www.efh.reu.temporary.site Open in urlscan Pro
192.254.190.111 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.efh.reu.temporary.site/
Submission: On January 21 via api (January 21st 2024, 5:36:52 am UTC) from US — Scanned from US

Summary HTTP 121 Redirects Behaviour Indicators

Summary

This website contacted 28 IPs in 3 countries across 56 domains to perform 121 HTTP transactions. The main IP is 192.254.190.111, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is www.efh.reu.temporary.site.
TLS certificate: Issued by R3 on January 17th 2024. Valid for: 3 months.

This is the only time www.efh.reu.temporary.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	192.254.190.111 192.254.190.111	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
2	142.251.41.8 142.251.41.8	15169 (GOOGLE) (GOOGLE)
5	104.18.21.206 104.18.21.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.3.78 104.18.3.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.64.106 142.250.64.106	15169 (GOOGLE) (GOOGLE)
1 29	172.64.146.152 172.64.146.152	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.160.152.31 34.160.152.31	15169 (GOOGLE) (GOOGLE)
3	104.22.60.168 104.22.60.168	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.110.189.112 34.110.189.112	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	34.111.152.239 34.111.152.239	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	172.217.165.130 172.217.165.130	15169 (GOOGLE) (GOOGLE)
1	108.156.91.129 108.156.91.129	16509 (AMAZON-02) (AMAZON-02)
1	172.64.144.166 172.64.144.166	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	172.67.74.207 172.67.74.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.67.41.60 172.67.41.60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.67.22.149 172.67.22.149	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.162.163.24 3.162.163.24	16509 (AMAZON-02) (AMAZON-02)
1	104.22.53.173 104.22.53.173	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	52.85.249.178 52.85.249.178	16509 (AMAZON-02) (AMAZON-02)
2 2	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	52.86.139.62 52.86.139.62	14618 (AMAZON-AES) (AMAZON-AES)
2 2	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
2 2	50.116.194.21 50.116.194.21	6336 (TURN-US-ASN) (TURN-US-ASN)
2 2	52.223.22.214 52.223.22.214	16509 (AMAZON-02) (AMAZON-02)
2 2	68.67.160.132 68.67.160.132	29990 (ASN-APPNEX) (ASN-APPNEX)
4 4	69.194.240.13 69.194.240.13	26120 (RHYTHMONE) (RHYTHMONE)
1 1	216.22.16.37 216.22.16.37	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
1 1	198.148.27.131 198.148.27.131	19189 (PULSEPOINT) (PULSEPOINT)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1 1	35.214.184.99 35.214.184.99	15169 (GOOGLE) (GOOGLE)
2 2	207.198.113.88 207.198.113.88	13768 (COGECO-PEER1) (COGECO-PEER1)
2 3	52.21.39.178 52.21.39.178	14618 (AMAZON-AES) (AMAZON-AES)
2 2	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	3.222.184.97 3.222.184.97	14618 (AMAZON-AES) (AMAZON-AES)
1 1	54.85.142.143 54.85.142.143	14618 (AMAZON-AES) (AMAZON-AES)
1 1	63.251.28.234 63.251.28.234	26558 (FREEWHEEL) (FREEWHEEL)
1	108.156.91.19 108.156.91.19	16509 (AMAZON-02) (AMAZON-02)
2 2	3.94.2.72 3.94.2.72	14618 (AMAZON-AES) (AMAZON-AES)
1 1	54.157.70.26 54.157.70.26	14618 (AMAZON-AES) (AMAZON-AES)
1 1	159.89.252.170 159.89.252.170	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 1	69.166.1.66 69.166.1.66	27630 (AS-XFERNET) (AS-XFERNET)
1	3.91.113.229 3.91.113.229	14618 (AMAZON-AES) (AMAZON-AES)
1	142.234.204.77 142.234.204.77	396362 (LEASEWEB-...) (LEASEWEB-USA-NYC)
2	104.22.5.69 104.22.5.69	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	130.211.23.194 130.211.23.194	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	104.26.2.70 104.26.2.70	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.251.40.198 142.251.40.198	15169 (GOOGLE) (GOOGLE)
2	2600:1901:0:2... 2600:1901:0:2b56::1	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
121	28

1 192.254.190.111 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 192-254-190-111.unifiedlayer.com

www.efh.reu.temporary.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.41.8 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.18.21.206 (None, )

ASN13335 (CLOUDFLARENET, US)

a.pub.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.3.78 (None, )

ASN13335 (CLOUDFLARENET, US)

s.nitropay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.64.106 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s31-in-f10.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 172.64.146.152 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cd.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
capi.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cds.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cks.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.160.152.31 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 31.152.160.34.bc.googleusercontent.com

d.pub.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.22.60.168 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.vuukle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vuukle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.110.189.112 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 112.189.110.34.bc.googleusercontent.com

functionalfeather.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.152.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.152.111.34.bc.googleusercontent.com

optimise.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.165.130 (United States)

ASN15169 (GOOGLE, US)
PTR: lax30s03-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.156.91.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-91-129.ord56.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.144.166 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.confiant-integrations.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.74.207 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

freestar-io.videoplayerhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.41.60 (United States)

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.22.149 (United States)

ASN13335 (CLOUDFLARENET, US)

api.vuukle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.162.163.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-163-24.ord56.r.cloudfront.net

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.22.53.173 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.hadronid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.85.249.178 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-249-178.ord51.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.36.155 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.86.139.62 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-139-62.compute-1.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.193.217 (Seattle, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 50.116.194.21 (United States) 2 redirects

ASN6336 (TURN-US-ASN, US)
PTR: presentation-atl1.turn.com

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.22.214 (Seattle, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.67.160.132 (Jersey City, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.194.240.13 (United States) 4 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.22.16.37 (Manassas, United States) 1 redirects

ASN30633 (LEASEWEB-USA-WDC, US)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.131 (New York, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

i.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.214.184.99 (Groningen, Netherlands) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 99.184.214.35.bc.googleusercontent.com

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 207.198.113.88 (Herndon, United States) 2 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.21.39.178 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-39-178.compute-1.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.113.62 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.222.184.97 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-222-184-97.compute-1.amazonaws.com

ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.85.142.143 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-142-143.compute-1.amazonaws.com

connatix-supply-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.251.28.234 (Secaucus, United States) 1 redirects

ASN26558 (FREEWHEEL, US)

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.156.91.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-91-19.ord56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.94.2.72 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-94-2-72.compute-1.amazonaws.com

vop.sundaysky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.157.70.26 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-157-70-26.compute-1.amazonaws.com

sync.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.89.252.170 (Clifton, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

sync.resetdigital.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.166.1.66 (United States) 1 redirects

ASN27630 (AS-XFERNET, US)

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.91.113.229 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-91-113-229.compute-1.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.234.204.77 (Edison, United States)

ASN396362 (LEASEWEB-USA-NYC, US)

xsync.iqzone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.22.5.69 (None, )

ASN13335 (CLOUDFLARENET, US)

id.hadron.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.23.194 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.26.2.70 (None, )

