awAADZUAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3Fus_privacy%3D1YNY%26partnerId%3D57%26uid%3D&s=197137&us_privacy=1YNY&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.132.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-132-67.jfk52.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:59 GMT
via
1.1 e8977de5589675c37360cfbb1bfac24a.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P2
content-length
0
x-amz-cf-id
FUGEWKchYXMubP3W-TNiBut3WiA1Y7ze95oJdve1M3lX-OGmeSgKCw==
x-cache
Miss from cloudfront
sync
usr.undertone.com/userPixel/ Frame 0B33
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776&us_privacy=1YNY&us_privacy=1YNY&khaos=LPOT0PQP-U-9UAG
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LPOT0PQP-U-9UAG&us_privacy=1YNY
0
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LPOT0PQP-U-9UAG&us_privacy=1YNY
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=&gdpr_consent=&us_privacy=1YNY&redirect=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3Dundertone%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
18.173.132.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-132-67.jfk52.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:59 GMT
via
1.1 e8977de5589675c37360cfbb1bfac24a.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P2
content-length
0
x-amz-cf-id
TwWALFP2w6C825up9V9KozBCb37JQD7pRhXwkBNMlDubDL8Yrlmqkw==
x-cache
Miss from cloudfront

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LPOT0PQP-U-9UAG&us_privacy=1YNY
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6734403d2cb3625dc1fef1bbd4a17cf3
Expires
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9CB3 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&predirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.62.105.11 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-62-105-11.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://gfieldmoney.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=132084
content-encoding
gzip
content-length
5622
content-type
text/html
date
Sun, 03 Dec 2023 01:28:59 GMT
expires
Mon, 04 Dec 2023 14:10:23 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usersync.html
cdn.undertone.com/js/ Frame E92E 		12 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.undertone.com/js/usersync.html?gdpr=&gdpr_consent=&us_privacy=1YNY&redirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dundertone%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:261f:8800:1f:2473:9080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0e4bc8f1a2c59e9e8e12e9f32a6812c46570925e9f72770d1475d8a1ee85476b

Request headers

Referer
https://gfieldmoney.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
59113
content-encoding
gzip
content-type
text/html
date
Sat, 02 Dec 2023 09:03:47 GMT
etag
W/"9f69f355a69e650f4a86354e76e60d40"
last-modified
Tue, 18 Jul 2023 10:31:18 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 8ca7450d970f904109dac7e068234b78.cloudfront.net (CloudFront)
x-amz-cf-id
O_pGBz538gMRKPId-44AZW6eXRBe52LVoqVz8ATlGnhXbYak2YgtPg==
x-amz-cf-pop
JFK52-P3
x-amz-replication-status
COMPLETED
x-amz-server-side-encryption
AES256
x-amz-version-id
5cDzvCPt5iTw_HTWM8q.kHMVnUk7Smec
x-cache
Hit from cloudfront
sync
usr.undertone.com/userPixel/ Frame E92E
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone...
  • https://image4.pubmatic.com/AdServer/SPug?p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D7B075CE7-101E-4A79-8D4A-D4FF4B2C5B19&us_privacy=1YNY
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=7B075CE7-101E-4A79-8D4A-D4FF4B2C5B19
0
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=7B075CE7-101E-4A79-8D4A-D4FF4B2C5B19
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=&gdpr_consent=&us_privacy=1YNY&redirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dundertone%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
18.173.132.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-132-67.jfk52.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:59 GMT
via
1.1 e8977de5589675c37360cfbb1bfac24a.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P2
content-length
0
x-amz-cf-id
9fGiPUTaycBCrYlHnnGJ8E4TgXElCIeAjLpY5eGe5FxTpHK5iXK9eQ==
x-cache
Miss from cloudfront

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=7B075CE7-101E-4A79-8D4A-D4FF4B2C5B19
date
Sun, 03 Dec 2023 01:28:59 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sync
usr.undertone.com/userPixel/ Frame E92E
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D%7BuserId%7D&us_privacy=1YNY
  • https://usr.undertone.com/userPixel/sync?partnerId=54&uid=0995b0c7-515f-4d0c-8d64-3489ea5938b1-656bd9da-5553&us_privacy=1YNY
0
318 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=54&uid=0995b0c7-515f-4d0c-8d64-3489ea5938b1-656bd9da-5553&us_privacy=1YNY
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=&gdpr_consent=&us_privacy=1YNY&redirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dundertone%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
18.173.132.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-132-67.jfk52.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:59 GMT
via
1.1 e8977de5589675c37360cfbb1bfac24a.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P2
content-length
0
x-amz-cf-id
GjRhoUWbyhH45mcjL0PYiDuy0hYh3a9bLcETWkLRADvJPUCSsVY3fw==
x-cache
Miss from cloudfront

Redirect headers

pragma
no-cache
date
Sun, 03 Dec 2023 01:28:59 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://usr.undertone.com/userPixel/sync?partnerId=54&uid=0995b0c7-515f-4d0c-8d64-3489ea5938b1-656bd9da-5553&us_privacy=1YNY
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
usermatch
ssum-sec.casalemedia.com/ Frame ACB1 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&us_privacy=1YNY
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=&gdpr_consent=&us_privacy=1YNY&redirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dundertone%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04cb06d1b5418ab081aee60f4d6302915de990fda8e9438c2a80d144b0340f09

Request headers

Referer
https://cdn.undertone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
82f8093d081fa21c-YYZ
content-encoding
br
content-type
text/html
date
Sun, 03 Dec 2023 01:28:59 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eJjczqZWadBPTSFxKFKv5JqB6g0vVZ6EwF0xkLoAri6Y96L1J1q3q1i1jkIwPijZ3xCkNYprIKRjbSRadoMbGQHR9FWoPMZrbzz7101Z9VEhXoDIk8kfQWuyD8ukjhLTaay0DYFCrV41ww%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame ACF6
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776&us_privacy=1YNY
  • https://eus.rubiconproject.com/usync.html?p=12776&us_privacy=1YNY
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=12776&us_privacy=1YNY
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=&gdpr_consent=&us_privacy=1YNY&redirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dundertone%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.217.173.107 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-217-173-107.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cdn.undertone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 03 Dec 2023 01:28:59 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 03 Dec 2023 01:28:59 GMT
location
https://eus.rubiconproject.com/usync.html?p=12776&us_privacy=1YNY
server
AkamaiGHost
sync
usr.undertone.com/userPixel/ Frame E92E
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid=&us_privacy=1YNY
  • https://usr.undertone.com/userPixel/sync?partnerId=39&uid=&us_privacy=1YNY60026f13-f5d0-4c71-9058-89c16c7ce985
0
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=39&uid=&us_privacy=1YNY60026f13-f5d0-4c71-9058-89c16c7ce985
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=&gdpr_consent=&us_privacy=1YNY&redirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dundertone%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
18.173.132.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-132-67.jfk52.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:59 GMT
via
1.1 e8977de5589675c37360cfbb1bfac24a.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P2
content-length
0
x-amz-cf-id
NPAwfWBDdQyMPdfe6fgqm4zbjFujT1kL7zpsuY1qaEPPkRDluOhTTQ==
x-cache
Miss from cloudfront

Redirect headers

date
Sun, 03 Dec 2023 01:28:59 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usr.undertone.com/userPixel/sync?partnerId=39&uid=&us_privacy=1YNY60026f13-f5d0-4c71-9058-89c16c7ce985
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
usr.undertone.com/userPixel/ Frame E92E
Redirect Chain
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&us_privacy=1YNY
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&us_privacy=1YNY
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-knJsIeNE2uHcwcHzh_RjLJ0HimLIdafh~A&us_privacy=1YNY
0
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-knJsIeNE2uHcwcHzh_RjLJ0HimLIdafh~A&us_privacy=1YNY
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=&gdpr_consent=&us_privacy=1YNY&redirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dundertone%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
18.173.132.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-132-67.jfk52.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:59 GMT
via
1.1 e8977de5589675c37360cfbb1bfac24a.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P2
content-length
0
x-amz-cf-id
4Ng3iHGga7qYnpkNKN-okjEXlJTOk4zUYr8mXGz3WHjpK8w45jNbpw==
x-cache
Miss from cloudfront

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-knJsIeNE2uHcwcHzh_RjLJ0HimLIdafh~A&us_privacy=1YNY
date
Sun, 03 Dec 2023 01:28:59 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
usr.undertone.com/userPixel/ Frame E92E
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent=&us_privacy=1YNY
  • https://usr.undertone.com/userPixel/sync?partnerId=46&uid=0aefc4a5-4b50-4aeb-845b-55f3253f3643&ttl=1704158939
0
307 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=46&uid=0aefc4a5-4b50-4aeb-845b-55f3253f3643&ttl=1704158939
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=&gdpr_consent=&us_privacy=1YNY&redirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dundertone%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
18.173.132.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-132-67.jfk52.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:59 GMT
via
1.1 e8977de5589675c37360cfbb1bfac24a.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P2
content-length
0
x-amz-cf-id
Eiv8EOcAC2hhVSA3w3Ne5GMk75IJttOZY-fmGOCQbfmeKDXRtfPxyQ==
x-cache
Miss from cloudfront

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partnerId=46&uid=0aefc4a5-4b50-4aeb-845b-55f3253f3643&ttl=1704158939
date
Sun, 03 Dec 2023 01:28:59 GMT
server
Kestrel
content-length
249
sync
usr.undertone.com/userPixel/ Frame E92E
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776&us_privacy=1YNY
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LPOT0PQP-U-9UAG&us_privacy=1YNY
0
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LPOT0PQP-U-9UAG&us_privacy=1YNY
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=&gdpr_consent=&us_privacy=1YNY&redirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dundertone%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
18.173.132.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-132-67.jfk52.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:59 GMT
via
1.1 e8977de5589675c37360cfbb1bfac24a.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P2
content-length
0
x-amz-cf-id
HjHpBbZk96ALZh-dYj866Zsbw958Wv_ioOSY7RgXjT2BWytukBjyzw==
x-cache
Miss from cloudfront

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LPOT0PQP-U-9UAG&us_privacy=1YNY
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6734403d2cb3625dc1fef1bbd4a17cf3
Expires
0
sync
usr.undertone.com/userPixel/ Frame E92E
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58545/occ?us_privacy=1YNY
  • https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-FMe37kBE2uHM08_jMnqJk2VGEtnPXDaf5Jwkfo8-~A
0
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-FMe37kBE2uHM08_jMnqJk2VGEtnPXDaf5Jwkfo8-~A
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=&gdpr_consent=&us_privacy=1YNY&redirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dundertone%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
18.173.132.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-132-67.jfk52.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:59 GMT
via
1.1 e8977de5589675c37360cfbb1bfac24a.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P2
content-length
0
x-amz-cf-id
bD7BP-6hSg_AAuv_5MZEM3gf3fNDm213iEqzsaMV2XtoIqs8Y8LGEQ==
x-cache
Miss from cloudfront

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-FMe37kBE2uHM08_jMnqJk2VGEtnPXDaf5Jwkfo8-~A
date
Sun, 03 Dec 2023 01:28:59 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
setuid
prebid-server.rubiconproject.com/ Frame E92E 		0
916 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=undertone&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&account=&f=b&uid=2ssbmxy2m5doqb7ooe8p8ovwc
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=&gdpr_consent=&us_privacy=1YNY&redirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dundertone%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html
t.gif
cw.addthis.com/ Frame E92E 		0
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cw.addthis.com/t.gif?pid=46&pdid=2f4a05bfd4ee4024b87afea020c0c37c
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=&gdpr_consent=&us_privacy=1YNY&redirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dundertone%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.192.4.202 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-4-202.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 01:28:59 GMT
cache-control
max-age=0, no-cache, no-store
expires
Sun, 03 Dec 2023 01:28:59 GMT
demconf.jpg
dpm.demdex.net/ Frame E92E
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=152416&dpuuid=2ssbmxy2m5doqb7ooe8p8ovwc
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=152416&dpuuid=2ssbmxy2m5doqb7ooe8p8ovwc
42 B
715 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=152416&dpuuid=2ssbmxy2m5doqb7ooe8p8ovwc
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=&gdpr_consent=&us_privacy=1YNY&redirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dundertone%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
100.26.84.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-26-84-35.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

dcs
dcs-prod-va6-1-v053-0ad568775.edge-va6.demdex.com 2 ms
pragma
no-cache
date
Sun, 03 Dec 2023 01:28:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
2EVFBZJoSEM=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs
dcs-prod-va6-1-v053-0f0ef86cd.edge-va6.demdex.com 0 ms
pragma
no-cache
date
Sun, 03 Dec 2023 01:28:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-tid
3mLUmK0gQbQ=
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=152416&dpuuid=2ssbmxy2m5doqb7ooe8p8ovwc
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
15597
tags.bluekai.com/site/ Frame E92E 		62 B
437 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/15597?id=2ssbmxy2m5doqb7ooe8p8ovwc
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=&gdpr_consent=&us_privacy=1YNY&redirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dundertone%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.62.105.110 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-62-105-110.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Sun, 03 Dec 2023 01:28:59 GMT
content-length
62
content-type
image/gif
db_sync
px.ads.linkedin.com/ Frame E92E
Redirect Chain
  • https://idsync.rlcdn.com/403716.gif?partner_uid=2ssbmxy2m5doqb7ooe8p8ovwc
  • https://pippio.com/api/sync?pid=5324&it=1&iv=8378ff29b40db3fd5bd5cbd267b402b8934c19b52d610ffbd8f6a67c4081e57c791426b5417dce21&_=2
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=8378ff29b40db3fd5bd5cbd267b402b8934c19b52d610ffbd8f6a67c4081e57c791426b5417dce21&rand=04346099
0
144 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=8378ff29b40db3fd5bd5cbd267b402b8934c19b52d610ffbd8f6a67c4081e57c791426b5417dce21&rand=04346099
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=&gdpr_consent=&us_privacy=1YNY&redirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dundertone%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:59 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: B9A4C85D7088440D84D0026CFD2CCFE1 Ref B: EWR311000102031 Ref C: 2023-12-03T01:28:59Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYLkO0EqaGqwNVWmj1VJA==

Redirect headers

date
Sun, 03 Dec 2023 01:28:59 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=8378ff29b40db3fd5bd5cbd267b402b8934c19b52d610ffbd8f6a67c4081e57c791426b5417dce21&rand=04346099
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usermatch.gif
beacon.krxd.net/ Frame E92E 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=undertone&partner_uid=2ssbmxy2m5doqb7ooe8p8ovwc
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=&gdpr_consent=&us_privacy=1YNY&redirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dundertone%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.24.3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-24-3.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-served-by
beacon-n025-ash-prod.krxd.net
date
Sun, 03 Dec 2023 01:28:59 GMT
cache-control
private, no-cache, no-store
x-request-time
D=39 t=1701566939
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
rum
dsum-sec.casalemedia.com/ Frame ACB1
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale?us_privacy=1YNY
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=0aefc4a5-4b50-4aeb-845b-55f3253f3643&expiration=1704158939&gdpr=0&gdpr_consent=
43 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=0aefc4a5-4b50-4aeb-845b-55f3253f3643&expiration=1704158939&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&us_privacy=1YNY
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 01:28:59 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nfx9QFUx6%2FQAEWu4U5BulWhSyZ35pNv1zeoycl2w11hu7nezWdQxq1tHzcJFvdcziTTzXupAMjxR9wYa4B9nN%2BlHvxjNGTh297%2FWcLgz0S6lz3i1Aw%2Bmv7QK76RohMESwkWnf8btk07mMw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82f8093db93da21c-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=0aefc4a5-4b50-4aeb-845b-55f3253f3643&expiration=1704158939&gdpr=0&gdpr_consent=
date
Sun, 03 Dec 2023 01:28:59 GMT
server
Kestrel
content-length
323
crum
dsum-sec.casalemedia.com/ Frame ACB1
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&us_privacy=1YNY
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6848836367408275229&us_privacy=1YNY
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6848836367408275229&us_privacy=1YNY
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&us_privacy=1YNY
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 01:28:59 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pm2QhRmnmW%2BeutD82%2BXNuB7byjJ9oCUiFhu69xVbVXDup5rqpscsp6BO%2B3PXQDyra7IDxlyI510wqgXsxfhapAAPIqHVVg%2BbawMLNKnZOMtFRLbG8V7zlQtLZw1tnN6h4ewE%2FzJfdq8B6g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82f8093db938a21c-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 03 Dec 2023 01:28:59 GMT
an-x-request-uuid
a3b8b492-54aa-464b-a149-733bfc77e56f
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6848836367408275229&us_privacy=1YNY
x-proxy-origin
96.9.249.43; 96.9.249.43; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
ZWvZ20srsfvbC5CJReY1awAADZUAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame ACB1 		43 B
600 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZWvZ20srsfvbC5CJReY1awAADZUAAAAB?gdpr_consent=&us_privacy=1YNY&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&us_privacy=1YNY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:739a:80b0:b95:4dd1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:59 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
ZWvZ20srsfvbC5CJReY1awAADZUAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame ACB1
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZWvZ20srsfvbC5CJReY1awAADZUAAAAB&gdpr_consent=&us_privacy=1YNY&gdpr=&gpp=&gpp_sid=
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZWvZ20srsfvbC5CJReY1awAADZUAAAAB
43 B
600 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZWvZ20srsfvbC5CJReY1awAADZUAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&us_privacy=1YNY
Protocol
H2
Server
2600:1f18:4e9:5a02:739a:80b0:b95:4dd1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:59 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/ZWvZ20srsfvbC5CJReY1awAADZUAAAAB
date
Sun, 03 Dec 2023 01:28:59 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame ACB1
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=1YNY&user_id=ZWvZ20srsfvbC5CJReY1awAA%263477
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=1YNY&user_id=ZWvZ20srsfvbC5CJReY1awAA%263477&tc=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=1P2nshhnHbH_p4eIB0uu_UmhYnlSCyNEmwxbS2kogLU&pi=index&gpdr=&gdpr_consent=&us_privacy=1YNY&user_id=ZWvZ20srsfvbC5CJReY1awAA%263477...
43 B
739 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=1P2nshhnHbH_p4eIB0uu_UmhYnlSCyNEmwxbS2kogLU&pi=index&gpdr=&gdpr_consent=&us_privacy=1YNY&user_id=ZWvZ20srsfvbC5CJReY1awAA%263477&tc=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&us_privacy=1YNY
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 01:29:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M9PZ5UdT1UJC0xx8YCwyBZDnj4OGzonNBhgNYFTpVymVnhEU74t%2BRfFT3uSGVCU9YHyYX90DCRiCOz9%2BKe5uhoiA%2Fn8z50KhBaF6SkuxggbsHNn4kvUULLzO%2FZGVXyn%2FKD6I%2B%2BdiEHGqlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82f80942bfb6a21c-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=1P2nshhnHbH_p4eIB0uu_UmhYnlSCyNEmwxbS2kogLU&pi=index&gpdr=&gdpr_consent=&us_privacy=1YNY&user_id=ZWvZ20srsfvbC5CJReY1awAA%263477&tc=1
pragma
no-cache
date
Sun, 03 Dec 2023 01:29:00 GMT, Sun, 03 Dec 2023 01:29:00 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame ACB1
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&us_privacy=1YNY
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=wQAas5MMSLDaDR-1wVcBtcdXFOHaVhS3wwNzvRhb
43 B
822 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=wQAas5MMSLDaDR-1wVcBtcdXFOHaVhS3wwNzvRhb
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&us_privacy=1YNY
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 01:28:59 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=riM%2FakkLbPxE6l1KbUaJIuHydY44iUc9bvqyBgM0LyhkMlsJOU2y%2BKBqfvhwjppISQslrgREtcZl2jPiIk13oi8O9y27SBq0UCck0%2FQTQYEcGuNHTBu4MxafLcHsjHkEmcpA5XXVPmSlaA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82f8093da921a21c-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 03 Dec 2023 01:28:59 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=wQAas5MMSLDaDR-1wVcBtcdXFOHaVhS3wwNzvRhb
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
CookieIndex
rtb.adentifi.com/ Frame ACB1 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieIndex?us_privacy=1YNY
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&us_privacy=1YNY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.175.39.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-175-39-171.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:59 GMT
rum
dsum-sec.casalemedia.com/ Frame ACB1
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&us_privacy=1YNY
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZWvZ2gAEFI0d-gBU&us_privacy=1YNY
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZWvZ2gAEFI0d-gBU&us_privacy=1YNY
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&us_privacy=1YNY
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 01:28:59 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cRlJ6hkuTlu1uqdyTEIaK6t4neTC7BkI7j%2B%2F9SQkug8dM6UQjKnKCoAKYhPV%2FfUAHvQI7WBacawN5tYm7HymNi8QY81SnHHIVnpU4HaFWEsYv5%2FvF3DT1QoVxkfuK2XZcHIjtAGPl1l6rQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82f8093d9901a21c-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