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.40.198 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:2b56::1 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)

merequartz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	connatix.com 1 redirects cd.connatix.com — Cisco Umbrella Rank: 3301 capi.connatix.com — Cisco Umbrella Rank: 1105 cds.connatix.com — Cisco Umbrella Rank: 3425 cks.connatix.com — Cisco Umbrella Rank: 5842 vid.connatix.com Failed	386 KB
6	pub.network a.pub.network — Cisco Umbrella Rank: 4542 d.pub.network — Cisco Umbrella Rank: 4793	368 KB
5	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209 cm.g.doubleclick.net Failed ad.doubleclick.net — Cisco Umbrella Rank: 163	194 KB
4	crwdcntrl.net 2 redirects sync.crwdcntrl.net — Cisco Umbrella Rank: 853 tags.crwdcntrl.net — Cisco Umbrella Rank: 1005 bcp.crwdcntrl.net — Cisco Umbrella Rank: 898	14 KB
4	vuukle.com cdn.vuukle.com — Cisco Umbrella Rank: 19598 vuukle.com — Cisco Umbrella Rank: 6350 api.vuukle.com — Cisco Umbrella Rank: 26492	64 KB
3	1rx.io 3 redirects sync.1rx.io — Cisco Umbrella Rank: 547	2 KB
2	merequartz.com merequartz.com — Cisco Umbrella Rank: 11431	421 B
2	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 918	1 KB
2	ad.gt id.hadron.ad.gt — Cisco Umbrella Rank: 1664	283 B
2	sundaysky.com 2 redirects vop.sundaysky.com — Cisco Umbrella Rank: 2650	1 KB
2	tapad.com 2 redirects pixel.tapad.com — Cisco Umbrella Rank: 501	1 KB
2	sitescout.com 2 redirects pixel-sync.sitescout.com — Cisco Umbrella Rank: 722	1 KB
2	adnxs.com 2 redirects secure.adnxs.com — Cisco Umbrella Rank: 490	2 KB
2	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 412	826 B
2	turn.com 2 redirects ad.turn.com — Cisco Umbrella Rank: 843	893 B
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 357	663 B
2	bidr.io 2 redirects match.prod.bidr.io — Cisco Umbrella Rank: 555	1 KB
2	casalemedia.com 2 redirects ssum.casalemedia.com — Cisco Umbrella Rank: 1252	1 KB
2	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 314	73 KB
2	btloader.com btloader.com — Cisco Umbrella Rank: 881 api.btloader.com — Cisco Umbrella Rank: 960	96 KB
2	optimise.net optimise.net — Cisco Umbrella Rank: 5233	2 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	51 KB
1	iqzone.com xsync.iqzone.com — Cisco Umbrella Rank: 5556	748 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 508
1	sonobi.com 1 redirects sync.go.sonobi.com — Cisco Umbrella Rank: 976	682 B
1	resetdigital.co 1 redirects sync.resetdigital.co — Cisco Umbrella Rank: 2452	418 B
1	ipredictive.com 1 redirects sync.ipredictive.com — Cisco Umbrella Rank: 906	522 B
1	stickyadstv.com 1 redirects ads.stickyadstv.com — Cisco Umbrella Rank: 562	589 B
1	tremorhub.com 1 redirects connatix-supply-partners.tremorhub.com — Cisco Umbrella Rank: 10786	424 B
1	yieldmo.com 1 redirects ads.yieldmo.com — Cisco Umbrella Rank: 651	534 B
1	loopme.me 1 redirects csync.loopme.me — Cisco Umbrella Rank: 897	274 B
1	ctnsnet.com 1 redirects i.ctnsnet.com — Cisco Umbrella Rank: 8331	452 B
1	contextweb.com 1 redirects bh.contextweb.com — Cisco Umbrella Rank: 523	860 B
1	smartadserver.com 1 redirects ssbsync.smartadserver.com — Cisco Umbrella Rank: 742	275 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1373	468 B
1	hadronid.net cdn.hadronid.net — Cisco Umbrella Rank: 1798	10 KB
1	adsafeprotected.com static.adsafeprotected.com — Cisco Umbrella Rank: 721	483 B
1	videoplayerhub.com 1 redirects freestar-io.videoplayerhub.com — Cisco Umbrella Rank: 6167	444 B
1	confiant-integrations.net cdn.confiant-integrations.net — Cisco Umbrella Rank: 1463	20 KB
1	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 177	2 KB
1	functionalfeather.com functionalfeather.com — Cisco Umbrella Rank: 38567	24 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 369 imasdk.googleapis.com Failed	31 KB
1	nitropay.com s.nitropay.com — Cisco Umbrella Rank: 25793
1	temporary.site www.efh.reu.temporary.site	20 KB
0	liadm.com Failed i.liadm.com Failed
0	intentiq.com Failed sync.intentiq.com Failed
0	colossusssp.com Failed sync.colossusssp.com Failed
0	rlcdn.com Failed id.rlcdn.com Failed
0	media.net Failed cs.media.net Failed
0	openx.net Failed us-u.openx.net Failed
0	yellowblue.io Failed cs-server-s2s.yellowblue.io Failed
0	pubmatic.com Failed ads.pubmatic.com Failed
0	33across.com Failed ssc-cms.33across.com Failed
0	rubiconproject.com Failed secure-assets.rubiconproject.com Failed
0	consensu.org Failed quantcast.mgr.consensu.org Failed
0	839247932432.com Failed 839247932432.com Failed
121	56

	Domain	Requested by
16	cks.connatix.com	blank
7	capi.connatix.com	1 redirects www.efh.reu.temporary.site cds.connatix.com blank
5	cds.connatix.com	cd.connatix.com cds.connatix.com
5	a.pub.network	www.efh.reu.temporary.site a.pub.network
4	securepubads.g.doubleclick.net	a.pub.network securepubads.g.doubleclick.net cds.connatix.com
3	sync.1rx.io	3 redirects
2	merequartz.com	blank
2	ad-delivery.net	blank
2	id.hadron.ad.gt	cdn.hadronid.net
2	vop.sundaysky.com	2 redirects
2	pixel.tapad.com	2 redirects
2	sync.crwdcntrl.net	2 redirects
2	pixel-sync.sitescout.com	2 redirects
2	secure.adnxs.com	2 redirects
2	eb2.3lift.com	2 redirects
2	ad.turn.com	2 redirects
2	match.adsrvr.org	2 redirects
2	match.prod.bidr.io	2 redirects
2	ssum.casalemedia.com	2 redirects
2	c.amazon-adsystem.com	a.pub.network c.amazon-adsystem.com
2	optimise.net	a.pub.network
2	cdn.vuukle.com	www.efh.reu.temporary.site cdn.vuukle.com
2	www.googletagmanager.com	www.efh.reu.temporary.site www.googletagmanager.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	ad.doubleclick.net	blank
1	api.btloader.com	freestar-io.videoplayerhub.com
1	xsync.iqzone.com	cds.connatix.com
1	match.sharethrough.com	cds.connatix.com
1	sync.go.sonobi.com	1 redirects
1	sync.resetdigital.co	1 redirects
1	sync.ipredictive.com	1 redirects
1	tags.crwdcntrl.net	cds.connatix.com
1	ads.stickyadstv.com	1 redirects
1	connatix-supply-partners.tremorhub.com	1 redirects
1	ads.yieldmo.com	1 redirects
1	csync.loopme.me	1 redirects
1	i.ctnsnet.com	1 redirects
1	bh.contextweb.com	1 redirects
1	ssbsync.smartadserver.com	1 redirects
1	sync.targeting.unrulymedia.com	1 redirects
1	cdn.hadronid.net	a.pub.network
1	static.adsafeprotected.com	www.efh.reu.temporary.site
1	api.vuukle.com	cdn.vuukle.com
1	vuukle.com	cdn.vuukle.com
1	btloader.com	www.efh.reu.temporary.site
1	freestar-io.videoplayerhub.com	1 redirects
1	cdn.confiant-integrations.net	a.pub.network
1	sb.scorecardresearch.com	a.pub.network
1	functionalfeather.com	a.pub.network
1	d.pub.network	www.efh.reu.temporary.site
1	cd.connatix.com	www.efh.reu.temporary.site
1	ajax.googleapis.com	www.efh.reu.temporary.site
1	s.nitropay.com	www.efh.reu.temporary.site
1	www.efh.reu.temporary.site
0	vid.connatix.com Failed	cds.connatix.com
0	imasdk.googleapis.com Failed	cds.connatix.com
0	i.liadm.com Failed	www.efh.reu.temporary.site
0	sync.intentiq.com Failed	www.efh.reu.temporary.site
0	sync.colossusssp.com Failed	www.efh.reu.temporary.site
0	cm.g.doubleclick.net Failed	www.efh.reu.temporary.site
0	id.rlcdn.com Failed	www.efh.reu.temporary.site
0	cs.media.net Failed	www.efh.reu.temporary.site
0	us-u.openx.net Failed	www.efh.reu.temporary.site
0	cs-server-s2s.yellowblue.io Failed	cds.connatix.com
0	ads.pubmatic.com Failed	cds.connatix.com
0	ssc-cms.33across.com Failed	cds.connatix.com
0	secure-assets.rubiconproject.com Failed	cds.connatix.com
0	quantcast.mgr.consensu.org Failed	www.efh.reu.temporary.site
0	839247932432.com Failed	www.efh.reu.temporary.site
121	69