x-served-by
cache-yyz4529-YYZ
pragma
no-cache
date
Sun, 03 Dec 2023 01:28:59 GMT
via
1.1 varnish
server
Varnish
x-timer
S1701566940.743882,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZWvZ2gAEFI0d-gBU&us_privacy=1YNY
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
sync
usr.undertone.com/userPixel/ Frame ACB1 		0
307 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?us_privacy=1YNY&partnerId=57&uid=ZWvZ20srsfvbC5CJReY1awAADZUAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&us_privacy=1YNY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.132.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-132-67.jfk52.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:28:59 GMT
via
1.1 e8977de5589675c37360cfbb1bfac24a.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P2
content-length
0
x-amz-cf-id
CiTYhgoMomG7TnxU-0rhsNPpVYmjWC7Foe-pxjpxL9OxonPdvV2DFg==
x-cache
Miss from cloudfront
usync.js
eus.rubiconproject.com/ Frame ACF6 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776&us_privacy=1YNY
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.217.173.107 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-217-173-107.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
967955e0fe2f5def1affe5e2189e858bf82c9f989074b242dcb5643e42912101

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=12776&us_privacy=1YNY
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Sun, 03 Dec 2023 01:28:59 GMT
Content-Encoding
gzip
Last-Modified
Sat, 02 Dec 2023 18:12:58 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=60269
Connection
keep-alive
Content-Length
13236
Expires
Sun, 03 Dec 2023 18:13:28 GMT
khaos.json
token.rubiconproject.com/ Frame ACF6 		7 B
819 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?us_privacy=1YNY&khaos=LPOT0PQP-U-9UAG
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
a3627e8efa32d23b7838eace974fecff
Expires
0
usermatch
ssum-sec.casalemedia.com/ Frame ABC1 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&cb=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7fcad0fc8a8d1303f8f972cc54f1829581da4f0b63f64e6dce11bce99c6acf34

Request headers

Referer
https://gfieldmoney.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
82f8093f5b79a21c-YYZ
content-encoding
br
content-type
text/html
date
Sun, 03 Dec 2023 01:29:00 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aAj%2FbSgffOAD2MeCwij3MfttUSd6BG96VXubydrjcbUaXskeBJ4zR7c2Nj6uIXCxvSIEqUSeCGCxlfII1OiDG%2BytAgxrd%2Fqqkugnei211pRDFoG6J85C3%2BkWY89DxyJNI3mZM5%2FDffWIQw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
user-registering
ads.stickyadstv.com/ Frame ABC1 		43 B
652 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZWvZ20srsfvbC5CJReY1awAADZUAAAAB&gdpr_consent=&us_privacy=1YNY&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&cb=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.251.28.133 Secaucus, United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 03 Dec 2023 01:29:00 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1701566940545071-262
crum
dsum-sec.casalemedia.com/ Frame ABC1
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie?us_privacy=1YNY
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AABG-07K17QAABaoX3xKGQ&expiration=1702776540&us_privacy=1YNY
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AABG-07K17QAABaoX3xKGQ&expiration=1702776540&us_privacy=1YNY
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&cb=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 01:29:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dyzOyiy%2F%2FdvTDX2TjJLt6XdNKZegokYnLp2M65APP1Qm9JMYqDYwybmjEq0gKha%2B%2B%2BAsats7FyW9bDMOhqwc5m8hE60KDip%2BOabfb2x1Emj4rCaf8StaMuL6rsWYVp65W6oBG9lWpDLk%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82f80940ed6ca21c-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AABG-07K17QAABaoX3xKGQ&expiration=1702776540&us_privacy=1YNY
Date
Sun, 03 Dec 2023 01:29:00 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
rum
dsum.casalemedia.com/ Frame ABC1
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&us_privacy=1YNY
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=6c515800b71c1504&is_secure=true&networkId=19998&version=1&us_privacy=1YNY
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAHd2LSLliMWQNdGGrQAAAAAAA&expiration=1701653340&is_secure=true&us_privacy=1YNY
43 B
718 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAHd2LSLliMWQNdGGrQAAAAAAA&expiration=1701653340&is_secure=true&us_privacy=1YNY
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&cb=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 01:29:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=21Fp1xzv0aSx2rWZN1TkW5tf4oetfgLnpTkdA2lxHQqPy%2FnMLwRoL5h0c2XyJlTcGPZi2pR8x8TcpcL%2F0P36n7YC0VDLbTIo898Gqj0jqtceRjnD53tVtE0xREvws2NtmFgmS%2Bsu"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82f809412dcaa21c-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 03 Dec 2023 01:29:00 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAHd2LSLliMWQNdGGrQAAAAAAA&expiration=1701653340&is_secure=true&us_privacy=1YNY
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
rum
r.casalemedia.com/ Frame ABC1
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&us_privacy=1YNY
  • https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=0995b0c7-515f-4d0c-8d64-3489ea5938b1-656bd9da-5553&gdpr=0&gdpr_consent=
43 B
534 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=0995b0c7-515f-4d0c-8d64-3489ea5938b1-656bd9da-5553&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&cb=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 01:29:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MLo6J1cu25gavfpvl%2Bi5erxfhBBM2Yrv29QpPzv2dXnEwLabKM%2BvroXZ9F61WxHO5c%2BpKRwBeQgrfKPeJPRwqrmc1jjNMZnY1IXB1yA4ErpMEj0Dp378q5v8Y08fHCM87G%2BR"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82f80940ee4854af-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 03 Dec 2023 01:29:00 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=0995b0c7-515f-4d0c-8d64-3489ea5938b1-656bd9da-5553&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
crum
dsum-sec.casalemedia.com/ Frame ABC1
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079&us_privacy=1YNY
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1791377154225342206
43 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1791377154225342206
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&cb=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 01:29:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rSsN00kD9n9NVf%2FTBAPwKSqYyibV2%2F%2FfSUjyaVnTaFE%2FK5ecYQx3AHSa%2B0p4utbFBpjPNPdMfMRhQRlwM5VOaWBhwejkq60ZCusH%2FapNBGy7uSdrBXzJKlMzv0Vw2dFhW%2F5EDnn4NXvZbA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82f80940cd4aa21c-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1791377154225342206
Date
Sun, 03 Dec 2023 01:29:00 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
crum
dsum-sec.casalemedia.com/ Frame ABC1
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=1YNY&user_id=ZWvZ20srsfvbC5CJReY1awAA%263477
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=1YNY&user_id=ZWvZ20srsfvbC5CJReY1awAA%263477&tc=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=Dr8y37TbsxIaHQdwtbFQDbOjUoVStEqYz14KJCXBZIs&pi=index&gpdr=&gdpr_consent=&us_privacy=1YNY&user_id=ZWvZ20srsfvbC5CJReY1awAA%263477...
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=Dr8y37TbsxIaHQdwtbFQDbOjUoVStEqYz14KJCXBZIs&pi=index&gpdr=&gdpr_consent=&us_privacy=1YNY&user_id=ZWvZ20srsfvbC5CJReY1awAA%263477&tc=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&cb=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 01:29:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rKj2eR7IcVMG3NXIBxmLqLsfbQ0cqDQybZCPgMCb9y8lmwnRXN8WXHpzKnVrN7qGCFG2mdNlm9iODGBJb0k3cLDC5MZx1zZ%2Fk3VJ7G%2FCAU%2BYuqeUUjPll7uCoVexO6CXkb6Ub8JbJP3TYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82f80942cfc7a21c-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=Dr8y37TbsxIaHQdwtbFQDbOjUoVStEqYz14KJCXBZIs&pi=index&gpdr=&gdpr_consent=&us_privacy=1YNY&user_id=ZWvZ20srsfvbC5CJReY1awAA%263477&tc=1
pragma
no-cache
date
Sun, 03 Dec 2023 01:29:00 GMT, Sun, 03 Dec 2023 01:29:00 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame ABC1
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&us_privacy=1YNY
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=kabkwUtO1R9Bi25&us_privacy=1YNY
43 B
738 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=kabkwUtO1R9Bi25&us_privacy=1YNY
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&cb=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 01:29:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mrvgTafRoGU4TYdGCjqvPzbTHfA9vwFNUn45VhAsHhe5Yxk%2BWyPvBzUKFOh2fjJafjP8eggzvYl%2B89g468aQddyABJJTC%2FeBBTXr9m8bAoWMjcSSjyIs4yql%2BJByl%2B7EuTyFJ%2FOMw%2Fhabg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82f80940ed6fa21c-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Sun, 03 Dec 2023 01:28:59 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-001e04138de754858@us-east-1e@dxedge-app-us-east-1-prod-asg
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=kabkwUtO1R9Bi25&us_privacy=1YNY
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame ABC1
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=1YNY&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://b1sync.zemanta.com/usersync/index/?gdpr=&gdpr_consent=&gpp=&gpp_sid=&s=2&us_privacy=1YNY
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=MLpNPKLNYzjB7l-_jlm-&us_privacy=1YNY
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=MLpNPKLNYzjB7l-_jlm-&us_privacy=1YNY
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&cb=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 01:29:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FURnpeRrpTMj6JXr%2B4qdg59vjI9OmRymi4oK68fIaA9Xy8hStdYOBsx%2F6I7%2BZDh81XHG3pqbxltClkSO%2B3wXW%2FAcD5czLfaN32fD1sYYYGJDpsg35Zz0KICDSz0EnRyjeFEBbimLQXgjLg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82f809419e53a21c-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Sun, 03 Dec 2023 01:29:00 GMT
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=MLpNPKLNYzjB7l-_jlm-&us_privacy=1YNY
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
135
Expires
Thu, 01 Dec 1994 16:00:00 GMT
setuid
prebid.production.adthrive.com/ Frame ABC1 		0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.production.adthrive.com/setuid?gpp=&gpp_sid=&bidder=ix&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&f=b&uid=ZWvZ20srsfvbC5CJReY1awAA%263477
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&cb=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.237.208.214 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-237-208-214.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
text/html
pragma
no-cache
date
Sun, 03 Dec 2023 01:29:00 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
SPug
simage4.pubmatic.com/AdServer/ Frame 0309 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156423&gdpr=0&gdpr_consent=&us_privacy=1YNY
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=1YNY&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D1YNY%26bidder_id%3D25%26external_user_id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 16:22:36 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
setuid
prebid-server.rubiconproject.com/
Redirect Chain
  • https://ad.360yield.com/server_match?gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D%26gdpr_consent%3...
  • https://prebid-server.rubiconproject.com/setuid?bidder=improvedigital&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&account=&f=i&uid=044b2f34-390c-453e-b062-89487d94c2a7
86 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=improvedigital&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&account=&f=i&uid=044b2f34-390c-453e-b062-89487d94c2a7
Protocol
HTTP/1.1
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
image/png
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-encoding
gzip
transfer-encoding
chunked
Expires
0

Redirect headers

location
https://prebid-server.rubiconproject.com/setuid?bidder=improvedigital&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&account=&f=i&uid=044b2f34-390c-453e-b062-89487d94c2a7
access-control-allow-origin
*
date
Sun, 03 Dec 2023 01:29:00 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
setuid
prebid.production.adthrive.com/
Redirect Chain
  • https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&rurl=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%...
  • https://prebid-match.dotomi.com/match/bounce/current?DotomiTest=5c81724dd90a1504&is_secure=true&version=1&networkId=72582&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&rurl=https%3A%2F%2Fprebid...
  • https://prebid.production.adthrive.com/setuid?bidder=conversant&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&f=i&uid=AAAF0Jzzk-9EkwN2yyO6AAAAAAA&expiration=1701653340
86 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.production.adthrive.com/setuid?bidder=conversant&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&f=i&uid=AAAF0Jzzk-9EkwN2yyO6AAAAAAA&expiration=1701653340
Protocol
H2
Server
44.237.208.214 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-237-208-214.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Sun, 03 Dec 2023 01:29:00 GMT
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
expires
0

Redirect headers

pragma
no-cache
date
Sun, 03 Dec 2023 01:29:00 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://prebid.production.adthrive.com/setuid?bidder=conversant&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&f=i&uid=AAAF0Jzzk-9EkwN2yyO6AAAAAAA&expiration=1701653340
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
setuid
prebid-server.rubiconproject.com/
Redirect Chain
  • https://sync.resetdigital.co/csync?pid=rubicon&puid={Publisher%20UID}&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dresetdigital%26gdpr%3D%26gdpr_consent%3D%26us_privacy%...
  • https://prebid-server.rubiconproject.com/setuid?bidder=resetdigital&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&account=&f=i&uid=0000012016C3AC42
86 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=resetdigital&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&account=&f=i&uid=0000012016C3AC42
Protocol
HTTP/1.1
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
image/png
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-encoding
gzip
transfer-encoding
chunked
Expires
0

Redirect headers

location
https://prebid-server.rubiconproject.com/setuid?bidder=resetdigital&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&account=&f=i&uid=0000012016C3AC42
date
Sun, 03 Dec 2023 01:29:00 GMT
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
content-length
0
content-type
text/html
11685
rtb.gumgum.com/usync/ Frame ECCB 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/11685?gdpr=&gdpr_consent=&us_privacy=1YNY&r=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.196.63.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-63-5.compute-1.amazonaws.com
Software
nginx /
Resource Hash
0fe529e5fecb3ecca76bbe57aab83387276155320176370e97313cf257b783b9

Request headers

Referer
https://gfieldmoney.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Sun, 03 Dec 2023 01:29:00 GMT
etag
W/"05a991e43e07fd0c3ccaf207d34df212f"
server
nginx
timing-allow-origin
*
setuid
prebid-server.rubiconproject.com/ 		86 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=rubicon&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&account=9262&f=i&uid=LPOT0PQP-U-9UAG
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
image/png
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-encoding
gzip
transfer-encoding
chunked
Expires
0
setuid
prebid-server.rubiconproject.com/
Redirect Chain
  • https://sync.1rx.io/usersync2/rmphb?gdpr=&gdpr_consent=&us_privacy=1YNY&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1Y...
  • https://sync.targeting.unrulymedia.com/csync/RX-dec0b61f-6e1a-4358-9cea-225ed68296c4-005?redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D%26gdpr_consent%3D%...
  • https://prebid-server.rubiconproject.com/setuid?bidder=unruly&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&account=&f=i&uid=RX-dec0b61f-6e1a-4358-9cea-225ed68296c4-005
86 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=unruly&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&account=&f=i&uid=RX-dec0b61f-6e1a-4358-9cea-225ed68296c4-005
Protocol
HTTP/1.1
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
image/png
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-encoding
gzip
transfer-encoding
chunked
Expires
0