This site contains no links.

Subject Issuer	Validity	Valid
webdisk.efh.reu.temporary.site R3	`2024-01-17` - `2024-04-16`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-02-26` - `2024-02-25`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
connatix.com GTS CA 1P5	`2024-01-02` - `2024-04-01`	3 months	crt.sh
d.pub.network GTS CA 1D4	`2023-12-03` - `2024-03-02`	3 months	crt.sh
functionalfeather.com R3	`2023-12-28` - `2024-03-27`	3 months	crt.sh
optimise.net GTS CA 1D4	`2024-01-17` - `2024-04-16`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.scorecardresearch.com Sectigo RSA Organization Validation Secure Server CA	`2023-12-11` - `2024-12-10`	a year	crt.sh
confiant-integrations.net GTS CA 1P5	`2024-01-17` - `2024-04-16`	3 months	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
hadronid.net GTS CA 1P5	`2023-12-03` - `2024-03-02`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M01	`2023-06-14` - `2024-07-12`	a year	crt.sh
*.iqzone.com Go Daddy Secure Certificate Authority - G2	`2023-04-05` - `2024-05-06`	a year	crt.sh
api.btloader.com GTS CA 1D4	`2023-12-08` - `2024-03-07`	3 months	crt.sh
ad-delivery.net GTS CA 1P5	`2024-01-20` - `2024-04-19`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
merequartz.com R3	`2023-12-05` - `2024-03-04`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://www.efh.reu.temporary.site/
Frame ID: 80229E943CED4DE9661F292762055AD2
Requests: 99 HTTP requests in this frame

Frame: https://cd.connatix.com/connatix.playspace.js?cid=0198ffcd-51a5-4cac-8aa2-dddf686db8f2
Frame ID: 2C39A0DD1595311B18CB9EEC756F22F8
Requests: 16 HTTP requests in this frame

Frame: https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=19564_2&endpoint=us-east&gdpr=0
Frame ID: C6DC317FA6845B78798F611EC2F63DC9
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00002y7TWTAA2&ru=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D37%26UserId%3D076a9af4d5c64d8284d39497d10e07ed%26DemandPartnerName%3D_33Across%26tier%3D2%26DemandPartnerUserId%3D33XUSERID33X&gdpr=0
Frame ID: 797A39F651DDC9D50CD3B105CFC2241F
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156592&predirect=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3D076a9af4d5c64d8284d39497d10e07ed%26DemandPartnerName%3DPubmatic%26tier%3D2%26DemandPartnerUserId%3D&gdpr=0
Frame ID: B25E6EC65620BF1439242C86A1DE2762
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr={gdpr}&gdpr_consent={gdpr_consent}&redirect=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d24%26ev%3d076a9af4d5c64d8284d39497d10e07ed%26pname%3dIronSource%26api-tier%3d2%26uid%3d{partnerId}%26direct%3D1
Frame ID: 201DEC1DBBF18DBF475ECE13C4328717
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

121
Requests

40 %
HTTPS

2 %
IPv6

56
Domains

69
Subdomains

28
IPs

3
Countries

1357 kB
Transfer

4941 kB
Size

50
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 59

https://freestar-io.videoplayerhub.com/gallery.js HTTP 301
https://btloader.com/tag?h=freestar-io&upapi=true

Request Chain 62

https://capi.connatix.com/core/sync HTTP 302
https://capi.connatix.com/core/sync?final=true&UserScoringType=Enabled&ImplementationType=0

Request Chain 74

https://ssum.casalemedia.com/usermatchredir?s=190549&cb=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D17%26ev%3D076a9af4d5c64d8284d39497d10e07ed%26pname%3DIndex%26api-tier%3D2%26uid%3D&gdpr=0 HTTP 302
https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D17%26ev%3D076a9af4d5c64d8284d39497d10e07ed%26pname%3DIndex%26api-tier%3D2%26uid%3D&gdpr=0&s=190549&C=1 HTTP 302
https://cks.connatix.com/cks?pid=17&ev=076a9af4d5c64d8284d39497d10e07ed&pname=Index&api-tier=2&uid=ZaytV7uxp02H0t2A2ZdSFgAA%261458

Request Chain 75

https://match.prod.bidr.io/cookie-sync/connatix?redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D15%26ev%3D076a9af4d5c64d8284d39497d10e07ed%26pname%3DBeeswax%26api-tier%3D2%26uid%3D%7Buserid%7D&gdpr=0 HTTP 303
https://match.prod.bidr.io/cookie-sync/connatix?redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D15%26ev%3D076a9af4d5c64d8284d39497d10e07ed%26pname%3DBeeswax%26api-tier%3D2%26uid%3D%7Buserid%7D&gdpr=0&_bee_ppp=1 HTTP 303
https://cks.connatix.com/cks?pid=15&ev=076a9af4d5c64d8284d39497d10e07ed&pname=Beeswax&api-tier=2&uid=AADe4E7LWVsAABPMCBggcg&gdpr=0

Request Chain 76

https://match.adsrvr.org/track/cmf/generic?ttd_pid=gapzaid&ttd_tpi=1&gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=gapzaid&ttd_tpi=1&gdpr=0 HTTP 302
https://cks.connatix.com/cks?pid=19&uid=c6a72c1e-46ee-4d72-b599-6544c2deb584&ttl=1708407383

Request Chain 77

https://ad.turn.com/r/cs?pid=67&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D21%26ev%3D076a9af4d5c64d8284d39497d10e07ed%26pname%3DAmobee%26api-tier%3D2%26uid%3D%23USER_ID%23&gdpr=0 HTTP 302
https://cks.connatix.com/cks?pid=21&ev=076a9af4d5c64d8284d39497d10e07ed&pname=Amobee&api-tier=2&uid=3914797552953003196

Request Chain 78

https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D25%26ev%3D076a9af4d5c64d8284d39497d10e07ed%26pname%3DTripleLift%26api-tier%3D2%26uid%3D%24UID&gdpr=0 HTTP 302
https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D25%26ev%3D076a9af4d5c64d8284d39497d10e07ed%26pname%3DTripleLift%26api-tier%3D2%26uid%3D%24UID HTTP 302
https://cks.connatix.com/cks?pid=25&ev=076a9af4d5c64d8284d39497d10e07ed&pname=TripleLift&api-tier=2&uid=2635925714963174054035

Request Chain 79

https://secure.adnxs.com/getuid?https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D6%26ev%3D076a9af4d5c64d8284d39497d10e07ed%26pname%3DAppNexus%26api-tier%3D2%26uid%3D%24UID=&gdpr=0 HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fcks.connatix.com%252Fcks%253Fpid%253D6%2526ev%253D076a9af4d5c64d8284d39497d10e07ed%2526pname%253DAppNexus%2526api-tier%253D2%2526uid%253D%2524UID%3D%26gdpr%3D0 HTTP 302
https://cks.connatix.com/cks?pid=6&ev=076a9af4d5c64d8284d39497d10e07ed&pname=AppNexus&api-tier=2&uid=8437250575464762438=&gdpr=0

Request Chain 80

https://sync.1rx.io/usersync2/rmpssp?sub=connatix&gdpr=0 HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=connatix&zcc=1&cb=1705815383479 HTTP 302
https://ad.turn.com/r/cs?pid=45&rndcb=119468 HTTP 302
https://sync.1rx.io/usersync/turn/3914797552953003196?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-f3c3cf43-28fd-49d1-94d9-197f1c9a72c2-005?redir=https%3A%2F%2Fcapi.connatix.com%2Fus%2Fpixel%3Fpuid%3DRX-f3c3cf43-28fd-49d1-94d9-197f1c9a72c2-005%26pId%3D44 HTTP 302
https://capi.connatix.com/us/pixel?puid=RX-f3c3cf43-28fd-49d1-94d9-197f1c9a72c2-005&pId=44

Request Chain 81

https://ssbsync.smartadserver.com/api/sync?callerId=6&gdpr=0&gdpr_consent=null HTTP 302
https://capi.connatix.com/us/pixel?puid=1694439876709839054&pId=40&gdpr=0&gdpr_consent=

Request Chain 85

https://bh.contextweb.com/bh/rtset?pid=561340&daaqp=1&ev=1&rurl=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D13%26ev%3D076a9af4d5c64d8284d39497d10e07ed%26pname%3DPulsePoint%26api-tier%3D2%26uid%3D%25%25VGUID%25%25&gdpr=0 HTTP 302
https://cks.connatix.com/cks?pid=13&ev=076a9af4d5c64d8284d39497d10e07ed&pname=PulsePoint&api-tier=2&uid=JJVBzd3uuKty

Request Chain 86

https://i.ctnsnet.com/int/cm?exc=24&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D28%26ev%3D076a9af4d5c64d8284d39497d10e07ed%26pname%3DCrimtan%26api-tier%3D2%26uid%3D%5Buser_id%5D&gdpr=0 HTTP 302
https://cks.connatix.com/cks?pid=28&ev=076a9af4d5c64d8284d39497d10e07ed&pname=Crimtan&api-tier=2&uid=cceebc444dac43a19bb99c38d8420634

Request Chain 87

https://csync.loopme.me/?redirect=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D18%26ev%3D076a9af4d5c64d8284d39497d10e07ed%26pname%3DLoopMe%26api-tier%3D2%26uid%3D%7Bdevice_id%7D%26pubid%3D11186&gdpr=0 HTTP 307
https://cks.connatix.com/cks?pid=18&ev=076a9af4d5c64d8284d39497d10e07ed&pname=LoopMe&api-tier=2&uid=bb2f8f15-c7d4-42a6-84f4-cdd710dc0493&pubid=11186&gdpr=0

Request Chain 88

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=105&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D9%26ev%3D076a9af4d5c64d8284d39497d10e07ed%26pname%3DCentro%26api-tier%3D2%26uid%3D%7BuserId%7D&gdpr=0 HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=105&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D9%26ev%3D076a9af4d5c64d8284d39497d10e07ed%26pname%3DCentro%26api-tier%3D2%26uid%3D%7BuserId%7D&gdpr=0 HTTP 302
https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=33839b8c-40c5-4e18-9383-3a9561269120-65acad57-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D33839b8c-40c5-4e18-9383-3a9561269120-65acad57-5553%26partner_url%3Dhttps%253A%252F%252Fcks.connatix.com%252Fcks%253Fpid%253D9%2526ev%253D076a9af4d5c64d8284d39497d10e07ed%2526pname%253DCentro%2526api-tier%253D2%2526uid%253D33839b8c-40c5-4e18-9383-3a9561269120-65acad57-5553%2526gdpr%253D0 HTTP 302
https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=33839b8c-40c5-4e18-9383-3a9561269120-65acad57-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D33839b8c-40c5-4e18-9383-3a9561269120-65acad57-5553%26partner_url%3Dhttps%253A%252F%252Fcks.connatix.com%252Fcks%253Fpid%253D9%2526ev%253D076a9af4d5c64d8284d39497d10e07ed%2526pname%253DCentro%2526api-tier%253D2%2526uid%253D33839b8c-40c5-4e18-9383-3a9561269120-65acad57-5553%2526gdpr%253D0&ct=y HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=33839b8c-40c5-4e18-9383-3a9561269120-65acad57-5553&partner_url=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D9%26ev%3D076a9af4d5c64d8284d39497d10e07ed%26pname%3DCentro%26api-tier%3D2%26uid%3D33839b8c-40c5-4e18-9383-3a9561269120-65acad57-5553%26gdpr%3D0 HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=33839b8c-40c5-4e18-9383-3a9561269120-65acad57-5553&partner_url=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D9%26ev%3D076a9af4d5c64d8284d39497d10e07ed%26pname%3DCentro%26api-tier%3D2%26uid%3D33839b8c-40c5-4e18-9383-3a9561269120-65acad57-5553%26gdpr%3D0 HTTP 302
https://cks.connatix.com/cks?pid=9&ev=076a9af4d5c64d8284d39497d10e07ed&pname=Centro&api-tier=2&uid=33839b8c-40c5-4e18-9383-3a9561269120-65acad57-5553&gdpr=0

Request Chain 89

https://ads.yieldmo.com/pbsync?is=smartnews&redirectUri=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D39%26ev%3D076a9af4d5c64d8284d39497d10e07ed%26pname%3DYieldMo%26api-tier%3D2%26uid%3D%24UID&gdpr=0 HTTP 302
https://cks.connatix.com/cks?pid=39&ev=076a9af4d5c64d8284d39497d10e07ed&pname=YieldMo&api-tier=2&uid=VErAKZZCCAZKm670w8ZL&gdpr=0