Redirect headers

Date
Sun, 03 Dec 2023 01:29:01 GMT
Server
Tengine
ETag
RXdec0b61f6e1a43589cea225ed68296c4005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://prebid-server.rubiconproject.com/setuid?bidder=unruly&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&account=&f=i&uid=RX-dec0b61f-6e1a-4358-9cea-225ed68296c4-005
Content-Type
text/html
Connection
keep-alive
usersync
usersync.gumgum.com/ Frame ECCB
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=6848836367408275229
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=6848836367408275229
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/11685?gdpr=&gdpr_consent=&us_privacy=1YNY&r=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 03 Dec 2023 01:29:01 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 03 Dec 2023 01:29:00 GMT
an-x-request-uuid
37199d1a-b48b-4344-8867-174d857eb088
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://usersync.gumgum.com/usersync?b=apn&i=6848836367408275229
x-proxy-origin
96.9.249.43; 96.9.249.43; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame ECCB
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_79a0f9f2-0294-4ebf-ad95-660dab14ef74&gdpr=&gdpr_consent=&us_privacy=1YNY
  • https://t.pswec.com/bsw_sync?ssp=gumgum2&bsw_user_id=a79111c6-27ff-47f3-a668-26bb7e3273b1
  • https://t.pswec.com/ul_cb/bsw_sync?ssp=gumgum2&bsw_user_id=a79111c6-27ff-47f3-a668-26bb7e3273b1
  • https://x.bidswitch.net/sync?dsp_id=2&user_id=9154554c-294c-4872-9072-ca4b9da4e8de&expires=3&user_group=1&ssp=gumgum2
  • https://usersync.gumgum.com/usersync?b=bsw&i=a79111c6-27ff-47f3-a668-26bb7e3273b1&gdpr=&gdpr_consent=&us_privacy=
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=a79111c6-27ff-47f3-a668-26bb7e3273b1&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/11685?gdpr=&gdpr_consent=&us_privacy=1YNY&r=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 03 Dec 2023 01:29:01 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
//usersync.gumgum.com/usersync?b=bsw&i=a79111c6-27ff-47f3-a668-26bb7e3273b1&gdpr=&gdpr_consent=&us_privacy=
Date
Sun, 03 Dec 2023 01:29:01 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
usersync
usersync.gumgum.com/ Frame ECCB
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=1YNY&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=dc52ac44-dd6a-4844-9da6-86eb5380c891
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=dc52ac44-dd6a-4844-9da6-86eb5380c891
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/11685?gdpr=&gdpr_consent=&us_privacy=1YNY&r=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 03 Dec 2023 01:29:01 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Sun, 03 Dec 2023 01:29:00 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=dc52ac44-dd6a-4844-9da6-86eb5380c891
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame ECCB
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-6461cf8b-a48b-5c3f-42b2-1db1c6036d1a$ip$96.9.249.43
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-6461cf8b-a48b-5c3f-42b2-1db1c6036d1a$ip$96.9.249.43
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/11685?gdpr=&gdpr_consent=&us_privacy=1YNY&r=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 03 Dec 2023 01:29:01 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-6461cf8b-a48b-5c3f-42b2-1db1c6036d1a$ip$96.9.249.43
Date
Sun, 03 Dec 2023 01:29:00 GMT
Connection
keep-alive
Content-Length
125
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame ECCB
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-bjPvwlNE2pfJVAzHFqE3cKpE8Wa2GdP56bAx~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-bjPvwlNE2pfJVAzHFqE3cKpE8Wa2GdP56bAx~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/11685?gdpr=&gdpr_consent=&us_privacy=1YNY&r=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 03 Dec 2023 01:29:01 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Sun, 03 Dec 2023 01:29:00 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-bjPvwlNE2pfJVAzHFqE3cKpE8Wa2GdP56bAx~A
content-length
0
usersync
usersync.gumgum.com/ Frame ECCB
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=1YNY&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusers...
  • https://usersync.gumgum.com/usersync?b=vnt&i=5a4df778-f627-4743-8570-98b1bd159585
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=5a4df778-f627-4743-8570-98b1bd159585
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/11685?gdpr=&gdpr_consent=&us_privacy=1YNY&r=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 03 Dec 2023 01:29:01 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=5a4df778-f627-4743-8570-98b1bd159585
Date
Sun, 03 Dec 2023 01:29:00 GMT
Connection
keep-alive
X-CI-RTID
a875b67b-22c9-4078-bfe9-4545dd5adf15
Content-Length
108
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame ECCB
Redirect Chain
  • https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=dit&i=di_4319d0045c914814a2239
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=dit&i=di_4319d0045c914814a2239
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/11685?gdpr=&gdpr_consent=&us_privacy=1YNY&r=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 03 Dec 2023 01:29:01 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=dit&i=di_4319d0045c914814a2239
date
Sun, 03 Dec 2023 01:29:00 GMT
content-type
image/gif
server
b
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
usersync
usersync.gumgum.com/ Frame ECCB
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_79a0f9f2-0294-4ebf-ad95-660dab14ef74&gdpr=&gdpr_consent=&us_privacy=1YNY&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://usersync.gumgum.com/usersync?b=zem&i=MLpNPKLNYzjB7l-_jlm-&us_privacy=1YNY
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&i=MLpNPKLNYzjB7l-_jlm-&us_privacy=1YNY
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/11685?gdpr=&gdpr_consent=&us_privacy=1YNY&r=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 03 Dec 2023 01:29:01 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Sun, 03 Dec 2023 01:29:00 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&i=MLpNPKLNYzjB7l-_jlm-&us_privacy=1YNY
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
112
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame ECCB
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=rQ7zwlXgUEfr&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=rQ7zwlXgUEfr&ev=1&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/11685?gdpr=&gdpr_consent=&us_privacy=1YNY&r=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 03 Dec 2023 01:29:01 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://usersync.gumgum.com/usersync?b=pln&i=rQ7zwlXgUEfr&ev=1&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-74c7cffc45-9lnq4
expires
-1
usersync
usersync.gumgum.com/ Frame ECCB
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=9176360673980405968
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=9176360673980405968
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/11685?gdpr=&gdpr_consent=&us_privacy=1YNY&r=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 03 Dec 2023 01:29:01 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=9176360673980405968
date
Sun, 03 Dec 2023 01:29:00 GMT
content-length
0
setuid
prebid.production.adthrive.com/ Frame ECCB 		0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.production.adthrive.com/setuid?bidder=gumgum&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&f=b&uid=u_79a0f9f2-0294-4ebf-ad95-660dab14ef74
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/11685?gdpr=&gdpr_consent=&us_privacy=1YNY&r=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.237.208.214 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-237-208-214.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
text/html
pragma
no-cache
date
Sun, 03 Dec 2023 01:29:00 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
usersync
rtb.gumgum.com/ Frame EB3B
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=adf&i=2679859129782140740&gdpr=&gdpr_consent=
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=adf&i=2679859129782140740&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/11685?gdpr=&gdpr_consent=&us_privacy=1YNY&r=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.196.63.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-63-5.compute-1.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
content-length
35
content-type
image/gif;charset=UTF-8
date
Sun, 03 Dec 2023 01:29:01 GMT
expires
0
pragma
no-cache
server
nginx
timing-allow-origin
*

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Sun, 03 Dec 2023 01:29:00 GMT
expires
-1
location
https://rtb.gumgum.com/usersync?b=adf&i=2679859129782140740&gdpr=&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
pixel
cm.g.doubleclick.net/ Frame BAFF 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV83OWEwZjlmMi0wMjk0LTRlYmYtYWQ5NS02NjBkYWIxNGVmNzQ=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/11685?gdpr=&gdpr_consent=&us_privacy=1YNY&r=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Sun, 03 Dec 2023 01:29:00 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame EEB8 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/11685?gdpr=&gdpr_consent=&us_privacy=1YNY&r=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.62.105.11 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-62-105-11.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=132083
content-encoding
gzip
content-length
5622
content-type
text/html
date
Sun, 03 Dec 2023 01:29:00 GMT
expires
Mon, 04 Dec 2023 14:10:23 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame C5C1
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=0aefc4a5-4b50-4aeb-845b-55f3253f3643
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=ttd&i=0aefc4a5-4b50-4aeb-845b-55f3253f3643
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/11685?gdpr=&gdpr_consent=&us_privacy=1YNY&r=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 03 Dec 2023 01:29:01 GMT
Expires
0
Pragma
no-cache

Redirect headers

content-length
193
date
Sun, 03 Dec 2023 01:29:01 GMT
location
https://usersync.gumgum.com/usersync?b=ttd&i=0aefc4a5-4b50-4aeb-845b-55f3253f3643
server
Kestrel
usersync
usersync.gumgum.com/ Frame D8CB
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZWvZ3cCo5r8AAAivavUAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZWvZ3cCo5r8AAAivavUAAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/11685?gdpr=&gdpr_consent=&us_privacy=1YNY&r=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 03 Dec 2023 01:29:02 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Sun, 03 Dec 2023 01:29:02 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZWvZ3cCo5r8AAAivavUAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
3
X-SO-Cluster-ID
0
X-SO-HostName
m-ad421.dc4p.scaleout.jp
X-SO-IP
96.9.249.43
X-SO-Key
ZWvZ3cCo5r8AAAivavUAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":false,"ipv4":"96.9.249.43","key":"ZWvZ3cCo5r8AAAivavUAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad421"}
X-SO-LB-Hostname
a-tgng40001.dc2p.scaleout.jp
X-SO-Upstream-ID
m-ad421
usersync
usersync.gumgum.com/ Frame 1476
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://usersync.gumgum.com/usersync?b=rth&i=Dr8y37TbsxIaHQdwtbFQDbOjUoVStEqYz14KJCXBZIs&pi=gumgum
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=Dr8y37TbsxIaHQdwtbFQDbOjUoVStEqYz14KJCXBZIs&pi=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/11685?gdpr=&gdpr_consent=&us_privacy=1YNY&r=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 03 Dec 2023 01:29:01 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Sun, 03 Dec 2023 01:29:01 GMT Sun, 03 Dec 2023 01:29:01 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=Dr8y37TbsxIaHQdwtbFQDbOjUoVStEqYz14KJCXBZIs&pi=gumgum
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame CDBE
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/11685?gdpr=&gdpr_consent=&us_privacy=1YNY&r=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.217.173.107 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-217-173-107.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 03 Dec 2023 01:29:01 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 03 Dec 2023 01:29:01 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
cm
u.openx.net/w/1.0/ Frame 4759 		925 B
896 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
d6aa304816c6f054c61aa4eb57213b86a73e1e6d1890f4eb6e01ffa01ff2895d

Request headers

Referer
https://gfieldmoney.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
584
content-type
text/html
date
Sun, 03 Dec 2023 01:29:01 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
PugMaster
image6.pubmatic.com/AdServer/ Frame F0CE 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=1398128&p=156423&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YNY
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=1YNY&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D1YNY%26bidder_id%3D25%26external_user_id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
1fc0c3377dc8b7d617966fb4836c2714a87fa613560d69c444f2e078125295a5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sun, 03 Dec 2023 01:29:00 GMT
content-length
1932
content-type
text/html; charset=UTF-8
usync.js
eus.rubiconproject.com/ Frame CDBE 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.217.173.107 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-217-173-107.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
967955e0fe2f5def1affe5e2189e858bf82c9f989074b242dcb5643e42912101

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Sun, 03 Dec 2023 01:29:01 GMT
Content-Encoding
gzip
Last-Modified
Sat, 02 Dec 2023 18:12:58 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=60267
Connection
keep-alive
Content-Length
13236
Expires
Sun, 03 Dec 2023 18:13:28 GMT
setuid
prebid-server.rubiconproject.com/ Frame 4759 		0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=openx&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&account=&f=b&uid=12b187fb-4ce0-43fb-9151-56131a8b0b5a
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html
sd
us-u.openx.net/w/1.0/ Frame 4759
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZWvZ2gAEFI0d-gBU
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZWvZ2gAEFI0d-gBU
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 01:29:01 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by
cache-yyz4529-YYZ
pragma
no-cache
date
Sun, 03 Dec 2023 01:29:01 GMT
via
1.1 varnish
server
Varnish
x-timer
S1701566941.196291,VS0,VE0
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZWvZ2gAEFI0d-gBU
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
bfa86e70-65d3-e25b-cb0a-80f36487049e
pr-bh.ybp.yahoo.com/sync/openx/ Frame 4759 		43 B
600 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/bfa86e70-65d3-e25b-cb0a-80f36487049e?gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:739a:80b0:b95:4dd1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:29:01 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
dcm
s.amazon-adsystem.com/ Frame 4759 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=73b97449-e9d5-cbe8-3ad3-1491f3e30237
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 03 Dec 2023 01:29:01 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
1Q2R80HQB18CRPRJ2HST
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 4759
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=2b6f0834-f57f-7012-fadd-96069bd0c9d7&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=0aefc4a5-4b50-4aeb-845b-55f3253f3643&ttd_puid=2b6f0834-f57f-7012-fadd-96069bd0c9d7&gdpr=0&gdpr_consent=
43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=0aefc4a5-4b50-4aeb-845b-55f3253f3643&ttd_puid=2b6f0834-f57f-7012-fadd-96069bd0c9d7&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 01:29:01 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=0aefc4a5-4b50-4aeb-845b-55f3253f3643&ttd_puid=2b6f0834-f57f-7012-fadd-96069bd0c9d7&gdpr=0&gdpr_consent=
date
Sun, 03 Dec 2023 01:29:01 GMT
server
Kestrel
content-length
335
pixel
cm.g.doubleclick.net/ Frame 4759 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MDcwMGRiZmUtM2MwOC0yZWI2LWVmM2QtY2NiZjUxMzIwN2I3
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 01:29:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 4759
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEC1NH7GBdLkXJhEEbMO9KsM&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEC1NH7GBdLkXJhEEbMO9KsM&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 01:29:01 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 03 Dec 2023 01:29:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEC1NH7GBdLkXJhEEbMO9KsM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame E05B
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=6
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=859701337046
42 B
411 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=859701337046
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=1YNY&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D1YNY%26bidder_id%3D25%26external_user_id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 03 Dec 2023 01:29:01 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Content-Length
0
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=859701337046
cm
ipac.ctnsnet.com/int/ Frame E210 		43 B
312 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=1YNY&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D1YNY%26bidder_id%3D25%26external_user_id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Sun, 03 Dec 2023 01:29:00 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
Pug
image2.pubmatic.com/AdServer/ Frame B8FF
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=O8xLYkpJBimhq3WZ3dlrZQ
42 B
280 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=O8xLYkpJBimhq3WZ3dlrZQ
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=1YNY&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D1YNY%26bidder_id%3D25%26external_user_id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 03 Dec 2023 01:29:01 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
cache-control
no-store
content-length
153
content-type
text/html; charset=utf-8
date
Sun, 03 Dec 2023 01:29:01 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=O8xLYkpJBimhq3WZ3dlrZQ
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame 3D40
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://ad.turn.com/r/cs?pid=45&rndcb=2840997971
  • https://sync.1rx.io/usersync/turn/9068383233460391601?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-dec0b61f-6e1a-4358-9cea-225ed68296c4-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-dec0b61f-6e1a-4358-9cea-225ed68296c4-005
42 B
253 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-dec0b61f-6e1a-4358-9cea-225ed68296c4-005
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=1YNY&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D1YNY%26bidder_id%3D25%26external_user_id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 03 Dec 2023 01:29:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Type
text/html
Date
Sun, 03 Dec 2023 01:29:01 GMT
ETag
RXdec0b61f6e1a43589cea225ed68296c4005
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-dec0b61f-6e1a-4358-9cea-225ed68296c4-005
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Server
Tengine
Transfer-Encoding
chunked
Pug
simage2.pubmatic.com/AdServer/ Frame 9086
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:ddea656b-d9dd-4800-9980-4e927edf5255&gdpr=0&gdpr_consent=
42 B
289 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:ddea656b-d9dd-4800-9980-4e927edf5255&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=1YNY&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D1YNY%26bidder_id%3D25%26external_user_id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 03 Dec 2023 01:29:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Sun, 03 Dec 2023 01:29:01 GMT
Expires
Sun, 03 Dec 2023 01:29:00 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 1191 303c5b1 master ord ord-pixel-x30 config_version:"2081"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:ddea656b-d9dd-4800-9980-4e927edf5255&gdpr=0&gdpr_consent=
cookiesync
core.iprom.net/ Frame 27E9 		43 B
277 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=1YNY&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D1YNY%26bidder_id%3D25%26external_user_id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Sun, 03 Dec 2023 01:29:02 GMT
Vary
Accept-Encoding
X-adserver-worker
erebus-78603e52183f@version_1.578
X-core-time
0ms
X-server-arch
v2
pub
matching.truffle.bid/sync/ Frame 91B3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=1YNY&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D1YNY%26bidder_id%3D25%26external_user_id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.55.120.196 -, , ASN (),
Reverse DNS
Software
nginx/1.23.3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Date
Sun, 03 Dec 2023 01:29:01 GMT
Server
nginx/1.23.3
Strict-Transport-Security
max-age=15768000
Pug
simage2.pubmatic.com/AdServer/ Frame 76AF
Redirect Chain
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7548533411454851215&uid=Q754853341145485...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7548533411454851215
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7548533411454851215
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=1YNY&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D1YNY%26bidder_id%3D25%26external_user_id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 03 Dec 2023 01:29:01 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
max-age=33056
Connection
keep-alive
Content-Length
154
Content-Type
text/html
Date
Sun, 03 Dec 2023 01:29:01 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7548533411454851215
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
Apache/2.4.6 (CentOS)
Vary
Accept-Encoding
X-Powered-By
PHP/7.3.33
Pug
simage2.pubmatic.com/AdServer/ Frame CE62
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A0094357F4164D11BAF4FA6E045A129E&gdpr=0&gdpr_consent=
1 B
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A0094357F4164D11BAF4FA6E045A129E&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=1YNY&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D1YNY%26bidder_id%3D25%26external_user_id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Sat, 02 Dec 2023 16:09:56 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Sun, 03 Dec 2023 01:29:01 GMT
expires
Sat, 02 Dec 2023 01:29:01 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A0094357F4164D11BAF4FA6E045A129E&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
match
events-ssc.33across.com/ Frame 58C8 		68 B
82 B 		Document
General
Check archive.org
Download Go to
Full URL
https://events-ssc.33across.com/match?liv=h&us_privacy=1YNY&bidder_id=25&external_user_id=7B075CE7-101E-4A79-8D4A-D4FF4B2C5B19
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=1YNY&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D1YNY%26bidder_id%3D25%26external_user_id%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png
date
Sun, 03 Dec 2023 01:29:01 GMT
via
1.1 google
insync
thrtle.com/ Frame F0CE
Redirect Chain
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=7B075CE7-101E-4A79-8D4A-D4FF4B2C5B19&gdpr=0&gdpr_consent=
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=7B075CE7-101E-4A79-8D4A-D4FF4B2C5B19&vxii_pid=12&vxii_pid1=10067&vxii_rcid=ef85dd46-efde-4162-a095-93b643d0ab2b
43 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=7B075CE7-101E-4A79-8D4A-D4FF4B2C5B19&vxii_pid=12&vxii_pid1=10067&vxii_rcid=ef85dd46-efde-4162-a095-93b643d0ab2b
Protocol
H2
Server
3.91.115.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

p3p
CP="NOI OUR BUS UNI COM NAV"
date
Sun, 03 Dec 2023 01:29:01 GMT
content-length
43
content-type
image/gif

Redirect headers

location
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=7B075CE7-101E-4A79-8D4A-D4FF4B2C5B19&vxii_pid=12&vxii_pid1=10067&vxii_rcid=ef85dd46-efde-4162-a095-93b643d0ab2b
date
Sun, 03 Dec 2023 01:29:01 GMT
content-type
text/html; charset=utf-8
content-length
211
p3p
CP="NOI OUR BUS UNI COM NAV"
sd
us-u.openx.net/w/1.0/ Frame F0CE 		43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=540245193&val=7B075CE7-101E-4A79-8D4A-D4FF4B2C5B19&gdpr=0&gdpr_consent=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 01:29:01 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
Martin
crb.kargo.com/api/v1/dsync/ Frame F0CE 		43 B
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crb.kargo.com/api/v1/dsync/Martin?exid=7B075CE7-101E-4A79-8D4A-D4FF4B2C5B19&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.217.198.78 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-217-198-78.compute-1.amazonaws.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 01:29:01 GMT
x-accel-expires
0
vary
Origin
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 UTC
sync
sync.bfmio.com/ Frame F0CE 		0
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=187&uid=7B075CE7-101E-4A79-8D4A-D4FF4B2C5B19&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.70.186.203 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Connection
keep-alive
Date
Sun, 03 Dec 2023 01:29:01 GMT
setuid
prebid-server.rubiconproject.com/
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dadf%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%2...
  • https://prebid-server.rubiconproject.com/setuid?bidder=adf&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&account=&f=i&uid=2679859129782140740
86 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=adf&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&account=&f=i&uid=2679859129782140740
Protocol
HTTP/1.1
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
image/png
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-encoding
gzip
transfer-encoding
chunked
Expires
0

Redirect headers

location
https://prebid-server.rubiconproject.com/setuid?bidder=adf&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&account=&f=i&uid=2679859129782140740
date
Sun, 03 Dec 2023 01:29:02 GMT
server
nginx
content-length
0
content-type
text/plain
khaos.json
token.rubiconproject.com/ Frame CDBE 		7 B
819 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?khaos=LPOT0PQP-U-9UAG
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
a3627e8efa32d23b7838eace974fecff
Expires
0
usersync
usersync.gumgum.com/ Frame CDBE
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LPOT0PQP-U-9UAG
  • https://usersync.gumgum.com/usersync?b=mag&i=LPOT0PQP-U-9UAG
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=mag&i=LPOT0PQP-U-9UAG
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/11685?gdpr=&gdpr_consent=&us_privacy=1YNY&r=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 03 Dec 2023 01:29:01 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usersync.gumgum.com/usersync?b=mag&i=LPOT0PQP-U-9UAG
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6734403d2cb3625dc1fef1bbd4a17cf3
Expires
0
setuid
prebid.production.adthrive.com/
Redirect Chain
  • https://ad.360yield.com/server_match?gdpr=&gdpr_consent=&us_privacy=1YNY&r=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3...
  • https://prebid.production.adthrive.com/setuid?bidder=improvedigital&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&f=i&uid=044b2f34-390c-453e-b062-89487d94c2a7
86 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.production.adthrive.com/setuid?bidder=improvedigital&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&f=i&uid=044b2f34-390c-453e-b062-89487d94c2a7
Protocol
H2
Server
44.237.208.214 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-237-208-214.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Sun, 03 Dec 2023 01:29:02 GMT
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
expires
0

Redirect headers

location
https://prebid.production.adthrive.com/setuid?bidder=improvedigital&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&f=i&uid=044b2f34-390c-453e-b062-89487d94c2a7
access-control-allow-origin
*
date
Sun, 03 Dec 2023 01:29:02 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
sync
eb2.3lift.com/ Frame CBDA 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1YNY&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
9f64ed63fff8cc552e60e8691cb1e3f814c5801177af608c62f8b078c651d3fc

Request headers

Referer
https://gfieldmoney.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1253
content-type
text/html; charset=utf-8
date
Sun, 03 Dec 2023 01:29:02 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
ib.adnxs.com/prebid/ Frame CBDA 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=1522299549400378201894
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1YNY&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.208 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 01:29:02 GMT
an-x-request-uuid
b1a87f2a-d0fe-455b-b61b-d5775c0d46fb
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
96.9.249.43; 96.9.249.43; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
xuid
eb2.3lift.com/ Frame CBDA
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=13&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2319&xuid=0-6461cf8b-a48b-5c3f-42b2-1db1c6036d1a$ip$96.9.249.43&dongle=4430
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2319&xuid=0-6461cf8b-a48b-5c3f-42b2-1db1c6036d1a$ip$96.9.249.43&dongle=4430
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1YNY&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 03 Dec 2023 01:29:02 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=2319&xuid=0-6461cf8b-a48b-5c3f-42b2-1db1c6036d1a$ip$96.9.249.43&dongle=4430
Date
Sun, 03 Dec 2023 01:29:02 GMT
Connection
keep-alive
Content-Length
137
Content-Type
text/html; charset=utf-8
xuid
eb2.3lift.com/ Frame CBDA
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://eb2.3lift.com/xuid?mid=3702&xuid=${ADELPHIC_CUID}&dongle=d54f&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3702&xuid=5a4df778-f627-4743-8570-98b1bd159585&dongle=d54f&gdpr=0&gdpr_consent=
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3702&xuid=5a4df778-f627-4743-8570-98b1bd159585&dongle=d54f&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1YNY&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 03 Dec 2023 01:29:02 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=3702&xuid=5a4df778-f627-4743-8570-98b1bd159585&dongle=d54f&gdpr=0&gdpr_consent=
Date
Sun, 03 Dec 2023 01:29:02 GMT
Connection
keep-alive
X-CI-RTID
aaa11c8f-8f1d-4619-a705-9f8a9a3ab785
Content-Length
149
Content-Type
text/html; charset=utf-8
sync
sync.srv.stackadapt.com/ Frame CBDA 		43 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.srv.stackadapt.com/sync?nid=20&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1YNY&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.172.57.125 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-172-57-125.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Sun, 03 Dec 2023 01:29:02 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
sync
sync.srv.stackadapt.com/ Frame CBDA 		43 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.srv.stackadapt.com/sync?nid=114&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1YNY&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.172.57.125 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-172-57-125.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Sun, 03 Dec 2023 01:29:02 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
c.gif
c.bing.com/ Frame CBDA 		42 B
689 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=1522299549400378201894&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1YNY&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 -, , ASN (),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 01:29:01 GMT
last-modified
Wed, 30 Aug 2023 15:12:15 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: D68CCE2B47B644A8802B0DAF4B37319F Ref B: NYCEDGE1721 Ref C: 2023-12-03T01:29:02Z
etag
"3370fe5b54dbd91:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42
xuid
eb2.3lift.com/ Frame CBDA
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/trl?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=7255&xuid=AABG-07K17QAABaoX3xKGQ&dongle=bzwx&gdpr=0
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7255&xuid=AABG-07K17QAABaoX3xKGQ&dongle=bzwx&gdpr=0
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1YNY&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 03 Dec 2023 01:29:02 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=7255&xuid=AABG-07K17QAABaoX3xKGQ&dongle=bzwx&gdpr=0
Date
Sun, 03 Dec 2023 01:29:02 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
xuid
eb2.3lift.com/ Frame CBDA
Redirect Chain
  • https://triplelift-match.dotomi.com/match/bounce/current?networkId=74572&version=1&gdpr=0&gdpr_consent=
  • https://triplelift-match.dotomi.com/match/bounce/current?DotomiTest=20d063d3dbaf1393&is_secure=true&networkId=74572&version=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=6732&dongle=38F&xuid=AAAG9Ep3bJapdAMztp06AAAAAAA&expiration=1701653342&is_secure=true&gdpr_consent=&gdpr=0
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=6732&dongle=38F&xuid=AAAG9Ep3bJapdAMztp06AAAAAAA&expiration=1701653342&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1YNY&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 03 Dec 2023 01:29:02 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sun, 03 Dec 2023 01:29:02 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://eb2.3lift.com/xuid?mid=6732&dongle=38F&xuid=AAAG9Ep3bJapdAMztp06AAAAAAA&expiration=1701653342&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
xuid
eb2.3lift.com/ Frame CBDA
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=83&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3646&xuid=0995b0c7-515f-4d0c-8d64-3489ea5938b1-656bd9da-5553&dongle=1fa5&gdpr=0&gdpr_consent=
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3646&xuid=0995b0c7-515f-4d0c-8d64-3489ea5938b1-656bd9da-5553&dongle=1fa5&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1YNY&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 03 Dec 2023 01:29:02 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sun, 03 Dec 2023 01:29:02 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://eb2.3lift.com/xuid?mid=3646&xuid=0995b0c7-515f-4d0c-8d64-3489ea5938b1-656bd9da-5553&dongle=1fa5&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
757c0557066e95cfd4c7
s.amazon-adsystem.com/x/ Frame CBDA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=1522299549400378201894
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1YNY&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
setuid
prebid-server.rubiconproject.com/ Frame CBDA 		0
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=triplelift&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&account=&f=b&uid=1522299549400378201894
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1YNY&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame FEBA 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&predirect=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.62.105.11 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-62-105-11.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://gfieldmoney.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=132081
content-encoding
gzip
content-length
5622
content-type
text/html
date
Sun, 03 Dec 2023 01:29:02 GMT
expires
Mon, 04 Dec 2023 14:10:23 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8825 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&predirect=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3Dgroupm%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.62.105.11 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-62-105-11.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://gfieldmoney.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=132081
content-encoding
gzip
content-length
5622
content-type
text/html
date
Sun, 03 Dec 2023 01:29:02 GMT
expires
Mon, 04 Dec 2023 14:10:23 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
setuid
prebid.production.adthrive.com/
Redirect Chain
  • https://sync.1rx.io/usersync2/rmphb?gdpr=&gdpr_consent=&us_privacy=1YNY&redir=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY...
  • https://sync.targeting.unrulymedia.com/csync/RX-dec0b61f-6e1a-4358-9cea-225ed68296c4-005?redir=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D%26gdpr_consent%3D%26...
  • https://prebid.production.adthrive.com/setuid?bidder=unruly&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&f=i&uid=RX-dec0b61f-6e1a-4358-9cea-225ed68296c4-005
86 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.production.adthrive.com/setuid?bidder=unruly&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&f=i&uid=RX-dec0b61f-6e1a-4358-9cea-225ed68296c4-005
Protocol
H2
Server
44.237.208.214 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-237-208-214.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Sun, 03 Dec 2023 01:29:02 GMT
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
expires
0

Redirect headers

Date
Sun, 03 Dec 2023 01:29:02 GMT
Server
Tengine
ETag
RXdec0b61f6e1a43589cea225ed68296c4005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://prebid.production.adthrive.com/setuid?bidder=unruly&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&f=i&uid=RX-dec0b61f-6e1a-4358-9cea-225ed68296c4-005
Content-Type
text/html
Connection
keep-alive
prbds2s
rtb.gumgum.com/usync/ Frame 4185 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=1YNY&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.196.63.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-63-5.compute-1.amazonaws.com
Software
nginx /
Resource Hash
10f626d53a7ba77b85ee1dc582a43f448055d7ebfea6127144f5f5c91e8754b8

Request headers

Referer
https://gfieldmoney.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Sun, 03 Dec 2023 01:29:02 GMT
etag
W/"00b305882dee4473131676596f2658d3e"
server
nginx
timing-allow-origin
*
usersync
usersync.gumgum.com/ Frame 4185
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=6848836367408275229
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=6848836367408275229
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=1YNY&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 03 Dec 2023 01:29:02 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 03 Dec 2023 01:29:02 GMT
an-x-request-uuid
d94c4640-bbfb-4be4-8afe-17c5415dcc61
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://usersync.gumgum.com/usersync?b=apn&i=6848836367408275229
x-proxy-origin
96.9.249.43; 96.9.249.43; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 4185
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_79a0f9f2-0294-4ebf-ad95-660dab14ef74&gdpr=&gdpr_consent=&us_privacy=1YNY
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=a79111c6-27ff-47f3-a668-26bb7e3273b1&gdpr=&gdpr_consent=
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=a79111c6-27ff-47f3-a668-26bb7e3273b1&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=95a21161-9091-4ea2-a91f-5373e9abfa67&ssp=gumgum2&expires=30&user_group=5&bsw_param=a79111c6-27ff-47f3-a668-26bb7e3273b1
  • https://usersync.gumgum.com/usersync?b=bsw&i=a79111c6-27ff-47f3-a668-26bb7e3273b1&gdpr=&gdpr_consent=&us_privacy=
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=a79111c6-27ff-47f3-a668-26bb7e3273b1&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=1YNY&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 03 Dec 2023 01:29:02 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
//usersync.gumgum.com/usersync?b=bsw&i=a79111c6-27ff-47f3-a668-26bb7e3273b1&gdpr=&gdpr_consent=&us_privacy=
Date
Sun, 03 Dec 2023 01:29:02 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
usersync
usersync.gumgum.com/ Frame 4185
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=1YNY&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=dc52ac44-dd6a-4844-9da6-86eb5380c891
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=dc52ac44-dd6a-4844-9da6-86eb5380c891
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=1YNY&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 03 Dec 2023 01:29:02 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Sun, 03 Dec 2023 01:29:02 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=dc52ac44-dd6a-4844-9da6-86eb5380c891
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame 4185
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-6461cf8b-a48b-5c3f-42b2-1db1c6036d1a$ip$96.9.249.43
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-6461cf8b-a48b-5c3f-42b2-1db1c6036d1a$ip$96.9.249.43
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=1YNY&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 03 Dec 2023 01:29:02 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-6461cf8b-a48b-5c3f-42b2-1db1c6036d1a$ip$96.9.249.43
Date
Sun, 03 Dec 2023 01:29:02 GMT
Connection
keep-alive
Content-Length
125
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 4185
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-bjPvwlNE2pfJVAzHFqE3cKpE8Wa2GdP56bAx~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-bjPvwlNE2pfJVAzHFqE3cKpE8Wa2GdP56bAx~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=1YNY&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 03 Dec 2023 01:29:02 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Sun, 03 Dec 2023 01:29:02 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-bjPvwlNE2pfJVAzHFqE3cKpE8Wa2GdP56bAx~A
content-length
0
usersync
usersync.gumgum.com/ Frame 4185
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=1YNY&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusers...
  • https://usersync.gumgum.com/usersync?b=vnt&i=5a4df778-f627-4743-8570-98b1bd159585
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=5a4df778-f627-4743-8570-98b1bd159585
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=1YNY&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 03 Dec 2023 01:29:02 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=5a4df778-f627-4743-8570-98b1bd159585
Date
Sun, 03 Dec 2023 01:29:02 GMT
Connection
keep-alive
X-CI-RTID
853ab28c-4f82-4845-b818-a37bfb0898f4
Content-Length
108
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 4185
Redirect Chain
  • https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=dit&i=di_4319d0045c914814a2239
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=dit&i=di_4319d0045c914814a2239
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=1YNY&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 03 Dec 2023 01:29:02 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=dit&i=di_4319d0045c914814a2239
date
Sun, 03 Dec 2023 01:29:02 GMT
content-type
image/gif
server
b
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
usersync
usersync.gumgum.com/ Frame 4185
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_79a0f9f2-0294-4ebf-ad95-660dab14ef74&gdpr=&gdpr_consent=&us_privacy=1YNY&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://usersync.gumgum.com/usersync?b=zem&i=MLpNPKLNYzjB7l-_jlm-&us_privacy=1YNY
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&i=MLpNPKLNYzjB7l-_jlm-&us_privacy=1YNY
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=1YNY&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 03 Dec 2023 01:29:02 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Sun, 03 Dec 2023 01:29:02 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&i=MLpNPKLNYzjB7l-_jlm-&us_privacy=1YNY
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
112
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 4185
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=rQ7zwlXgUEfr&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=rQ7zwlXgUEfr&ev=1&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=1YNY&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 03 Dec 2023 01:29:02 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://usersync.gumgum.com/usersync?b=pln&i=rQ7zwlXgUEfr&ev=1&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-74c7cffc45-9lnq4
expires
-1
usersync
usersync.gumgum.com/ Frame 4185
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=9176360673980405968
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=9176360673980405968
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=1YNY&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 03 Dec 2023 01:29:02 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=9176360673980405968
date
Sun, 03 Dec 2023 01:29:02 GMT
content-length
0
setuid
prebid-server.rubiconproject.com/ Frame 4185 		0
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=gumgum&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&account=&f=b&uid=u_79a0f9f2-0294-4ebf-ad95-660dab14ef74
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=1YNY&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html
usersync
rtb.gumgum.com/ Frame A274
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=adf&i=2679859129782140740&gdpr=&gdpr_consent=
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=adf&i=2679859129782140740&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=1YNY&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.196.63.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-63-5.compute-1.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
content-length
35
content-type
image/gif;charset=UTF-8
date
Sun, 03 Dec 2023 01:29:02 GMT
expires
0
pragma
no-cache
server
nginx
timing-allow-origin
*

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Sun, 03 Dec 2023 01:29:02 GMT
expires
-1
location
https://rtb.gumgum.com/usersync?b=adf&i=2679859129782140740&gdpr=&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
pixel
cm.g.doubleclick.net/ Frame 4393 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV83OWEwZjlmMi0wMjk0LTRlYmYtYWQ5NS02NjBkYWIxNGVmNzQ=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=1YNY&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Sun, 03 Dec 2023 01:29:02 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 259E 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=1YNY&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.62.105.11 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-62-105-11.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=132081
content-encoding
gzip
content-length
5622
content-type
text/html
date
Sun, 03 Dec 2023 01:29:02 GMT
expires
Mon, 04 Dec 2023 14:10:23 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame C777
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=0aefc4a5-4b50-4aeb-845b-55f3253f3643
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=ttd&i=0aefc4a5-4b50-4aeb-845b-55f3253f3643
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=1YNY&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 03 Dec 2023 01:29:02 GMT
Expires
0
Pragma
no-cache

Redirect headers

content-length
193
date
Sun, 03 Dec 2023 01:29:02 GMT
location
https://usersync.gumgum.com/usersync?b=ttd&i=0aefc4a5-4b50-4aeb-845b-55f3253f3643
server
Kestrel
usersync
usersync.gumgum.com/ Frame 81FB
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZWvZ3cCo5r8AAAivavUAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZWvZ3cCo5r8AAAivavUAAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=1YNY&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 03 Dec 2023 01:29:02 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Sun, 03 Dec 2023 01:29:02 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZWvZ3cCo5r8AAAivavUAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
1
X-SO-Cluster-ID
0
X-SO-HostName
m-ad421.dc4p.scaleout.jp
X-SO-IP
96.9.249.43
X-SO-Key
ZWvZ3cCo5r8AAAivavUAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":false,"ipv4":"96.9.249.43","key":"ZWvZ3cCo5r8AAAivavUAAAAA","privacy_sensitive":false,"uid":"ZWvZ3cCo5r8AAAivavUAAAAA","upstream_id":"m-ad421"}
X-SO-LB-Hostname
a-tgng40001.dc2p.scaleout.jp
X-SO-UID
ZWvZ3cCo5r8AAAivavUAAAAA
X-SO-Upstream-ID
m-ad421
usersync
usersync.gumgum.com/ Frame A4A4
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://usersync.gumgum.com/usersync?b=rth&i=Dr8y37TbsxIaHQdwtbFQDbOjUoVStEqYz14KJCXBZIs&pi=gumgum
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=Dr8y37TbsxIaHQdwtbFQDbOjUoVStEqYz14KJCXBZIs&pi=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=1YNY&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 03 Dec 2023 01:29:02 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Sun, 03 Dec 2023 01:29:02 GMT Sun, 03 Dec 2023 01:29:02 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=Dr8y37TbsxIaHQdwtbFQDbOjUoVStEqYz14KJCXBZIs&pi=gumgum
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame D6D3
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=1YNY&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.217.173.107 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-217-173-107.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 03 Dec 2023 01:29:02 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 03 Dec 2023 01:29:02 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
usync.js
eus.rubiconproject.com/ Frame D6D3 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.217.173.107 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-217-173-107.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
967955e0fe2f5def1affe5e2189e858bf82c9f989074b242dcb5643e42912101

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Sun, 03 Dec 2023 01:29:02 GMT
Content-Encoding
gzip
Last-Modified
Sat, 02 Dec 2023 18:12:58 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=60266
Connection
keep-alive
Content-Length
13236
Expires
Sun, 03 Dec 2023 18:13:28 GMT
cm
u.openx.net/w/1.0/ Frame EA07 		835 B
532 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
af6b94b10cfd1e904ce3fba6c98cd54df9b981fa5ba18496b2a8683cb1cae060