Request Chain 90

https://connatix-supply-partners.tremorhub.com/sync?UISCX=076a9af4d5c64d8284d39497d10e07ed&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D5%26ev%3D076a9af4d5c64d8284d39497d10e07ed%26pname%3DTelaria%26api-tier%3D2%26uid%3D%5BTVUSER_ID%5D&gdpr=0 HTTP 302
https://cks.connatix.com/cks?pid=5&ev=076a9af4d5c64d8284d39497d10e07ed&pname=Telaria&api-tier=2&uid=980a1963d3c14313b5432302c2529d4c

Request Chain 91

https://ads.stickyadstv.com/user-matching?id=3672&_fw_gdpr=0&_fw_gdpr_consent=null&gdpr=0 HTTP 302
https://capi.connatix.com/core/us?DemandPartner=33&DemandPartnerName=FreeWheel&DemandPartnerUserId=13b49702be374658f2e74e0e56371d&_fw_gdpr=0&_fw_gdpr_consent=null&gdpr=0

Request Chain 94

https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D1%26ev%3D076a9af4d5c64d8284d39497d10e07ed%26pname%3DSundaySky%26api-tier%3D2%26uid%3D%24%7Bssky_uuid%7D&gdpr=0 HTTP 302
https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D1%26ev%3D076a9af4d5c64d8284d39497d10e07ed%26pname%3DSundaySky%26api-tier%3D2%26uid%3D%24%7Bssky_uuid%7D&gdpr=0&_cvt=t HTTP 302
https://cks.connatix.com/cks?pid=1&ev=076a9af4d5c64d8284d39497d10e07ed&pname=SundaySky&api-tier=2&uid=d6.47b7bf0308204c7b9842e564cadaa469

Request Chain 95

https://sync.ipredictive.com/d/sync/cookie/generic?partner=connatix&cspid=25&append=0&cb=%24%7BADELPHIC_CACHE_BUSTER%7D&redirect=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D29%26ev%3D076a9af4d5c64d8284d39497d10e07ed%26pname%3DAdelphic%26api-tier%3D2%26uid%3D%24%7BADELPHIC_CUID%7D&gdpr=0 HTTP 302
https://cks.connatix.com/cks?pid=29&ev=076a9af4d5c64d8284d39497d10e07ed&pname=Adelphic&api-tier=2&uid=fb3ba5e4-b380-470d-b8b0-1ef547834b21

Request Chain 96

https://sync.resetdigital.co/csync?pid=connatix&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D35%26ev%3D076a9af4d5c64d8284d39497d10e07ed%26pname%3DResetDigital%26api-tier%3D2%26uid%3D%24USER_ID&gdpr=0 HTTP 302
https://cks.connatix.com/cks?pid=35&ev=076a9af4d5c64d8284d39497d10e07ed&pname=ResetDigital&api-tier=2&uid=00000129FB08FFE4

Request Chain 97

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D43%26ev%3D076a9af4d5c64d8284d39497d10e07ed%26pname%3DSonobi%26api-tier%3D2%26uid%3D%5BUID%5D&gdpr=0 HTTP 302
https://cks.connatix.com/cks?pid=43&ev=076a9af4d5c64d8284d39497d10e07ed&pname=Sonobi&api-tier=2&uid=8e63b9a4-3de5-45a7-a4b0-a38aa6084b8d

Request Chain 103

https://capi.connatix.com/us/google/pixel?tier=2&gdpr=0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=connatix&google_hm=MDc2YTlhZjRkNWM2NGQ4Mjg0ZDM5NDk3ZDEwZTA3ZWQ&extra1=076a9af4d5c64d8284d39497d10e07ed&gdpr=0&google_redir=https%3a%2f%2fcapi.connatix.com%2fus%2fgoogle%2freport

121 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.efh.reu.temporary.site/ 65 KB
20 KB 680ms
345ms Document
text/html 192.254.190.111
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.efh.reu.temporary.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.254.190.111 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-254-190-111.unifiedlayer.com
Software: Apache /
Resource Hash: 9df0500fe1ceb1e22ca99448f1e8ce8731bbf3136445d1237a9545b472157bd9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 21 Jan 2024 05:36:21 GMT
link: <https://839247932432.com/wp-json/>; rel="https://api.w.org/"
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 0
x-nginx-cache: WordPress

GET style.min.css
839247932432.com/wp-includes/css/dist/block-library/ 0
0

GET style.css
839247932432.com/wp-content/themes/thoughtnova/ 0
0

GET jquery.min.js
839247932432.com/wp-includes/js/jquery/ 0
0

GET jquery-migrate.min.js
839247932432.com/wp-includes/js/jquery/ 0
0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 133 KB
51 KB 542ms
38ms Script
application/javascript 142.251.41.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-120226452-1

Requested by

Host: www.efh.reu.temporary.site
URL: https://www.efh.reu.temporary.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.41.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

82cc29b4ae86c6cb446ca64068bb4f6544b0997abe67d5971ef8d59e27324253

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.efh.reu.temporary.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 05:36:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 51837
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 21 Jan 2024 05:36:22 GMT

GET
H2 200 cls.css
a.pub.network/core/pubfig/ 2 KB
1 KB 399ms
15ms Stylesheet
text/css 104.18.21.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.pub.network/core/pubfig/cls.css
Requested by: Host: www.efh.reu.temporary.site
URL: https://www.efh.reu.temporary.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.21.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36367e0c3f5a8b490bebc5bfc526b10c7d4e4c371eb2b73d438f80f167fb9ca4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.efh.reu.temporary.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 05:36:21 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1436
x-guploader-uploadid: ABPtcPo8EpS0L99lewkatgEPngEJ7Krv9THBfbOuw4Ld4eu3HXZDL2TuA1Zi7pJzKHFQUSKMiOFJQP4KMg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
last-modified: Fri, 28 Oct 2022 14:36:10 GMT
server: cloudflare
etag: W/"816783146b3907e634d0e822ca759864"
vary: Accept-Encoding
x-goog-hash: crc32c=4G+Zdg==, md5=gWeDFGs5B+Y00OgiynWYZA==
x-goog-generation: 1666967770269941
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600
x-goog-stored-content-length: 2096
cf-ray: 848d32f8987c7cac-EWR
expires: Sun, 21 Jan 2024 06:36:21 GMT

GET
H2 200 pubfig.min.js Show response
a.pub.network/thoughtnova-com/ 94 KB
32 KB 31ms
20ms Script
application/javascript 104.18.21.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.pub.network/thoughtnova-com/pubfig.min.js
Requested by: Host: www.efh.reu.temporary.site
URL: https://www.efh.reu.temporary.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.21.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 482f94a6b226a1ec1e468e5477b35eea7f4f271147373151c37802df2c0643e2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.efh.reu.temporary.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 05:36:21 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 109438
x-guploader-uploadid: ABPtcPqZua_UuacrgdpFkdxK3wN-6UM-hmfrCF3I2ps06mV0oI3O_mboOm0EYInRD8rHlvlGIkiOV0orvQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Thu, 18 Jan 2024 21:52:15 GMT
server: cloudflare
etag: W/"689a9675480465223035762804c23c82"
vary: Accept-Encoding
x-goog-hash: crc32c=JMoJhg==, md5=aJqWdUgEZSIwNXYoBMI8gg==
x-goog-generation: 1705614735352227
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=1800
x-goog-stored-content-length: 96332
cf-ray: 848d32f8c8b07cac-EWR
link: <https://d.pub.network/v2/sites/thoughtnova-com/configs?env=PROD>; rel="preload"; as="fetch"; crossorigin="use-credentials", <https://optimise.net>; rel="preconnect", <https://api.floors.dev>; rel="preconnect"
expires: Sun, 21 Jan 2024 06:06:21 GMT