Request headers

Referer
https://gfieldmoney.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
513
content-type
text/html
date
Sun, 03 Dec 2023 01:29:02 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
PugMaster
image6.pubmatic.com/AdServer/ Frame 9CB3 		692 B
1003 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=61517019&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YNY
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&predirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
4343ed5c2d8a0bf10114c2001b2dff7cd0921dd14b4017c77d686e62d399a36c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sun, 03 Dec 2023 01:29:01 GMT
content-length
692
content-type
text/html; charset=UTF-8
setuid
prebid.production.adthrive.com/ Frame EA07 		0
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.production.adthrive.com/setuid?bidder=openx&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&f=b&uid=12b187fb-4ce0-43fb-9151-56131a8b0b5a
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.237.208.214 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-237-208-214.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
text/html
pragma
no-cache
date
Sun, 03 Dec 2023 01:29:02 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
sd
us-u.openx.net/w/1.0/ Frame EA07
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=0995b0c7-515f-4d0c-8d64-3489ea5938b1-656bd9da-5553&gdpr=0&gdpr_consent=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072977&val=0995b0c7-515f-4d0c-8d64-3489ea5938b1-656bd9da-5553&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 01:29:02 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 03 Dec 2023 01:29:02 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://us-u.openx.net/w/1.0/sd?id=537072977&val=0995b0c7-515f-4d0c-8d64-3489ea5938b1-656bd9da-5553&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
receive
pixel.tapad.com/idsync/ex/ Frame EA07 		95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1955&partner_device_id=2d117bc8-ae78-4d95-b03c-0ed0a85c08db
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:29:02 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
sync
ups.analytics.yahoo.com/ups/58294/ Frame EA07 		0
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=05ab8bbd-2d15-4a5b-a9fa-570c0c733dbe
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-65-202.compute-1.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:29:02 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
396846.gif
idsync.rlcdn.com/ Frame EA07
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D%7BOPENX_ID%7D
  • https://id.rlcdn.com/464246.gif?partner_uid=7ea97752-3838-4672-a5a4-16f5a24ba80f
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=7ea97752-3838-4672-a5a4-16f5a24ba80f
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=7ea97752-3838-4672-a5a4-16f5a24ba80f
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H3
Server
35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:29:02 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Sun, 03 Dec 2023 01:29:02 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=7ea97752-3838-4672-a5a4-16f5a24ba80f
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sd
us-u.openx.net/w/1.0/ Frame EA07
Redirect Chain
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=6848836367408275229
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072399&val=6848836367408275229
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 01:29:02 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 03 Dec 2023 01:29:02 GMT
an-x-request-uuid
92a3c6b6-ffb4-43c7-b350-e5867f9a369f
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://us-u.openx.net/w/1.0/sd?id=537072399&val=6848836367408275229
x-proxy-origin
96.9.249.43; 96.9.249.43; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame EA07
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=9068383233460391601&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=9068383233460391601&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid.production.adthrive.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 01:29:02 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=9068383233460391601&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sun, 03 Dec 2023 01:29:02 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
khaos.json
token.rubiconproject.com/ Frame D6D3 		7 B
819 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?khaos=LPOT0PQP-U-9UAG
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
a3627e8efa32d23b7838eace974fecff
Expires
0
setuid
prebid-server.rubiconproject.com/ Frame B7D3 		0
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=pubmatic&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&account=&f=b&uid=7B075CE7-101E-4A79-8D4A-D4FF4B2C5B19
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&predirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Expires
0
Pragma
no-cache
content-length
0
content-type
text/html
syncMe
synchroscript.deliveryengine.adswizz.com/ Frame 9CB3 		0
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://synchroscript.deliveryengine.adswizz.com/syncMe?partnerDomain=mrtnsvr.com&idType=cookie&partnerUserId=7B075CE7-101E-4A79-8D4A-D4FF4B2C5B19&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.216.43 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:29:03 GMT
x-clacks-overhead
GNU Terry Pratchett
x-adswizz-request-id
7723132e-4825-4325-9710-7710af98f87f
Connection
keep-alive
Content-Length
0
x-application-context
application:production
396846.gif
idsync.rlcdn.com/ Frame 9CB3
Redirect Chain
  • https://idsync.rlcdn.com/712188.gif?partner_uid=7B075CE7-101E-4A79-8D4A-D4FF4B2C5B19&gdpr=0&gdpr_consent=
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=7ea97752-3838-4672-a5a4-16f5a24ba80f
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=7ea97752-3838-4672-a5a4-16f5a24ba80f
Protocol
H3
Server
35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:29:02 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Sun, 03 Dec 2023 01:29:02 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=7ea97752-3838-4672-a5a4-16f5a24ba80f
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
gdpr_consent=
bcp.crwdcntrl.net/map/c=14701/tp=MTAI/tpid=7B075CE7-101E-4A79-8D4A-D4FF4B2C5B19/gdpr=0/ Frame 9CB3 		49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/c=14701/tp=MTAI/tpid=7B075CE7-101E-4A79-8D4A-D4FF4B2C5B19/gdpr=0/gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.84.133.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-133-231.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 01:29:02 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.48.76
content-length
49
expires
0
receive
pixel.tapad.com/idsync/ex/ Frame 9CB3 		95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=3203&partner_device_id=7B075CE7-101E-4A79-8D4A-D4FF4B2C5B19&gdpr=0&gdpr_consent=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:29:02 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
setuid
prebid-server.rubiconproject.com/
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Di...
  • https://prebid-server.rubiconproject.com/setuid?bidder=grid&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&account=&f=i&uid=a79111c6-27ff-47f3-a668-26bb7e3273b1
86 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=grid&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&account=&f=i&uid=a79111c6-27ff-47f3-a668-26bb7e3273b1
Protocol
HTTP/1.1
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
image/png
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-encoding
gzip
transfer-encoding
chunked
Expires
0

Redirect headers

Location
https://prebid-server.rubiconproject.com/setuid?bidder=grid&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&account=&f=i&uid=a79111c6-27ff-47f3-a668-26bb7e3273b1
Date
Sun, 03 Dec 2023 01:29:03 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
SPug
simage4.pubmatic.com/AdServer/ Frame F0CE 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156423&gdpr=0&gdpr_consent=&us_privacy=1YNY
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=1YNY&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D1YNY%26bidder_id%3D25%26external_user_id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:29:01 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
/
onetag-sys.com/usync/ Frame 95A3 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D&gdpr=&gdpr_consent=&us_privacy=1YNY
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.184 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
c36ff0bb12491a570da8d619930cc47f25afecfd79c37c30a1ab8cc6ad2ae60e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://gfieldmoney.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1656
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
/
onetag-sys.com/match/ Frame 95A3
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://onetag-sys.com/match/?int_id=1&uid=ddea656b-d9dd-4800-9980-4e927edf5255&gdpr=1&gdpr_consent=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=1&uid=ddea656b-d9dd-4800-9980-4e927edf5255&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D&gdpr=&gdpr_consent=&us_privacy=1YNY
Protocol
H2
Server
51.222.39.184 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Sun, 03 Dec 2023 01:29:03 GMT
Server
MT3 1191 303c5b1 master ord ord-pixel-x6 config_version:"2081"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://onetag-sys.com/match/?int_id=1&uid=ddea656b-d9dd-4800-9980-4e927edf5255&gdpr=1&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 03 Dec 2023 01:29:02 GMT
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 95A3 		0
0
/
onetag-sys.com/match/ Frame 95A3
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=6848836367408275229
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=6848836367408275229
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D&gdpr=&gdpr_consent=&us_privacy=1YNY
Protocol
H2
Server
51.222.39.184 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Sun, 03 Dec 2023 01:29:03 GMT
an-x-request-uuid
c58c86b0-c70e-4104-a586-a15674b57f41
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=6848836367408275229
x-proxy-origin
96.9.249.43; 96.9.249.43; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
onetag-sys.com/match/ Frame 95A3
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=1&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=3&uid=43cb382ec217df99ce0b333c47d85&gdpr_consent=&gdpr=1
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=3&uid=43cb382ec217df99ce0b333c47d85&gdpr_consent=&gdpr=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D&gdpr=&gdpr_consent=&us_privacy=1YNY
Protocol
H2
Server
51.222.39.184 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
Date
Sun, 03 Dec 2023 01:29:03 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://onetag-sys.com/match/?int_id=3&uid=43cb382ec217df99ce0b333c47d85&gdpr_consent=&gdpr=1
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1701566943549005-313
tap.php
pixel.rubiconproject.com/ Frame 95A3 		42 B
884 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=D2SWTRzssrGdy2TGo7Q-QiWUEuW0a8r_eX0hqQhY0nM
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D&gdpr=&gdpr_consent=&us_privacy=1YNY
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
6734403d2cb3625dc1fef1bbd4a17cf3
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
73c1e1bfc3bde354d60b80e601ae3914.gif
cs.admanmedia.com/ Frame 95A3 		0
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.admanmedia.com/73c1e1bfc3bde354d60b80e601ae3914.gif?puid=[UID]&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D164%26gdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%24%7BGDPR_STRING%7D%26uid%3D%5BUID%5D&gdpr=1&gdpr_consent=&ccpa=1YNY&coppa=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D&gdpr=&gdpr_consent=&us_privacy=1YNY
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.77.87.166 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Sun, 03 Dec 2023 01:29:03 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Server
nginx
Connection
keep-alive
pixel
cm.g.doubleclick.net/ Frame 95A3
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjC1LETzJtMs0b5UZqSb2zFf3g5bO_4pFnw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjC1LETzJtMs0b5UZqSb2zFf3g5bO_4pFnw
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D&gdpr=&gdpr_consent=&us_privacy=1YNY
Protocol
H3
Server
142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Dec 2023 01:29:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjC1LETzJtMs0b5UZqSb2zFf3g5bO_4pFnw
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
sync
ssbsync-global.smartadserver.com/api/ Frame 95A3 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=1YNY&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D&gdpr=&gdpr_consent=&us_privacy=1YNY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
216.22.16.53 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:29:03 GMT
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 95A3
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=D2SWTRzssrGdy2TGo7Q-QiWUEuW0a8r_eX0hqQhY0nM
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=D2SWTRzssrGdy2TGo7Q-QiWUEuW0a8r_eX0hqQhY0nM
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D&gdpr=&gdpr_consent=&us_privacy=1YNY
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 03 Dec 2023 01:29:03 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
H5CVWFTW7AXJ3NFV3T7M
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=D2SWTRzssrGdy2TGo7Q-QiWUEuW0a8r_eX0hqQhY0nM
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
ImgSync
image8.pubmatic.com/AdServer/ Frame 95A3 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=1YNY&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D&gdpr=&gdpr_consent=&us_privacy=1YNY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:29:02 GMT
content-length
0
/
onetag-sys.com/match/ Frame 95A3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEAIb5ZlaOmdS6Oyc4Zd0PUM&google_cver=1
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEAIb5ZlaOmdS6Oyc4Zd0PUM&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D&gdpr=&gdpr_consent=&us_privacy=1YNY
Protocol
H2
Server
51.222.39.184 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Sun, 03 Dec 2023 01:29:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEAIb5ZlaOmdS6Oyc4Zd0PUM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-sys.com/match/ Frame 95A3
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562985&ev=1&us_privacy=1YNY&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D149%26gdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%24%7BGDPR_STRING%7D%26uid%3D%...
  • https://onetag-sys.com/match/?int_id=149&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=rQ7zwlXgUEfr&ev=1&us_privacy=1YNY&pid=562985
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=149&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=rQ7zwlXgUEfr&ev=1&us_privacy=1YNY&pid=562985
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D&gdpr=&gdpr_consent=&us_privacy=1YNY
Protocol
H2
Server
51.222.39.184 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://onetag-sys.com/match/?int_id=149&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=rQ7zwlXgUEfr&ev=1&us_privacy=1YNY&pid=562985
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-74c7cffc45-9lnq4
expires
-1
/
onetag-sys.com/match/ Frame 95A3
Redirect Chain
  • https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
  • https://prebid-match.dotomi.com/match/bounce/current?DotomiTest=2c6604cc2a4f14a8&is_secure=true&version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdp...
  • https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAAHVrN4QL-r_gNWnCwRAAAAAAA&expiration=1701653343
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAAHVrN4QL-r_gNWnCwRAAAAAAA&expiration=1701653343
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D&gdpr=&gdpr_consent=&us_privacy=1YNY
Protocol
H2
Server
51.222.39.184 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Sun, 03 Dec 2023 01:29:03 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAAHVrN4QL-r_gNWnCwRAAAAAAA&expiration=1701653343
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
occ
ups.analytics.yahoo.com/ups/58488/ Frame 95A3 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D&gdpr=&gdpr_consent=&us_privacy=1YNY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-65-202.compute-1.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 01:29:03 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/match/ Frame 95A3
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=29&uid=0aefc4a5-4b50-4aeb-845b-55f3253f3643&gdpr=0&gdpr_consent=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=29&uid=0aefc4a5-4b50-4aeb-845b-55f3253f3643&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D&gdpr=&gdpr_consent=&us_privacy=1YNY
Protocol
H2
Server
51.222.39.184 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=29&uid=0aefc4a5-4b50-4aeb-845b-55f3253f3643&gdpr=0&gdpr_consent=
date
Sun, 03 Dec 2023 01:29:03 GMT
server
Kestrel
content-length
233
sync
x.bidswitch.net/ Frame 95A3 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D&gdpr=&gdpr_consent=&us_privacy=1YNY
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.178.172 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Sun, 03 Dec 2023 01:29:03 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
setuid
prebid-server.rubiconproject.com/ Frame 95A3 		0
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=onetag&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&account=&f=b&uid=D2SWTRzssrGdy2TGo7Q-QiWUEuW0a8r_eX0hqQhY0nM
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D&gdpr=&gdpr_consent=&us_privacy=1YNY
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=111
Domain
ad.mrtnsvr.com
URL
https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Domain
pixel-eu.rubiconproject.com
URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=1&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

84 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| documentPictureInPicture object| NREUM object| webpackChunk:NRBA-1.248.0.PROD object| newrelic object| adthriveCLS object| adthrive function| __gpp_addFrame function| __gpp_stub function| __gpp_msghandler function| __gpp object| cls_disable_ads object| cls_header_insertion function| insertAfter function| createDiv object| swv object| wpcf7 function| $ function| jQuery function| nonPmrpcWorker function| nonPmrpcSharedWorker object| pmrpc object| Memberful string| appurl object| a3_lazyload_params object| a3_lazyload_extend_params object| StyleFix object| PrefixFree function| ConicGradient function| fbq function| _fbq object| pbjs object| apstag object| googletag object| _pbjsGlobals object| _aps boolean| apstagLOADED object| ggeac object| google_tag_data object| google_js_reporting_queue function| __uspapi object| _comscore object| confiant object| liQ_instances object| D9v object| D9r object| apscustom object| COMSCORE object| ns_p object| launchPad object| launchPadConfiguration object| nodeScript function| __launchpad undefined| google_measure_js_timing function| _33AcrossIdMappingsProvider object| regeneratorRuntime object| ID5 object| __id5_instances string| send object| d9PendingXDR object| brandmetrics function| __assign object| _brandmetrics function| __spreadArray number| google_unique_id object| gaGlobal object| GoogleGcLKhOms object| google_image_requests