GET
H2 403 ads-1228.js
s.nitropay.com/ 0
0 766ms
263ms Script
text/plain 104.18.3.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.nitropay.com/ads-1228.js

Requested by

Host: www.efh.reu.temporary.site
URL: https://www.efh.reu.temporary.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.3.78 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.efh.reu.temporary.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 05:36:22 GMT
strict-transport-security: max-age=2592000; includeSubDomains
server: cloudflare
cf-ray: 848d32fbd91541e6-EWR
alt-svc: h3=":443"; ma=86400
content-length: 0
vary: Accept-Encoding

GET Thoughtnova-Logo.svg
839247932432.com/wp-content/uploads/2023/05/ 0
0

GET 245189507-159050509758482-5314915735549354309-n-e1648625640851.jpg
839247932432.com/wp-content/uploads/2022/09/ 0
0

GET Copy-of-THOUGHTNOVA-2000x1300-10-1-2-1536x998-1.jpg
839247932432.com/wp-content/uploads/2022/09/ 0
0

GET 29d1f8596f924156b1d298a1276d2dfe-2048x1152-1.jpg
839247932432.com/wp-content/uploads/2022/09/ 0
0

GET Screenshot-2022-09-27-at-21.26.50.png
839247932432.com/wp-content/uploads/2022/09/ 0
0

GET E0C409C5-9F6F-459E-B0C7-17E81C3D167B-1.png
839247932432.com/wp-content/uploads/2022/09/ 0
0

GET Pirates-of-the-Caribbean-2.jpg
839247932432.com/wp-content/uploads/2022/05/ 0
0

GET oarfish-1-2019-07-01.jpg
839247932432.com/wp-content/uploads/2022/03/ 0
0

GET 1232.jpeg
839247932432.com/wp-content/uploads/2022/03/ 0
0

GET Copy-of-THOUGHTNOVA-2000x1300-2-1-11-1500x975-1-1.jpeg
839247932432.com/wp-content/uploads/2022/03/ 0
0

GET Crystal-skull-british-museum-random9834672-1.jpeg
839247932432.com/wp-content/uploads/2022/03/ 0
0

GET longo.jpeg
839247932432.com/wp-content/uploads/2022/03/ 0
0

GET Steve_Paul_Jobs_and_his_Apple_iphone4_1920x1440.jpg
839247932432.com/wp-content/uploads/2022/03/ 0
0

GET 11.jpeg
839247932432.com/wp-content/uploads/2022/03/ 0
0

GET D-TdzDqjsOEsfCmh7VkMeUEogvGfzawSRYqA3Cq-wH0.jpg
839247932432.com/wp-content/uploads/2022/03/ 0
0

GET Baker-FightClub.jpg
839247932432.com/wp-content/uploads/2022/03/ 0
0

GET DfB4P55W4AArtJ5.jpg
839247932432.com/wp-content/uploads/2022/03/ 0
0

GET xlarge-3.jpeg
839247932432.com/wp-content/uploads/2022/03/ 0
0

GET travel-worms-pinching-bot-flies-and-joys-of-travel.jpg
839247932432.com/wp-content/uploads/2022/03/ 0
0

GET 324234-1500x996-1.jpg
839247932432.com/wp-content/uploads/2022/03/ 0
0

GET 82a6f94dd236b43255e5d4ca3833cfea.jpg
839247932432.com/wp-content/uploads/2022/03/ 0
0

GET E4BMaWBVUAI9Pg-.jpg
839247932432.com/wp-content/uploads/2022/03/ 0
0

GET NINTCHDBPICT000507887285-1.jpg
839247932432.com/wp-content/uploads/2022/03/ 0
0

GET f1280x720-18976-150651-5050.jpg
839247932432.com/wp-content/uploads/2022/03/ 0
0

GET hannibal-2001-03-g.jpg
839247932432.com/wp-content/uploads/2022/03/ 0
0

GET dunyanin-en-guzel-kizi-thylane-blondeau-buyudu-12405265_7065_amp.jpg
839247932432.com/wp-content/uploads/2022/03/ 0
0

GET ap22055857029205-wide-734eb7be5357c6d8600e84f43508c867310701c4.jpg
839247932432.com/wp-content/uploads/2022/03/ 0
0

GET 257349831_431408061907565_6726309771390300185_n.jpg
839247932432.com/wp-content/uploads/2022/03/ 0
0

GET f.elconfidencial.com_original_7e3_488_aad_7e3488aad26e671622f7f830eafb5ef5.jpg
839247932432.com/wp-content/uploads/2022/03/ 0
0

GET resize.jpg
839247932432.com/wp-content/uploads/2022/03/ 0
0

GET index.min.js
839247932432.com/wp-content/themes/thoughtnova/ 0
0

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 87 KB
31 KB 340ms
9ms Script
text/javascript 142.250.64.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: www.efh.reu.temporary.site
URL: https://www.efh.reu.temporary.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.64.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f10.1e100.net

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.efh.reu.temporary.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 12:14:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62499
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31021
x-xss-protection: 0
last-modified: Fri, 08 May 2020 07:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Jan 2025 12:14:42 GMT

GET
BLOB 200
OK f54c0113-3360-4630-ada7-745585a4508c
https://www.efh.reu.temporary.site/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.efh.reu.temporary.site/f54c0113-3360-4630-ada7-745585a4508c
Requested by: Host: www.efh.reu.temporary.site
URL: https://www.efh.reu.temporary.site/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET choice.js
quantcast.mgr.consensu.org/choice/N2Y3kAfxwVJnx/www.efh.reu.temporary.site/ 0
0

GET
H2 200 connatix.playspace.js Show response
cd.connatix.com/ Frame 2C39 7 KB
3 KB 332ms
17ms Script
application/javascript 172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cd.connatix.com/connatix.playspace.js?cid=0198ffcd-51a5-4cac-8aa2-dddf686db8f2
Requested by: Host: www.efh.reu.temporary.site
URL: https://www.efh.reu.temporary.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ad4ad444ea134cce5fbadf849a968b9560551401fb570f7bfc821b43db28f1d

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 05:36:21 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache, no-store, must-revalidate, max-age=0
cf-ray: 848d32f89ccf4219-EWR
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc: h3=":443"; ma=86400

GET Thoughtnova-Logo.svg
839247932432.com/wp-content/uploads/2023/05/ 0
0

GET
H2 200 si
capi.connatix.com/tr/ 0
87 B 120ms
86ms Image
application/json 172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capi.connatix.com/tr/si?token=97b20ebe-d667-486d-9ec2-c89bf5471831&cid=0198ffcd-51a5-4cac-8aa2-dddf686db8f2
Requested by: Host: www.efh.reu.temporary.site
URL: https://www.efh.reu.temporary.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.efh.reu.temporary.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 05:36:21 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/json
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 848d32f90dfa4219-EWR
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 configs
d.pub.network/v2/sites/thoughtnova-com/ 47 KB
6 KB 79ms
34ms Other
application/json 34.160.152.31
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d.pub.network/v2/sites/thoughtnova-com/configs?env=PROD
Requested by: Host: www.efh.reu.temporary.site
URL: https://www.efh.reu.temporary.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.152.31 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 31.152.160.34.bc.googleusercontent.com
Software: /
Resource Hash: 351a3ff96b0e7de1ebf2ae5df2510e826c81d9056866e410ed37e4fb5a60c830