246 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIoQEQ3_2r6sIxCgoIkQIQ3_2r6sIxCgoItAIQ3_2r6sIxCgoI5gEQ3_2r6sIxCgoIhwIQ3_2r6sIxCgoItwIQ3_2r6sIxCgkIOhDf_avqwjEKCgiMAhDf_avqwjEKCQhfEN_9q-rCMQoJCB8Q3_2r6sIx
.liadm.com/j Name: lidid
Value: f15fe839-8bf1-4f6d-b2aa-fb42ebd6486b
i.liadm.com/s Name: _li_ss
Value: ChIKBQgKENIWCgkI_____wcQ3BY
i6.liadm.com/s Name: _li_ss
Value: CgA
.adsrvr.org/ Name: TDID
Value: 0aefc4a5-4b50-4aeb-845b-55f3253f3643
.memberful.com/ Name: __cf_bm
Value: IIj9j40Y7KkADlXxe52HFiTbNHa8mFvLb2VToHaYafI-1701566933-0-AbNa9+dSjtF84Cl3tPTsyCFMwD3psWYFKfgAR7lNggsDcfgyu4PJRj0A3xUzbr3RBPUYd8noVbHviA/R2Brb4YU=
gfieldmoney.com/ Name: __adblocker
Value: false
.gfieldmoney.com/ Name: _fbp
Value: fb.1.1701566933823.871497121
ads.adthrive.com/ Name: mcmpfreqrec
Value: [{"rf_code":"Travel_f2r60_A","recency":60,"frequency":2,"partners":["ix"],"counter":1,"isMatched":false,"created":"2023-12-03T01:28:54.477Z","modified":"2023-12-03T01:28:54.477Z"}]
gfieldmoney.com/ Name: usprivacy
Value: 1YNY
gfieldmoney.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.gfieldmoney.com/ Name: _li_dcdm_c
Value: .gfieldmoney.com
.gfieldmoney.com/ Name: _lc2_fpi
Value: 554e01b63a9f--01hgpmnvkgm6k9ygc3h84r3v1h
gfieldmoney.com/ Name: _lr_retry_request
Value: true
gfieldmoney.com/ Name: _lr_env_src_ats
Value: false
.33across.com/ Name: check
Value: true
.scorecardresearch.com/ Name: UID
Value: 159b2c1c37ac8d9493d7e2f1701566934
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: cd873e3f8a271ea9c0b39db0aadf566e
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQSE6xMDdONU6zSDQyN0xNtEw2SDK2TEkySExMSTM1M0tlAILU7JvXQDQUAAB3UQwi"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBIzb55DUhBAQAeZQKA"
.agkn.com/ Name: ab
Value: 0001%3AYa0H4cEeRuAYjzhpoijuJ6uJAkD6RHMv
.liadm.com/ Name: lidid
Value: f15fe839-8bf1-4f6d-b2aa-fb42ebd6486b
.rubiconproject.com/ Name: khaos
Value: LPOT0PQP-U-9UAG
.gfieldmoney.com/ Name: panoramaId_expiry
Value: 1701653334802
.gfieldmoney.com/ Name: _cc_id
Value: cd873e3f8a271ea9c0b39db0aadf566e
.gfieldmoney.com/ Name: __li_idex_cache_e30
Value: %7B%22magnite%22%3A%22LPJU6D21-U-BU6G%22%2C%22index%22%3A%22ZWdOdvnPkdG.EVnP0vyuWgAA%261665%22%2C%22bidswitch%22%3A%22c9eb4231-2994-4a17-9a3b-db5e43b7986e%22%2C%22nonId%22%3A%22csrHcqKh3V0sV3eeStJiZhlZDMWVlWoL_OCzdw%22%7D
.flashtalking.com/ Name: _D9J
Value: 4916a551e92c4e3886088d5c2f27d329
.gfieldmoney.com/ Name: cto_bundle
Value: dn7B5V9teGxxRWNuJTJGSkJCR2lZeWlwcmhTNlJ6eWolMkZ0MGxBN2pPWUVkMW9vT2lEekxvSDlTd3FOTFB2dTFPY0ZqV2ZtUmJyVDEwalg2b0Vma2tpWDdValRLSEx2YTVnVHRId3ZjYXlaallWM1hIVVZEZmZkQml5VDh0VjZncnRCSm9namI
.gfieldmoney.com/ Name: cto_bidid
Value: t_rYxl9abnJTbnlIU3VBcnp2cnJhVUozVHJVcHh0VnFyVGhab1BVY3BGUDhHSmtLSHdWSnB3cTQlMkZmdzBvR2Z3b2NRUzVZcTBUYzZmSW5Ha3hTckNva0s4dlJnJTNEJTNE
.openx.net/ Name: receive-cookie-deprecation
Value: 1
.teads.tv/ Name: tt_viewer
Value: 64c3fd41-8df4-4d07-b5c7-2a1337a9f5bc
.teads.tv/ Name: receive-cookie-deprecation
Value: 1
.gumgum.com/ Name: cs
Value: true
.gumgum.com/ Name: vst
Value: u_79a0f9f2-0294-4ebf-ad95-660dab14ef74
.kargo.com/ Name: ktcid
Value: 86c3982a-b16a-0e7d-10e2-926f18228d00
.adnxs.com/ Name: icu
Value: ChgI1MVIEAoYASABKAEw17OvqwY4AUABSAEQ17OvqwYYAA..
.adnxs.com/ Name: uuid2
Value: 6848836367408275229
.yahoo.com/ Name: A3
Value: d=AQABBNfZa2UCECyUj1hQX5daMlDnFWC_qSIFEgEBAQErbWV1Zdw90iMA_eMAAA&S=AQAAAsdd7U22jCa-9Wb-hBhh-PA
.bidswitch.net/ Name: tuuid
Value: a79111c6-27ff-47f3-a668-26bb7e3273b1
.bidswitch.net/ Name: c
Value: 1701566936
.bidswitch.net/ Name: tuuid_lu
Value: 1701566936
.colossusssp.com/ Name: gtm_usr
Value: 16e6afb7-db8b-4b83-ad02-d372fee35d19
.colossusssp.com/ Name: lmg_r
Value: 11
.yieldmo.com/ Name: yieldmo_id
Value: 3zqHuII00HIIAnFOzesw%7C1701561600000%7C0
.gfieldmoney.com/ Name: __gads
Value: ID=cbaa21ed25ab85fd:T=1701566936:RT=1701566936:S=ALNI_Ma7GEJt3cbY01qnl69gqkR3Dxsdpg
.gfieldmoney.com/ Name: __gpi
Value: UID=00000a0262cc6229:T=1701566936:RT=1701566936:S=ALNI_MYDke8UfGKmGnLhIaC6js2aniJYVA
.resetdigital.co/ Name: ckbk
Value: 0000012016C3AC42
.id5-sync.com/ Name: id5
Value: 6541c6e6-8eda-75e6-a21f-5e2eba4b0ba9#1701566937019#2
.33across.com/ Name: 33x_ps
Value: u%3D212365417016861%3As1%3D1701566937193%3Ats%3D1701566937193
.tynt.com/ Name: uid
Value: noAcjWVr2dljXPWLY0ma7A==
.ipredictive.com/ Name: cu
Value: 5a4df778-f627-4743-8570-98b1bd159585|1701566937362
.tynt.com/ Name: pids
Value: %5B%7B%22p%22%3A%22797f54a72d%22%2C%22f%22%3A1%2C%22ts%22%3A1701566937800%7D%2C%7B%22p%22%3A%224bee518595%22%2C%22f%22%3A1%2C%22ts%22%3A1701566937800%7D%2C%7B%22p%22%3A%227daaa56bb0%22%2C%22f%22%3A1%2C%22ts%22%3A1701566937800%7D%2C%7B%22p%22%3A%2224c05c7b76%22%2C%22f%22%3A1%2C%22ts%22%3A1701566937800%7D%2C%7B%22p%22%3A%22d26852f088%22%2C%22f%22%3A1%2C%22ts%22%3A1701566937800%7D%2C%7B%22p%22%3A%22f9a4a8fd15%22%2C%22f%22%3A1%2C%22ts%22%3A1701566937800%7D%5D
.360yield.com/ Name: tuuid
Value: 044b2f34-390c-453e-b062-89487d94c2a7
.360yield.com/ Name: tuuid_lu
Value: 1701566937
.360yield.com/ Name: um
Value: !79,l9MWDt3pMwich7Dv.dprWhvER4sgri-ZLHCF.IRTtTGYprYYAdenyjrVtDJT2-7TRKZGwqS1HjGUm-GJ,1709342937
.360yield.com/ Name: umeh
Value: !79,0,1763774937,-1
.3lift.com/ Name: tluid
Value: 1522299549400378201894
.mfadsrvr.com/ Name: tuuid
Value: 3fd4a5c6-c1b7-4e65-a25c-d64c9546866e
.mfadsrvr.com/ Name: c
Value: 1701566938
.mfadsrvr.com/ Name: tuuid_lu
Value: 1701566938
.mfadsrvr.com/ Name: ssh
Value: !bidswitch,1701566938
.admixer.net/ Name: am-uid
Value: 09213d99cd244062811ca84e9c789758
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 7B075CE7-101E-4A79-8D4A-D4FF4B2C5B19
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjS3NDQ2Nzc0NTEyMjUGEgZmQnyGuiWmecHGZUZRPmWZIQAH9o4GJQAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjS3NDQ2Nzc0NTEyMjUGEgZmQnyGuiWmecHGZUZRPmWZIQAH9o4GJQAAAA
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZWvZ2gAEFI0d-gBU
.tapad.com/ Name: TapAd_TS
Value: 1701566938490
.tapad.com/ Name: TapAd_DID
Value: 55b7d429-6808-4fd5-b678-70879cd1adec
.deepintent.com/ Name: CDIUSER
Value: di_4319d0045c914814a2239
.doubleclick.net/ Name: IDE
Value: AHWqTUla_84ovlcTnLc1qMjUr_1lBTJBLVexggDHUTZD-kjKRk14awRCzZ9UX4Ws9k8
.simpli.fi/ Name: suid
Value: A0094357F4164D11BAF4FA6E045A129E
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAAHVrN4QL-q8gMIgchfAAAAAAA&KRTB&22713-AAAHVrN4QL-q8gMIgchfAAAAAAA&KRTB&22715-AAAHVrN4QL-q8gMIgchfAAAAAAA&KRTB&23519-AAAHVrN4QL-q8gMIgchfAAAAAAA
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-0aefc4a5-4b50-4aeb-845b-55f3253f3643&KRTB&22918-0aefc4a5-4b50-4aeb-845b-55f3253f3643&KRTB&22926-0aefc4a5-4b50-4aeb-845b-55f3253f3643&KRTB&23031-0aefc4a5-4b50-4aeb-845b-55f3253f3643
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-5a4df778-f627-4743-8570-98b1bd159585&KRTB&23011-5a4df778-f627-4743-8570-98b1bd159585&KRTB&23355-5a4df778-f627-4743-8570-98b1bd159585
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-6848836367408275229&KRTB&23339-6848836367408275229
.quantserve.com/ Name: mc
Value: 656bd9da-83d6b-d0b80-c8f46
.adgrx.com/ Name: ADGRX_UID
Value: 54d6d3ea-917b-11ee-bfe1-024aadfc323b
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-6461cf8b-a48b-5c3f-42b2-1db1c6036d1a.uQzWR%2BoABMWQdMDpySXOKor0RPlCcOVUTa6FwZhY%2FJc
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-6461cf8b-a48b-5c3f-42b2-1db1c6036d1a.uQzWR%2BoABMWQdMDpySXOKor0RPlCcOVUTa6FwZhY%2FJc
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AZGHPi6SLXD9Csh2xxgNtGmAJ-Ss.rMTvsBWdwW5KYPPJaA59rwNPWSyRvBn1WEq3UhwAuIU
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AZGHPi6SLXD9Csh2xxgNtGmAJ-Ss.rMTvsBWdwW5KYPPJaA59rwNPWSyRvBn1WEq3UhwAuIU
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIO8JsC74U43c63MZ0UfPCipRfbAlWjWgwheYwuS4Nq2BEHwYBCDas6-rBjABOgSVjvJGQgSjXWgx.PxUe6oj%2Bu315VwyAfO%2FX8XxxOJRkqXxos%2FmNGTI1vMU
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIO8JsC74U43c63MZ0UfPCipRfbAlWjWgwheYwuS4Nq2BEHwYBCDas6-rBjABOgSVjvJGQgSjXWgx.PxUe6oj%2Bu315VwyAfO%2FX8XxxOJRkqXxos%2FmNGTI1vMU
.taptapnetworks.com/ Name: SONATA_ID
Value: csonata_020ec5e4-5835-4ca2-8dfd-164e6858431f
.w55c.net/ Name: wfivefivec
Value: kabkwUtO1R9Bi25
.amazon-adsystem.com/ Name: ad-id
Value: A0MUHHU2lEDdsNpykv4mV50
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.adgrx.com/ Name: ADGRX_CM_PUBMATIC_BRIDGED
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-ZGHPi6SLXD9Csh2xxgNtGmAJ-Ss&KRTB&23334-ZGHPi6SLXD9Csh2xxgNtGmAJ-Ss&KRTB&23417-ZGHPi6SLXD9Csh2xxgNtGmAJ-Ss&KRTB&23426-ZGHPi6SLXD9Csh2xxgNtGmAJ-Ss
.pubmatic.com/ Name: KRTBCOOKIE_1278
Value: 23329-599d435b-0934-4e88-96dd-836ec3b5a894&KRTB&23340-599d435b-0934-4e88-96dd-836ec3b5a894&KRTB&23498-599d435b-0934-4e88-96dd-836ec3b5a894
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEP70c1f3ON7H_16blMC1dCk&KRTB&23025-CAESEP70c1f3ON7H_16blMC1dCk&KRTB&23386-CAESEP70c1f3ON7H_16blMC1dCk
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-1791377154225342206
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:A0094357F4164D11BAF4FA6E045A129E&KRTB&23486-uid:A0094357F4164D11BAF4FA6E045A129E&KRTB&23489-uid:A0094357F4164D11BAF4FA6E045A129E&KRTB&23539-uid:A0094357F4164D11BAF4FA6E045A129E
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-WZx6eQuQKHpCkX9_Wcthf1_LdCtCynR9W5_oKrAs&KRTB&19420-WZx6eQuQKHpCkX9_Wcthf1_LdCtCynR9W5_oKrAs&KRTB&22979-WZx6eQuQKHpCkX9_Wcthf1_LdCtCynR9W5_oKrAs&KRTB&23462-WZx6eQuQKHpCkX9_Wcthf1_LdCtCynR9W5_oKrAs
.bidr.io/ Name: bito
Value: AABG-07K17QAABaoX3xKGQ
.bidr.io/ Name: bitoIsSecure
Value: ok
.w55c.net/ Name: matchpubmatic
Value: 5
.pubmatic.com/ Name: KRTBCOOKIE_1003
Value: 22761-54d6d3ea-917b-11ee-bfe1-024aadfc323b&KRTB&23275-54d6d3ea-917b-11ee-bfe1-024aadfc323b
beacon.lynx.cognitivlabs.com/ Name: UID
Value: c003aa7a-5d6a-4212-9526-67620fdc6587
.sitescout.com/ Name: ssi
Value: 0995b0c7-515f-4d0c-8d64-3489ea5938b1#1701566938644
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:kabkwUtO1R9Bi25&KRTB&23421-uid:kabkwUtO1R9Bi25
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-a79111c6-27ff-47f3-a668-26bb7e3273b1
.adform.net/ Name: C
Value: 1
.mxptint.net/ Name: mxpim
Value: R35CA5_10D16C7E3_D30EA2AF.1.0000000000000000656BD9DA
.tribalfusion.com/ Name: ANON_ID
Value: auntuJwl6h7bQQwbPBqU9JMH3ODEYoe1Ora4taXFnTLUb0X3YL39BvTZaJ8j9tQGegltBTre9wt3d3LZbUTjsObLcF
pixel-us-east.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_52
Value: 22772-R35CA5_10D16C7E3_D30EA2AF&KRTB&23092-R35CA5_10D16C7E3_D30EA2AF
pixel.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!8089
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-0995b0c7-515f-4d0c-8d64-3489ea5938b1-656bd9da-5553&KRTB&23418-0995b0c7-515f-4d0c-8d64-3489ea5938b1-656bd9da-5553
.csync.loopme.me/ Name: viewer_token
Value: b178980f-2a47-4e4c-b515-f0e50ec000b9
.criteo.com/ Name: uid
Value: a736b975-dbe4-4d4a-9be8-324f2de4e5e0
.adform.net/ Name: uid
Value: 2679859129782140740
.adx.opera.com/ Name: UID
Value: OPUf6bd816491224d8bb8b02247b0c4128b
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-231339593526673310&KRTB&23263-231339593526673310&KRTB&23481-231339593526673310
.turn.com/ Name: uid
Value: 9068383233460391601
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-3447890898502012593&KRTB&23150-3447890898502012593&KRTB&23527-3447890898502012593
.pubmatic.com/ Name: KRTBCOOKIE_1323
Value: 23480-OPUf6bd816491224d8bb8b02247b0c4128b&KRTB&23485-OPUf6bd816491224d8bb8b02247b0c4128b&KRTB&23524-OPUf6bd816491224d8bb8b02247b0c4128b
.linkedin.com/ Name: lidc
Value: "b=TGST02:s=T:r=T:a=T:p=T:g=3138:u=1:x=1:i=1701566938:t=1701653338:v=2:sig=AQGadKcBf6wiQKJXwz1RyDpGXvVZiVMO"
.go.sonobi.com/ Name: __uis
Value: 900bcf57-04e2-4f5d-964f-53669d1e435f
.go.sonobi.com/ Name: HAPLB8G
Value: s86146|ZWvZ3
.connatix.com/ Name: cnx_userId
Value: dab28740385049de97b15e4f612cf3d7
s2s.t13.io/ Name: uids
Value: eyJ1aWRzIjp7fSwidGVtcFVJRHMiOnsicnViaWNvbiI6eyJ1aWQiOiJMUE9UMFBRUC1VLTlVQUciLCJleHBpcmVzIjoiMjAyMy0xMi0xN1QwMToyODo1OC45NDA2NDQ3MzdaIn19fQ==
beacon.lynx.cognitivlabs.com/ Name: ss
Value: r%2Fabq%2Fgkll8GVa8yfENxia3%2FFkUlIdWhG7GI20ZuS4UMgYkvhwtOq%2Be0v4B8KX3bAnqNDd35CW7migHmHlt2Vsg8HApttVOY%2FYFd45E%2Fd6M%3D
.linkedin.com/ Name: li_sugr
Value: b3addc8c-2c06-43c5-b299-5dcda3776be4
.linkedin.com/ Name: bcookie
Value: "v=2&6d899cbb-d96f-4e3a-8751-decf2a2863d6"
.adnxs.com/ Name: anj