Request headers

Referer: https://www.efh.reu.temporary.site/
Origin: https://www.efh.reu.temporary.site
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 05:36:21 GMT
content-encoding: gzip
via: 1.1 google
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
content-type: application/json
access-control-allow-origin: https://www.efh.reu.temporary.site
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 platform.js Show response
cdn.vuukle.com/ 245 KB
63 KB 481ms
27ms Script
application/javascript 104.22.60.168
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vuukle.com/platform.js
Requested by: Host: www.efh.reu.temporary.site
URL: https://www.efh.reu.temporary.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.60.168 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5241f0728079864ee5553634ca3a7b18fdd2cffb9bbdf1697ad083d04e31fb48

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.efh.reu.temporary.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 05:36:22 GMT
content-encoding: br
cf-cache-status: HIT
age: 248092
cf-polished: origSize=251477
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 18 Jan 2024 08:40:16 GMT
server: cloudflare
etag: W/"65a8e3f0-3d655"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=7200
cf-ray: 848d32fbdf5b7cff-EWR
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 connatix.playspace.js Show response
cds.connatix.com/p/414645/ Frame 2C39 1 MB
304 KB 72ms
41ms Script
application/javascript 172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/414645/connatix.playspace.js?cid=0198ffcd-51a5-4cac-8aa2-dddf686db8f2
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js?cid=0198ffcd-51a5-4cac-8aa2-dddf686db8f2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a032373dbe792beb63db5704ac86f8f6376d7210bbaa325c777bbda1e34b99df

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 05:36:21 GMT
x-amz-version-id: PceFez2CkvlEv8C40sW7GII9ANl89JwW
content-encoding: br
cf-cache-status: HIT
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 19 Jan 2024 16:06:31 GMT
server: cloudflare
etag: W/"8fd594111aa8ddc94d21350142e6696a"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age: 86400
cf-ray: 848d32f93eba4219-EWR
access-control-allow-headers: range
expires: Mon, 20 Jan 2025 05:36:21 GMT

GET wp-emoji-release.min.js
839247932432.com/wp-includes/js/ 0
0

GET
H2 200 70090d06c5f3278a992dfa65fa14a0255738b4 Show response
functionalfeather.com/chunks/ 68 KB
24 KB 494ms
45ms Script
text/javascript 34.110.189.112
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://functionalfeather.com/chunks/70090d06c5f3278a992dfa65fa14a0255738b4

Requested by

Host: a.pub.network
URL: https://a.pub.network/thoughtnova-com/pubfig.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.110.189.112 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

112.189.110.34.bc.googleusercontent.com

Software

Resource Hash

f0c1a9c4a2298fdce4e31747bcb4c2833815eb61ac645c64792cc41b11682dd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.efh.reu.temporary.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
via: 1.1 google
date: Sun, 21 Jan 2024 05:36:22 GMT
x-datacenter: gce-us-east1
etag: "4879730e2715c509ee5720a1a8746b28e153ff676b4c54fb964f592e076a5944"
x-buildname: hoothoot
vary: Accept-Encoding, Accept-Language
x-hostname: fen-hoothoot-us-east1-4wcv
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
x-buildnumber: 1072352451
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H2 200 /
optimise.net/ Frame 0
0 80ms
22ms Preflight 34.111.152.239
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://optimise.net/?k=0&d=thoughtnova.com&t=desktop

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.152.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

239.152.111.34.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload;

Request headers

Accept: */*
Access-Control-Request-Headers: x-api-key
Access-Control-Request-Method: GET
Origin: https://www.efh.reu.temporary.site
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key
access-control-allow-methods: ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
access-control-allow-origin: https://www.efh.reu.temporary.site
access-control-expose-headers: fs-client-rtt
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
date: Sun, 21 Jan 2024 05:36:22 GMT
expires: 0
fs-client-rtt: 10
pragma: no-cache
strict-transport-security: max-age=31536000;includeSubDomains;preload;
via: 1.1 google

GET
H3 200 / Show response
optimise.net/ 2 KB
2 KB 28ms
4ms Fetch
application/json 34.111.152.239
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://optimise.net/?k=0&d=thoughtnova.com&t=desktop

Requested by

Host: a.pub.network
URL: https://a.pub.network/thoughtnova-com/pubfig.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.111.152.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

239.152.111.34.bc.googleusercontent.com

Software

Resource Hash

75ab079e1921679417e296669209b7a773467fb4be05170cef9cc3e85fbaa52d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload;

Request headers

Referer: https://www.efh.reu.temporary.site/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
x-api-key: 4e799501-b8b6-4ef1-bad5-225b3dd1aa8d

Response headers

strict-transport-security: max-age=31536000;includeSubDomains;preload;
via: 1.1 google
date: Sun, 21 Jan 2024 05:17:02 GMT
fs-client-rtt: 13
age: 1160
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2160
pragma: no-cache
access-control-max-age: 3600
access-control-allow-methods: ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
content-type: application/json
access-control-allow-origin: https://www.efh.reu.temporary.site
access-control-expose-headers: fs-client-rtt
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key
expires: 0

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 97 KB
29 KB 451ms
83ms Script
text/javascript 172.217.165.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: a.pub.network
URL: https://a.pub.network/thoughtnova-com/pubfig.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.165.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lax30s03-in-f2.1e100.net

Software

cafe /

Resource Hash

80c1255cfa765097014653b202ae917bddad12fef4c3f4dc58b61a345aecb770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.efh.reu.temporary.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 05:36:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29366
x-xss-protection: 0
server: cafe
etag: 773 / 19743 / m202401160101 / config-hash: 15866861927224639442
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 21 Jan 2024 05:36:22 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 137ms
31ms Script
application/javascript 108.156.91.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: a.pub.network
URL: https://a.pub.network/thoughtnova-com/pubfig.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.91.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-91-129.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.efh.reu.temporary.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 14:23:53 GMT
content-encoding: gzip
via: 1.1 f497fa2422d5b3ba3b34ed87ffef89a6.cloudfront.net (CloudFront)
last-modified: Thu, 07 Dec 2023 12:13:41 GMT
server: AmazonS3
x-amz-cf-pop: ORD56-P1
age: 54750
x-amz-server-side-encryption: AES256
etag: W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: -gkPCjf7ZnwRW3icdge73_H7atvDqbGlioXmHAKcdLdgs78XW_U-xg==

GET
H2 200 pubfig.engine.js Show response
a.pub.network/core/pubfig/5.34.5/ 328 KB
96 KB 20ms
17ms Script
application/javascript 104.18.21.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.pub.network/core/pubfig/5.34.5/pubfig.engine.js
Requested by: Host: a.pub.network
URL: https://a.pub.network/thoughtnova-com/pubfig.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.21.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 57bd03de9ed940ed072b1fc5bf85a7785415c883099ea4026c791ac8ae1ab3d7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.efh.reu.temporary.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 05:36:22 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 109468
x-guploader-uploadid: ABPtcPriPHZmxD0XJ6u_f1loPilm6SNJHuOAddfG9ACLZMNc7bpus6tSHA_IEVUvr3BBOWmCPz5EuQ43vw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
last-modified: Thu, 18 Jan 2024 20:59:08 GMT
server: cloudflare
etag: W/"326ebb382423d154e8aeca41431f025a"
vary: Accept-Encoding
x-goog-hash: crc32c=5u5/vg==, md5=Mm67OCQj0VTorspBQx8CWg==
x-goog-generation: 1705611548077728
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600
x-goog-stored-content-length: 336248
cf-ray: 848d32f999b47cac-EWR
expires: Sun, 21 Jan 2024 06:36:22 GMT