Value: dTM7k!M4/0EVNsVF']wIg2GVLv:YU.!]tbP6j2F-.aDyjByG0>mcC6*e$u3Z8[?_t4A]b[n:D(e]7af<T$SILOgZ(<%w+dCR'CTX=j=!M'$nJdR!u.L28=RTQEVk`!/wEh`2c4/
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJydWJpY29uIjp7InVpZCI6IkxQT1QwUFFQLVUtOVVBRyIsImV4cGlyZXMiOiIyMDI0LTAzLTAyVDAxOjI4OjU4WiJ9LCJ0cmlwbGVsaWZ0X25hdGl2ZSI6eyJ1aWQiOiIxNTIyMjk5NTQ5NDAwMzc4MjAxODk0IiwiZXhwaXJlcyI6IjIwMjQtMDMtMDJUMDE6Mjg6NThaIn19LCJiaXJ0aGRheSI6IjIwMjMtMTItMDNUMDE6Mjg6NThaIn0=
.sharethrough.com/ Name: stx_user_id
Value: e45f8b5d-cb80-477c-ac9c-e58db3a43fcc
.bttrack.com/ Name: GLOBALID
Value: 2uKlc8-sIBd987FnXwVEGub5BXUEJ1X8DnE45XCyIbtyQr5scAi-rnrJ4hiu4XcuJ2r2nUtkcJQC4TM1
.lijit.com/ Name: ljt_reader
Value: HwbYeQZHcHvqV0qFTXOwyLEy
.primis.tech/ Name: csuuid
Value: 656bd9db05c0e
.lijit.com/ Name: _ljtrtb_80
Value: LPOT0PQP-U-9UAG
.hb.yahoo.net/ Name: visitor-id
Value: 3445685396634700000V10
.hb.yahoo.net/ Name: data-mag
Value: LPOT0PQP-U-9UAG~~63
.lijit.com/ Name: _ljtrtb_58
Value: 7B075CE7-101E-4A79-8D4A-D4FF4B2C5B19
.smartadserver.com/ Name: pid
Value: 9176360673980405968
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: csync
Value: 127:AABG-07K17QAABaoX3xKGQ
.omnitagjs.com/ Name: ayl_visitor
Value: 037b3b62ba35fff3e4f6a828bbe98dec
.prebid.a-mo.net/ Name: _sv3_7
Value: 1
.a-mo.net/ Name: amuid2
Value: d7856130-b6ce-40d6-be91-e4029b60df80
.prebid.a-mo.net/ Name: sd_amuid2
Value: d7856130-b6ce-40d6-be91-e4029b60df80
.id5-sync.com/ Name: 3pi
Value: 2#1701566938591#40670342#6848836367408275229|434#1701566938973#-910580388|264#1701566937604#875496980#0aefc4a5-4b50-4aeb-845b-55f3253f3643|441#1701566938424#1283039817#u_79a0f9f2-0294-4ebf-ad95-660dab14ef74|1242#1701566939145#371885250|796#1701566937439#-1773558574|124#1701566937974#1637682601|429#1701566938740#278243161#7B075CE7-101E-4A79-8D4A-D4FF4B2C5B19
.intentiq.com/ Name: IQver
Value: 1.9
.intentiq.com/ Name: intentIQ
Value: 8quKQ5G2VG
.contextweb.com/ Name: V
Value: rQ7zwlXgUEfr
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: a30d967c8f6dfac1
.intentiq.com/ Name: CSDT
Value: UEQ6MTUxMDZfMCZUeEtyVEJx
.intentiq.com/ Name: ASDT
Value: 0
.intentiq.com/ Name: IQPData
Value: 1611266347#1701566939333#0#1701566939333
.intentiq.com/ Name: intentIQCDate
Value: 1701566939336
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-dec0b61f-6e1a-4358-9cea-225ed68296c4-005%22%7D
.advertising.com/ Name: A3
Value: d=AQABBNvZa2UCEL_OQiJ_LzorkqAidV1qmNwFEgEBAQErbWV1Zdw10iMA_eMAAA&S=AQAAApGidoq8hASjem87iRBR-VQ
.casalemedia.com/ Name: CMID
Value: ZWvZ20srsfvbC5CJReY1awAA
.casalemedia.com/ Name: CMPS
Value: 3477
.casalemedia.com/ Name: CMPRO
Value: 3477
.technoratimedia.com/ Name: tads_uidp_16
Value: 1543803565212
.technoratimedia.com/ Name: tads_uidp_37
Value: b9b440dc-f9ba-3234-8c7e-0e2d69c447a6
.technoratimedia.com/ Name: tads_uidp_44
Value: LPOSW4G6-12-73CO
.technoratimedia.com/ Name: tads_uidp_45
Value: 33EAD8FF-CDBC-4FB2-8DA7-00F4584842DA
.technoratimedia.com/ Name: tads_uidp_46
Value: 4661853438064128441
.technoratimedia.com/ Name: tads_uidp_48
Value: 4e29f957-8bcf-4dd8-bc1b-49b147223133
.technoratimedia.com/ Name: tads_uidp_49
Value: AAABxKRL2850hQM4TYawAAAAAAA
.technoratimedia.com/ Name: tads_uidp_50
Value: 930bd2a7-e323-41b5-a460-a2d8d0eb7402
.technoratimedia.com/ Name: tads_uidp_61
Value: 212278839658677
.technoratimedia.com/ Name: tads_uidp_62
Value: 3445683216634856000V10
.technoratimedia.com/ Name: tads_uidp_64
Value: gHyjMOROf-elKA3wih12SIGELoNtycmh
.technoratimedia.com/ Name: tads_uidp_7
Value: 98579a08-8927-4bc4-99bd-f8988d1b9eb1
.technoratimedia.com/ Name: tads_uidp_70
Value: 1622253365053-949194170222-008367-009-004841
.technoratimedia.com/ Name: tads_uidp_73
Value: AABG-07K17QAABaoX3xKGQ
.technoratimedia.com/ Name: tads_uidp_76
Value: RX-f47969f8-ef33-467c-9d01-03084d0eb062-005
.technoratimedia.com/ Name: tads_uidp_77
Value: NJOGFPghlKctSxvE1IO5U7CzoU-yVvy_BZmS5QU2Pno
.technoratimedia.com/ Name: tads_uidp_79
Value: f1370437-9088-4d30-9c9b-031a02819d84
.technoratimedia.com/ Name: tads_uidp_80
Value: y-U0ooR1FE2uEyb3_llktz1XBW88rw5CNB~A
.technoratimedia.com/ Name: tads_uidp_82
Value: ZWvZAKUW5yvvBMLxWUmaCgAA&036
.technoratimedia.com/ Name: tads_uidp_83
Value: XDRyPC3y39Ya
.technoratimedia.com/ Name: tads_uidp_88
Value: 3061073356436875023239
.technoratimedia.com/ Name: tads_uidp_90
Value: dd6efeea-2c59-4a87-b0ac-dbac85afd4f7
.technoratimedia.com/ Name: tads_uidp_91
Value: 2048915037081700588brt56841675014149615267a0
.technoratimedia.com/ Name: tads_uid
Value: A86D4DA215FB40F8BBC0EC13D800DDA9
.technoratimedia.com/ Name: tads_uid_cd
Value: 20231007011547+0000
.technoratimedia.com/ Name: tads_zora
Value: 2
.technoratimedia.com/ Name: envelope_liveramp.com
Value: 1693142250488
.openx.net/ Name: i
Value: f8c3376d-5cf8-4fe5-a00b-5eeefff7fa2a|1701566939
.undertone.com/ Name: UTID
Value: 2f4a05bfd4ee4024b87afea020c0c37c
.undertone.com/ Name: UTID_ENC
Value: 2ssbmxy2m5doqb7ooe8p8ovwc
.undertone.com/ Name: UID_EXT_46
Value: 0aefc4a5-4b50-4aeb-845b-55f3253f3643
.undertone.com/ Name: UID_EXT_56
Value: y-FMe37kBE2uHM08_jMnqJk2VGEtnPXDaf5Jwkfo8-~A
.undertone.com/ Name: UID_EXT_47
Value: LPOT0PQP-U-9UAG
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AABG-07K17QAABaoX3xKGQ
.pubmatic.com/ Name: PugT
Value: 1701566939
.undertone.com/ Name: UID_EXT_57
Value: ZWvZ20srsfvbC5CJReY1awAADZUAAAAB
.company-target.com/ Name: tuuid
Value: f0cad712-5058-42ca-9ad1-7da0447458f7
.company-target.com/ Name: tuuid_lu
Value: 1701566939|ix:0
.undertone.com/ Name: UID_EXT_54
Value: 0995b0c7-515f-4d0c-8d64-3489ea5938b1-656bd9da-5553
.rlcdn.com/ Name: rlas3
Value: suoCzuDqHsVmE8vTcCKi9DpCe/YAhcrDn68eNfj9W2Y=
.rlcdn.com/ Name: pxrc
Value: CNqzr6sGEgUI6EcQARIGCJC8KxAA
.quantserve.com/ Name: d
Value: EJEBEgHJKvijC_vLEA
.analytics.yahoo.com/ Name: IDSYNC
Value: "19e6~2fe1:190u~2fe1:18z8~2fe1:18vk~2fe1:19e0~2fe1:1969~2fe1:18z9~2fe1:175w~2fe1"
.undertone.com/ Name: UID_EXT_53
Value: 7B075CE7-101E-4A79-8D4A-D4FF4B2C5B19
.krxd.net/ Name: _kuid_
Value: P86g0sYf
.demdex.net/ Name: demdex
Value: 33068727218511069434319600273521943320
.rubiconproject.com/ Name: audit
Value: 1|oQwUxYlQGXX9av0yRKq7qrnyybeEUY2EYmlaPYqF3QN+xL8LlrcUaN8hlR5x/5Lln6G9nUrI3IDyUhTWCqUS/It8TuDz/ICoua5UjcErC9AVsMkaugN4mX2NFdeBSG8D8I3z4IQ3Ps/KIV0nBs9FfA==
.bluekai.com/ Name: bku
Value: fEy99BFjStDDyj6c
.bluekai.com/ Name: bkpa
Value: KJy9v9eUd02pSUHknpWNBEAlwtkAwEJpztJ+KcA0qEPAqlaiBt2FjECyms2t5t1e99yTe51=
.dpm.demdex.net/ Name: dpm
Value: 33068727218511069434319600273521943320
.addthis.com/ Name: ouid
Value: 656bd9db00013b7b9b66e47c1599cc89bafe9b9d96831cbf0624
.addthis.com/ Name: uid
Value: 656bd9db83df21f7
.addthis.com/ Name: na_id
Value: 2023120301285988700538143985
.pippio.com/ Name: did
Value: YHy3iwy8le8mHlpu
.pippio.com/ Name: didts
Value: 1701566939
.pippio.com/ Name: nnls
Value:
.pippio.com/ Name: pxrc
Value: CNuzr6sGEgYIgr0rEAA=
.adsby.bidtheatre.com/ Name: __kuid
Value: 2fd65ec0-1b9d-40fe-8f48-be1721570a9c.470780939
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_9vEyGtobmBoamZmaWxhYmH8C8E3MTAyMwQAgkVlISAAAAA
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTcwMTU2NjkzODY3NSwiMjQiOjE3MDE1NjY5NDAyNjUsIjM5IjoxNzAxNTY2OTM5NDA3LCI3IjoxNzAxNTY2OTM5NDA3LCI4MCI6MTcwMTU2NjkzOTY4OX0
.w55c.net/ Name: matchcasale
Value: 5
.zemanta.com/ Name: zuid
Value: MLpNPKLNYzjB7l-_jlm-
.creativecdn.com/ Name: ts
Value: 1701566940
.creativecdn.com/ Name: u
Value: qpQ44aEZ5tiDdRnGPZLo
.creativecdn.com/ Name: g
Value: qpQ44aEZ5tiDdRnGPZLo_1701566940370
.pubmatic.com/ Name: SPugT
Value: 1701534156
.ads.stickyadstv.com/ Name: UID
Value: 43cb382ec217df99ce0b333c47d85
.ads.stickyadstv.com/ Name: uid-bp-34673
Value: ZWvZ20srsfvbC5CJReY1awAADZUAAAAB
.dotomi.com/ Name: DotomiTest
Value: 5c81724dd90a1504
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1obw|7dN.0.AABG-07K17QAABaoX3xKGQ|7bq.0.1
.deepintent.com/ Name: CDIPARTNERS
Value: %7B%221%22%3A%2220231203%22%2C%22113%22%3A%2220231203%22%2C%22142%22%3A%2220231203%22%7D
prebid.production.adthrive.com/ Name: uids
Value: eyJ1aWRzIjp7fSwidGVtcFVJRHMiOnsiYWRueHMiOnsidWlkIjoiNjg0ODgzNjM2NzQwODI3NTIyOSIsImV4cGlyZXMiOiIyMDIzLTEyLTE3VDAxOjI4OjU2Ljg1MDE2MTc1OFoifSwieWFob29BZHMiOnsidWlkIjoieS1sbndldGJSRTJ1SnJVV2V4VDRBU2xKV2l2MGNfY3RrSX5BIiwiZXhwaXJlcyI6IjIwMjMtMTItMTdUMDE6Mjg6NTUuNjc2OTE3NTkzWiJ9LCJ1bmRlcnRvbmUiOnsidWlkIjoiMnNzYm14eTJtNWRvcWI3b29lOHA4b3Z3YyIsImV4cGlyZXMiOiIyMDIzLTEyLTE3VDAxOjI4OjU5LjU5MDEyODYyN1oifSwiZ3VtZ3VtIjp7InVpZCI6InVfNzlhMGY5ZjItMDI5NC00ZWJmLWFkOTUtNjYwZGFiMTRlZjc0IiwiZXhwaXJlcyI6IjIwMjMtMTItMTdUMDE6Mjk6MDAuOTUwNDQ4ODRaIn0sImNvbG9zc3VzIjp7InVpZCI6IjE2ZTZhZmI3LWRiOGItNGI4My1hZDAyLWQzNzJmZWUzNWQxOSIsImV4cGlyZXMiOiIyMDIzLTEyLTE3VDAxOjI4OjU5LjE3OTAzNzExOVoifSwidHJpcGxlbGlmdCI6eyJ1aWQiOiIxNTIyMjk5NTQ5NDAwMzc4MjAxODk0IiwiZXhwaXJlcyI6IjIwMjMtMTItMTdUMDE6Mjg6NTguOTM3Mjk3NDMyWiJ9LCJpeCI6eyJ1aWQiOiJaV3ZaMjBzcnNmdmJDNUNKUmVZMWF3QUEmMzQ3NyIsImV4cGlyZXMiOiIyMDIzLTEyLTE3VDAxOjI5OjAwLjI5OTc4ODM0MVoifSwieWllbGRtbyI6eyJ1aWQiOiIzenFIdUlJMDBISUlBbkZPemVzdyIsImV4cGlyZXMiOiIyMDIzLTEyLTE3VDAxOjI4OjU2LjcyNjgxNTE4M1oifSwia2FyZ28iOnsidWlkIjoiNzE1ZmYwN2ItNWEzOC04YWQzLWZhYWUtNTZkMTViNDAzNGQyIiwiZXhwaXJlcyI6IjIwMjMtMTItMTdUMDE6Mjg6NTguNzcxMzQ5MTA1WiJ9LCJncmlkIjp7InVpZCI6ImE3OTExMWM2LTI3ZmYtNDdmMy1hNjY4LTI2YmI3ZTMyNzNiMSIsImV4cGlyZXMiOiIyMDIzLTEyLTE3VDAxOjI4OjU2LjQ2NjYwNzI0NFoifSwiMzNhY3Jvc3MiOnsidWlkIjoiMjEyMzY1NDE3MDE2ODYxIiwiZXhwaXJlcyI6IjIwMjMtMTItMTdUMDE6Mjg6NTcuOTg1NDkxNjM1WiJ9LCJjb252ZXJzYW50Ijp7InVpZCI6IkFBQUYwSnp6ay05RWt3TjJ5eU82QUFBQUFBQSIsImV4cGlyZXMiOiIyMDIzLTEyLTE3VDAxOjI5OjAwLjc3NjcxMjYxNFoifSwicmVzZXRkaWdpdGFsIjp7InVpZCI6IjAwMDAwMTIwMTZDM0FDNDIiLCJleHBpcmVzIjoiMjAyMy0xMi0xN1QwMToyODo1Ny4wNTk2NjM4MTNaIn19fQ==
.ads.pubmatic.com/ Name: KCCH
Value: YES
.openx.net/ Name: pd
Value: v2|1701566941|vMgavPkWgyiK
.pswec.com/ Name: tuuid
Value: 9154554c-294c-4872-9072-ca4b9da4e8de
.pswec.com/ Name: c
Value: 1701566941
.pswec.com/ Name: tuuid_lu
Value: 1701566941
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 4
.pubmatic.com/ Name: pi
Value: 156423:4
.pubmatic.com/ Name: DPSync3
Value: 1702771200%3A201_262_261_260_259_263%7C1701648000%3A248%7C1702166400%3A265
.pubmatic.com/ Name: SyncRTB3
Value: 1704153600%3A224%7C1706745600%3A69%7C1702771200%3A48_46_250_165_81_166_54_96_7_233_56_21_234_99_249_55_13_231_264_8_238_104_243_220_178_71_240_3_5_176_22_214%7C1702425600%3A63%7C1702166400%3A38_15_2_223%7C1702857600%3A35
.prebid-server.rubiconproject.com/ Name: uids
Value: eyJ1aWRzIjp7fSwidGVtcFVJRHMiOnsidW5ydWx5Ijp7InVpZCI6IlJYLWRlYzBiNjFmLTZlMWEtNDM1OC05Y2VhLTIyNWVkNjgyOTZjNC0wMDUiLCJleHBpcmVzIjoiMjAyMy0xMi0xN1QwMToyOTowMS4xMDEwNTEzODJaIn0sImltcHJvdmVkaWdpdGFsIjp7InVpZCI6IjA0NGIyZjM0LTM5MGMtNDUzZS1iMDYyLTg5NDg3ZDk0YzJhNyIsImV4cGlyZXMiOiIyMDIzLTEyLTE3VDAxOjI5OjAwLjc0NzkzMzQzN1oifSwiMzNhY3Jvc3MiOnsidWlkIjoiMjEyMzY1NDE3MDE2ODYxIiwiZXhwaXJlcyI6IjIwMjMtMTItMTdUMDE6Mjg6NTcuOTMzNDk5ODlaIn0sInVuZGVydG9uZSI6eyJ1aWQiOiIyc3NibXh5Mm01ZG9xYjdvb2U4cDhvdndjIiwiZXhwaXJlcyI6IjIwMjMtMTItMTdUMDE6Mjg6NTkuNzE0NTIzNzUxWiJ9LCJjb2xvc3N1cyI6eyJ1aWQiOiIxNmU2YWZiNy1kYjhiLTRiODMtYWQwMi1kMzcyZmVlMzVkMTkiLCJleHBpcmVzIjoiMjAyMy0xMi0xN1QwMToyODo1Ni41NDExMzgyNjZaIn0sInJ1Ymljb24iOnsidWlkIjoiTFBPVDBQUVAtVS05VUFHIiwiZXhwaXJlcyI6IjIwMjMtMTItMTdUMDE6Mjk6MDAuODcxOTI5NDI2WiJ9LCJjb252ZXJzYW50Ijp7InVpZCI6IkFBQUdUYXNxTy1qMEdBTnl1VklyQUFBQUFBQSIsImV4cGlyZXMiOiIyMDIzLTEyLTE3VDAxOjI4OjU3LjEwNTAzNzg2NFoifSwicmVzZXRkaWdpdGFsIjp7InVpZCI6IjAwMDAwMTIwMTZDM0FDNDIiLCJleHBpcmVzIjoiMjAyMy0xMi0xN1QwMToyOTowMC44MzA1MzAzODNaIn0sIm9wZW54Ijp7InVpZCI6IjEyYjE4N2ZiLTRjZTAtNDNmYi05MTUxLTU2MTMxYThiMGI1YSIsImV4cGlyZXMiOiIyMDIzLTEyLTE3VDAxOjI5OjAxLjIyNzQ0MjExWiJ9fX0=
.adsrvr.org/ Name: TDCPM
Value: CAESFwoIcHVibWF0aWMSCwjcgaWUqOq5PBAFEhQKBXRhcGFkEgsI9rODlqjquTwQBRIWCgdydWJpY29uEgsI6pjylqjquTwQBRIWCgdzdng5dDUwEgsIyoPkmKjquTwQBRIZCgpsaXZlaW50ZW50EgsIqsSYoajquTwQBRgBIAIoAjILCNqkg9u-6rk8EAU4AVoGZ3VtZ3VtYAI.
.openx.net/ Name: univ_id
Value: 537072971|0aefc4a5-4b50-4aeb-845b-55f3253f3643|1701566941261586
.ctnsnet.com/ Name: cid
Value: 6af3e138149b4245a806f141129f11ff
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-dec0b61f-6e1a-4358-9cea-225ed68296c4-005%22%2C%22zdxidn%22%3A%221508%22%2C%22nxtrdr%22%3Afalse%7D
.acuityplatform.com/ Name: auid
Value: 859701337046
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANvqNdXNlck1hdGNoaW5nSWTMkWxhc3REcm9wVGltZU1pbGxpcyUBRgspMEOomGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUYLKTBDqI90aGlyZFBhcnR5VXNlcklkIfv7hnZlcnNpb27C+w=="

3 Console Messages

Source Level URL
Text
javascript error URL: https://gfieldmoney.com/
Message:
Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=111' from origin 'https://gfieldmoney.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=111
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%207B075CE7-101E-4A79-8D4A-D4FF4B2C5B19&rnd=RND
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

33across-match.dotomi.com
6d1730eefb63013d47e63f0f9e1a6912.safeframe.googlesyndication.com
a.teads.tv
a.tribalfusion.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
ad.360yield.com
ad.mrtnsvr.com
ad.turn.com
ads.adthrive.com
ads.creative-serving.com
ads.pubmatic.com
ads.stickyadstv.com
ads.yieldmo.com
api.rlcdn.com
b1sync.zemanta.com
bam.nr-data.net
bcp.crwdcntrl.net
beacon.krxd.net
beacon.lynx.cognitivlabs.com
bh.contextweb.com
bidder.criteo.com
bttrack.com
c.amazon-adsystem.com
c.bing.com
c1.adform.net
c2shb.pubgw.yahoo.com
c2shb.ssp.yahoo.com
capi.connatix.com
casale-match.dotomi.com
cdn-ima.33across.com
cdn.brandmetrics.com
cdn.confiant-integrations.net
cdn.id5-sync.com
cdn.jwplayer.com
cdn.packhacker.com
cdn.undertone.com
ce.lijit.com
cm.adform.net
cm.adgrx.com
cm.ctnsnet.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
collector.brandmetrics.com
colossusssp.com
config.aps.amazon-adsystem.com
connect.facebook.net
core.iprom.net
crb.kargo.com
creativecdn.com
cs.admanmedia.com
cs.minutemedia-prebid.com
cs.yellowblue.io
csync.loopme.me
cw.addthis.com
d9.flashtalking.com
de.tynt.com
direct.adsrvr.org
dis.criteo.com
dpm.demdex.net
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
events-ssc.33across.com
exchange.postrelease.com
fastlane.rubiconproject.com
fid.agkn.com
fonts.googleapis.com
g2.gumgum.com
geo.privacymanager.io
gfieldmoney.com
gocm.c.appier.net
gum.criteo.com
hb.yahoo.net
hbopenbid.pubmatic.com
hde.tynt.com
htlb.casalemedia.com
i.liadm.com
i6.liadm.com
ib.adnxs.com
ice.360yield.com
id.crwdcntrl.net
id.rlcdn.com
id5-sync.com
idsync.rlcdn.com
idx.liadm.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
inv-nets.admixer.net
ipac.ctnsnet.com
js-agent.newrelic.com
js.memberful.com
krk2.kargo.com
launchpad-wrapper.privacymanager.io
launchpad.privacymanager.io
lb.eu-1-id5-sync.com
lexicon.33across.com
live.primis.tech
logger.adthrive.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
matching.truffle.bid
mug.criteo.com
onetag-sys.com
p.rfihub.com
p.typekit.net
pagead2.googlesyndication.com
pippio.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.advertising.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pmp.mxptint.net
pr-bh.ybp.yahoo.com
prebid-match.dotomi.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.production.adthrive.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
px.owneriq.net
r.casalemedia.com
rp.liadm.com
rp4.liadm.com
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.gumgum.com
rtb.mfadsrvr.com
rtb.openx.net
s.amazon-adsystem.com
s.company-target.com
s.seedtag.com
s.tribalfusion.com
s2s.t13.io
sb.scorecardresearch.com
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
sonata-notifications.taptapnetworks.com
ssbsync-global.smartadserver.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssum-sec.casalemedia.com
sync-tm.everesttech.net
sync.1rx.io
sync.bfmio.com
sync.colossusssp.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.intentiq.com
sync.ipredictive.com
sync.mathtag.com
sync.resetdigital.co
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
sync1.intentiq.com
synchroscript.deliveryengine.adswizz.com
t.adx.opera.com
t.pswec.com
tags.bluekai.com
tg.socdm.com
thrtle.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
triplelift-match.dotomi.com
u.openx.net
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
us01.z.antigena.com
use.typekit.net
usersync.gumgum.com
usr.undertone.com
visitor.omnitagjs.com
www.facebook.com
www.google.com
x.bidswitch.net
ad.mrtnsvr.com
api.rlcdn.com
pixel-eu.rubiconproject.com
100.26.84.35
104.18.36.155
104.36.115.111
104.36.115.113
107.178.254.65
108.138.107.138
108.138.128.50
13.32.151.81
13.35.93.18
13.35.93.44
138.197.63.78
142.250.65.194
147.75.198.144
151.101.194.49
151.101.2.137
162.19.138.119
162.19.138.120
162.247.241.14
162.248.18.37
162.55.120.196
172.105.213.147
172.240.155.84
172.64.146.152
172.64.151.101
172.64.152.89
173.231.178.115
173.237.69.4
18.164.116.85
18.164.98.157
18.173.132.10
18.173.132.67
18.173.219.113
18.173.219.5
184.86.146.172
185.167.164.43
185.184.8.90
188.166.17.21
188.166.232.115
192.132.33.67
195.5.165.20
198.148.27.131
199.127.204.171
199.250.161.129
199.38.167.130
20.40.202.2
207.198.113.203
211.120.53.203
216.200.232.253
216.219.92.22
216.22.16.53
23.192.31.127
23.192.4.202
23.217.173.107
23.217.173.155
23.57.90.81
23.62.105.11
23.62.105.110
23.83.76.106
2600:141b:1c00:31::1739:5a49
2600:1f18:4e9:5a02:739a:80b0:b95:4dd1
2600:1f18:730:b130:f3cf:b4f3:7358:30cb
2600:1f18:ed:550a:a53:c6a7:6bd2:86fa
2600:9000:2209:3a00:1:a3fa:7cc0:93a1
2600:9000:2510:a400:1a:5235:f980:93a1
2600:9000:261f:8800:1f:2473:9080:93a1
2600:9000:26fa:a600:1b:6b7d:2300:93a1
2602:803:c002:200::42
2603:c020:400d:3000:f50:982a:7877:65bd
2606:4700:10::6816:3456
2606:4700:20::681a:c12
2606:4700:4400::ac40:90a6
2606:4700::6810:437d
2606:4700::6812:18ad
2606:ae80:1451:21::440
2607:f8b0:4006:80b::2002
2607:f8b0:4006:816::2004
2607:f8b0:4006:817::2001
2607:f8b0:4006:81d::200a
2607:f8b0:4006:822::2001
2607:f8b0:4006:824::2002
2620:100:a001::18
2620:100:a001::c
2620:112:f002:bbbb::21
2620:116:800b:21:b08a:1dc5:659b:4055
2620:1ec:21::14
2620:1ec:c11::200
2a03:2880:f003:c0e:face:b00c:0:3
2a03:2880:f103:83:face:b00c:0:25de
2a04:4e42:200::649
2a04:4e42:77::720
3.138.132.40
3.227.126.241
3.91.115.71
3.93.99.238
34.107.140.113
34.111.113.62
34.117.239.71
34.149.50.64
34.150.170.96
34.193.82.223
34.196.63.5
34.200.24.3
34.200.65.202
34.202.141.217
34.205.137.103
34.231.153.224
34.233.55.153
34.236.83.94
34.237.88.142
34.96.71.22
35.186.193.173
35.186.253.211
35.207.24.140
35.211.178.172
35.214.252.248
35.244.154.8
35.244.159.8
35.244.193.51
37.157.2.230
38.68.201.140
38.91.45.7
40.76.134.238
44.205.131.225
44.217.198.78
44.219.135.98
44.237.208.214
51.222.39.184
52.17.216.43
52.223.22.214
52.223.40.198
52.3.97.218
52.4.33.45
52.44.48.107
52.46.130.91
52.70.186.203
52.71.244.43
52.95.126.160
54.144.184.12
54.147.45.225
54.157.249.16
54.172.57.125
54.175.39.171
54.243.45.130
54.81.68.127
54.82.17.205
54.84.133.231
54.87.127.173
54.88.209.131
54.91.100.25
63.251.114.137
63.251.28.133
67.202.105.24
67.202.105.31
67.202.105.33
68.67.161.208
69.166.1.34
69.173.151.96
69.90.254.78
70.42.32.95
74.119.119.139
74.119.119.150
8.28.7.82
8.28.7.83
8.28.7.84
8.43.72.97
8.43.72.98
80.77.87.166
82.145.213.8
0046837c37a779d4b5836fbbf9354c16d530e01454e892c9a7658e4195ed52ea
006fba401b7876d38e393b927ef52f46e2db905d29c93d92e30f45919d9808b6
02ffb5efcd9e35e2e986cda75f56becd488167ee3596f133d04ebfb8d4639428
04cb06d1b5418ab081aee60f4d6302915de990fda8e9438c2a80d144b0340f09
050a00d3059354f44365e868af5308b56546296cc6033d191d903c1706a12b19
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
0580e9e816da1883ab597af4ed3ea8e25d5325f39a64bc8951c2aa03045ca229
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07ab10c24484e859e8cba23f35d20dcf27102b29a2bfb458bef2f2d861087783
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b29606353fb244e82c2e9ec4902ecccd637f2f69799c56da51540686625c1ae
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e4bc8f1a2c59e9e8e12e9f32a6812c46570925e9f72770d1475d8a1ee85476b
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
0fe529e5fecb3ecca76bbe57aab83387276155320176370e97313cf257b783b9
1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e
10f626d53a7ba77b85ee1dc582a43f448055d7ebfea6127144f5f5c91e8754b8
14052eedd1c7b13fe7871e1d581221a08b97fd4741da4f4d586e5ef361a7eec8
145ac358c31cd9d9e18d241dba05113e28e01f1e272e8b33503e6f5dcfce3e17
176e3e9e46d4e9976af862e271cfcea2ec2db8661100c0c2be6318955bd93306
1842a0507de9a5ca45e31582b12600e3cba6f74e4e687ab6def3428f5e7a7381
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1b2b379bd0b8c4d14181e52527a33b13ae3ba7348ed25e928ba1cef3e2ee2164
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1e00c938e982fc73eff225be23da669f49ff24cc256276d617f6a05661eb2982
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
1f74c32f2a49ab581590ed81c6c5724afe8437e229325c1d2a8dcd237391c9ea
1fc0c3377dc8b7d617966fb4836c2714a87fa613560d69c444f2e078125295a5
2036a0bd1ad6387be62c55f1f1edb220b1065ce6b90be06182584db6b8aea4ae
21dc21cf1cc77b458d114634e3775e70f229dc0c215b0c8958920e2079cb5a16
23b668033de64061af82bd1f71a46d6a84e7abc049e28b4552ff70d9e6d51ff8
2914e638135dbee2150c7ead79a25fa13e24e806d52ca934c8ed283d074a9e20
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2b3c6f1d3cea37b4d8cc609a141b421a88bcaf2f3646965f9f95f4d4a683c949
2df4ce40d9a7ffbf31d8e8dacf191836f8ce7553e9819921fb087ac59ecbf516
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e1ffb8e59b678f4e1666b92fb500a9b3517edcd5dd8ccc19fad362c514d2558
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
339dd3086cfe4ffc0358d0d832347fd9ec01054488b73a2a4df616be36f0014c
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
38a0d302813f9df65b596a32c5b94c32384f2638ab9f3cf6d41c5b1f00e6d856
3b2da04aef7427a815d5cf4d8ddbfb3ca332cd335be6944ca090aab209a49cbe
3b8ab5406536ac023f704b8fdd4316f7c5b7104b83b34b724361bf8692c2c743
3bf3b38a977d2ffec49384e7d5ebd60bc638fd3624d7560492e69164776d06d0
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4343ed5c2d8a0bf10114c2001b2dff7cd0921dd14b4017c77d686e62d399a36c
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45b39cf52d36ef47e5f10fa867325cab46e27c5c506fda7d23b5aed864cc5a52
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
470e416b7026a5a21fde14111f63b45f166c6ab1b033392a42375a45a72d2efe
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48a65b54ac1a5135f0684958f16fd517109b2d20784872044727a7e56fc1d8cf
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4fcc863743fe3fa2fa4cffc0b4d7bfaa5a3f23551ddb018ba7a2aa3e52aac5bc
50279807da7663e6143156926fd8ca89d7e6dfdc98320ae5a2751dcdb910e7dc
51707ab5853e0c972604927c9eb91a5e7590d2037e33eeb636ab4204495d028c
531ba9cadf6cd9e6898d52662c92d959dbd9987bb05e993232022f2e9615e0ad
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5605c7888dd495432694bf7b623af844f81c4d4d995ab81f6269c7d008fe6119
57b3bad1f50d051538d18447c86ff1920934efbad428bdc7707f1415ae64b4c7
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
5a989bc5feb3eadc2ddec74b81ffe3a20ec3af800ebc404619a8b6d32517baa8
5e6ca13ceda5479ffbda1f78b1bcda372a0d413ce24b79a2c23d7bf66ac3009d
5fe46d2da01452067736578431f6c6e8116a24e616f58c72d9d81fdb2c7c9569
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
660f7df98133bdd8bff9f2146354c7963d4e6364e843d7a8e0d6026a50bcda9b
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6f1091f7eb05892c4e63946b7b8fd66892a3a720ddb809cff202d0dae2510057
719d791da949c130217b1e0daded6f800dcc734055d96f3e55cd675164145b41
7201bd93dfc0fadf877f18e9a0a61424ded6fca24012fea37da17574ea915f28
734322036fe5b2569df13370f8ee8b631065c2285a4fc6ced6c7fccdb1c556b0
73e8fdebeab4f384cac905005edbc1b1cc6c9fcbd18c111103d5066401abdded
753b938771bed4d11b18a3ed6c58db2189606fe1d5e1fd621e3d66b2dc5a2cb3
7571db16348512fc55b35102ce3699733cf0882f4b4fb3e652fa8db700c07fb5
762bca50da8dd07ac3b20443fe8ed7d3e6e48976736cadb3d581a8b882eb878e
767dfbf3a45b3fb9c344451fc7f8047dec0c82ed23145005a0fd8f9717eb78c7
7749d51538cf227c122ba4e71a9884089a78f096abcd633cc76e63575a6b3f26
7abaa56868c0e59fe1d0bd9d3cd3ebbe8f9bb8cdc1e0ddeeff907135b8717f17
7f709eaa9975c563bf17de80abe4789d0b435a52f0845c0ff360d11848baf2b0
7f816cddc99146940fe92aa9d82c69a47c67c51319e8efff93b42fea5512091b
7fcad0fc8a8d1303f8f972cc54f1829581da4f0b63f64e6dce11bce99c6acf34
86a31bbb7c4b53e0b0054b65ea808a5e9b65cd89250a2e292e2d2786c8f85f65
8705223e241e36385f3bfdd04945d6b9298d12f545fc808b4e1f40bbbe705772
88d82bd41ab6773bfd2f4a32472a0b8a8b854ddb6367ba8a96cde336673baabe
8a299277cca4f1988bc0cc5d97b9e2714ab1cc3b32ed60b3339ab67e62f6358a
8dea0241508d4d6d02f462e78f3bd2691df01b0c83181ba1de16481ccadeeba0
8e4147148517b1b092a5bf8fb1fb4e78b568bdc40a127ec16732de62ddbb472a
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
8f8ba42d03a7c5a04626835a48b8212f61a3440e51d66b4b866a8d20acf32f57
90d987de294f89e0690bda2a2e3e5f0e7be1abb850e18bca0addbc826bc96386
925c486c5bb5fc25f81b3f3383d13147750c4dbe6d81a64a998ddf4a322821e8
967955e0fe2f5def1affe5e2189e858bf82c9f989074b242dcb5643e42912101
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99813490187b142685a3b162e41b6f4c780da5a9fefa4ccc42c3f00da94666b9
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a14b700bc2581383cfae352c91f00fc65439392344a2f823a9645e8546a3bde
9b2a59b11c090b44ea663de249fd50c1468be68260a23b65f8f8e337c0c13815
9b68bec4bc5150c039de2d3c9a87a9ca747f8b9a08d3f03a8e5dc2943ce42fc8
9c581dbcfb874f92052d4790a8500964e78b950c850ccc22ea4825ae8998fc11
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
9e4e5bc4fd94e7a563fb8e5e985e9d756db4fcd1dbd5ca50bc79b26daaf1a9fd
9f64ed63fff8cc552e60e8691cb1e3f814c5801177af608c62f8b078c651d3fc
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0abdf398515524a4edce2e644028fe7f415b8003ea17c653b71a1fdf0cb2956
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a3f82b622d1618afcb5ad8a7d12fe1b59d4dd737711fce445344403e7df85fbc
a4295350a4935371ad61f5e8f1df9b6f11a450a807a81899c17801c4286eb97b
a8a819d7548b9c102d7776cb645212ca1e324ac2de2170598699061e29bc6cbf
a93c8bb31c5701107a050ad8efc430a37cbd4706a5dd3ad59ba1f59abcd5a73e
a984459c9d158c78d042f7c9d63ee0b8dba30e713bf4826abc92e5c1032fb308
aa1e2eb922274f4fa594e58c2ba74cc84a8e62aa2fcd3bd56cbf66504158eab8
ab21762c3f447aa08cbefd5ea3866165f925bd5058a9ae19e23721462de6fb60
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
af6b94b10cfd1e904ce3fba6c98cd54df9b981fa5ba18496b2a8683cb1cae060
b033f59e4ffeaa6f3e4f2e839c035a14811d5469d3f772eda6056d7d5782c53f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2253002327c27269ac628a7e5c0a660c7c9ec037c4efeaac4697d2408d9b3ac
b94b0fb93616ea56cb6da3c87827548ce814a831af746e0005209c39b01573c1
ba65e0dceddf399c9f5f90e84cf0fb75a208031aa9b3056562acdf00ff46b8e6
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc64894efbd3ac1933c5b3d8b99f68e7bb2bca8dbcf74ad7c7e309fdc41a5c68
bcdc141d90a463d4e64b8d8ddcaefabe2e20d29856fbe29ec6a22c9705a2cc70
bd8fe145138c25116feeb45853c4bce86abd3275b3b32d3b9a2945632f9a1d36
c197fd386477d2a0ecea26b9c94fa575368fa73b331e7e1cb08d0dbb33ad8830
c1dd05413380ddf6d305ab4ff9f36f401ed589e17e352fc964f87744de6779ae
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c221e39840392daf89590520827940d4a09b3f08dd4e994a7153e00a73a916b9
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c36ff0bb12491a570da8d619930cc47f25afecfd79c37c30a1ab8cc6ad2ae60e
c484c78d502a9769494d9fe87c9a826618b36fd60b567dee2cfa0f4e9163d79d
c5194891d3a8501374db8afe22463ed2a49fa28f22eaa4a1991d2e6e8a15191e
c8655c245111a1a89109bca662ce72b33c4ed618f8cba2ba90899bd370056035
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cc7c947e943ec594d72e45491457d514f2dffa3b983e2f9633c06819e0968af3
ccefac879af8244891bd04869b5e4fd8e9719c231c921a1964bb921d6413207a
ce7bb5da925da322a2712d02df6912d8c8e763e7e0f36ba8207c2e695dd896b4
ce8b06afc4e79c69fcb4ae099a6df783ab1df215331603429ec46a49ef15a825
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d3854f9aef9bb56a35fc2862f04a164db1fd159f7c8187d9263018e204527408
d6aa304816c6f054c61aa4eb57213b86a73e1e6d1890f4eb6e01ffa01ff2895d
d835410c384a05bfa3cb92b9f74fe382b76f31703044f375b8bed30de88992e1
d982c4fff78c63ed84481eb36845e3b9e2753bfe996a3ba45835f75c6af1dc55
dcf1d99d8bedf160d51105831f01c84b362c4b31e508d5d6761b3b64faa92213
e1eda20103942d9a2baaaa2a144fc1d82c872bf75eea1daed3a0f508db4425ee
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6a96b1bade013d577a8419c9dd753020bdd767ddaa0ca89a2e1cc76d71e7188
e922a199c0736d84f1cb215cb5950484e8cf7c04011a35ccf28fd755aa5e7133
ed59ee4d04819c48c1bb60b3ef6928c621cd5cd86d7103957de3eebba9910b0d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f13cdbf91c29d4b2370068222179233633d7922313fbe315ff2ed2b0c1fc1e0e
f66fa410bf48a6afecb2bebfc1133fd59439381a45f9f3af3c7ea0d5f38437ef
f70b3c9c450f0e49ebe2491cd759bd2728d9a8729b191e15eb71301ece8b17fa
f7d8120e08073cd5d7cbff08487c72d7ee1d49f8cef905a8b7bfbda65b63360d
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fa592c7512c8e364baa6ec65814146b6880a53123f5a8b391f961de550f5b998
fb8fc6a45ab247213f074e996cd38f828e38dc5d0a384c539ff735fac9b4518c