GET
H2 200 prebid-analytics-8.30.0.js Show response
a.pub.network/core/ 688 KB
220 KB 15ms
14ms Script
text/javascript 104.18.21.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.pub.network/core/prebid-analytics-8.30.0.js
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/pubfig/5.34.5/pubfig.engine.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.21.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcc9deddadf835f38e3f7ef4abd99651ed6751a56b6063eeecf6416de08d0ef0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.efh.reu.temporary.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 05:36:22 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 23066
x-guploader-uploadid: ABPtcPp1k41jau32rWgZtmpF3AOrat4W59Fnhz3VWtS7VcsQgLzLvOYs7BeMB3oJjLIObQUWqw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
last-modified: Thu, 18 Jan 2024 14:30:43 GMT
server: cloudflare
etag: W/"cec3a9140f20053679a709aabf1ded8e"
vary: Accept-Encoding
x-goog-hash: crc32c=8jcK4g==, md5=zsOpFA8gBTZ5pwmqvx3tjg==
x-goog-generation: 1705588243161795
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
x-goog-stored-content-length: 704260
cf-ray: 848d32fa3a877cac-EWR
expires: Mon, 22 Jan 2024 05:36:22 GMT

GET
H2 200 cSyncRemoteEntry.js Show response
cds.connatix.com/p/414645/ Frame 2C39 3 KB
2 KB 26ms
25ms Script
application/javascript 172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/414645/cSyncRemoteEntry.js
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/414645/connatix.playspace.js?cid=0198ffcd-51a5-4cac-8aa2-dddf686db8f2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f5cea81bb63d0214976da19bc823736066909b01efa7bf8cdb4d5de805eea93

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 05:36:22 GMT
x-amz-version-id: l020z9O7.uqeWVOAW.6BAldXeDRK.RYo
content-encoding: br
cf-cache-status: HIT
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 19 Jan 2024 16:06:33 GMT
server: cloudflare
etag: W/"d60d811350d7df0f4503ae40d8a9728a"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age: 86400
cf-ray: 848d32fac9004219-EWR
access-control-allow-headers: range
expires: Mon, 20 Jan 2025 05:36:22 GMT

GET
H2 200 connatix.playspace.css
cds.connatix.com/p/414645/ 117 KB
18 KB 25ms
21ms Stylesheet
text/css 172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/414645/connatix.playspace.css
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/414645/connatix.playspace.js?cid=0198ffcd-51a5-4cac-8aa2-dddf686db8f2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6cc5851758ac9f463cdc2fc3f76298fe17e16d607788e6e2bf486f19288413eb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.efh.reu.temporary.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 05:36:22 GMT
x-amz-version-id: .pHuKE4yEIYGrd6oTu9e83r_aGtrf92P
content-encoding: br
cf-cache-status: HIT
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 19 Jan 2024 16:06:30 GMT
server: cloudflare
etag: W/"82dee560f7efd9da1bab844ae7f14cef"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: text/css
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age: 86400
cf-ray: 848d32fac9034219-EWR
access-control-allow-headers: range
expires: Mon, 20 Jan 2025 05:36:22 GMT

GET
H2 200 config.js Show response
cdn.confiant-integrations.net/qaKtxuL1KR_2Tfmz0NmPaAudsBc/gpt_and_prebid/ 86 KB
20 KB 487ms
44ms Script
text/javascript 172.64.144.166
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/qaKtxuL1KR_2Tfmz0NmPaAudsBc/gpt_and_prebid/config.js
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/pubfig/5.34.5/pubfig.engine.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.144.166 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22899131dfbb5d6bab4663435711f6ab797127a8574ce301297de972f7d839da

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.efh.reu.temporary.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 05:36:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 21 Jan 2024 03:49:32 GMT
server: cloudflare
x-amz-request-id: 0JCX9KPREE35VF9T
age: 517
etag: W/"f1bfb0fecf2b8869cd7dae26bc82dc61"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=900, stale-while-revalidate=3600
cf-ray: 848d32fd8f367ca2-EWR
alt-svc: h3=":443"; ma=86400
x-amz-id-2: hpjE9G9X1uXzAOUAo1F9V/0thLF0/IEep5ciYH+4OdQj2qY+Z3SY1j3/0dIFPhCjp0FzEtNvA70=

GET
H2

200

tag Show response
btloader.com/
Redirect Chain

https://freestar-io.videoplayerhub.com/gallery.js
https://btloader.com/tag?h=freestar-io&upapi=true

462 KB
96 KB

675ms
38ms

Script
application/javascript

172.67.41.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?h=freestar-io&upapi=true
Requested by: Host: www.efh.reu.temporary.site
URL: https://www.efh.reu.temporary.site/
Protocol: H2
Server: 172.67.41.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b1e3d5de2c85985171fe6b36817b4a4bfba66c3237febb2237a5a040046dd80

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.efh.reu.temporary.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 05:36:23 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
last-modified: Sun, 21 Jan 2024 04:59:55 GMT
server: cloudflare
age: 2148
etag: "4e8612a99cc4897e0c53d9697bdd5c01"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
accept-ranges: bytes
cf-ray: 848d3302bc3641f9-EWR
content-length: 97915

Redirect headers

date: Sun, 21 Jan 2024 05:36:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mols96Zl3uEVsjNaDurqwstb1q6oSHwuKkW2LXf59KlLBBQMqKZJfpy6F40HZDAmDesh8sJiB26QscI11G0P8LqtfpNJkj60dzoSiq3f35qLW6gXY%2B2ZrwX4SYoa8CVO37xaBi9an4Ey4LtUxf68GQ%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://btloader.com/tag?h=freestar-io&upapi=true
cache-control: max-age=3600
cf-ray: 848d32fd9f1641e1-EWR
expires: Sun, 21 Jan 2024 06:36:22 GMT

GET
H2 200 952.js Show response
cds.connatix.com/p/414645/ Frame 2C39 76 KB
19 KB 37ms
36ms Script
application/javascript 172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/414645/952.js
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/414645/cSyncRemoteEntry.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe917cd13fd4d9f376fd1cfa6ee6d31d6c7a89a5e7129dc8511b6e2aec860fa1

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 05:36:22 GMT
x-amz-version-id: 8LQo1zXOfdiEF_PaRaXLder1cPh2x1md
content-encoding: br
cf-cache-status: HIT
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 19 Jan 2024 16:06:33 GMT
server: cloudflare
etag: W/"57846254bbd200f9201061ef4191f1e3"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age: 86400
cf-ray: 848d32fbda4e4219-EWR
access-control-allow-headers: range
expires: Mon, 20 Jan 2025 05:36:22 GMT

GET
H2 200 402.js Show response
cds.connatix.com/p/414645/ Frame 2C39 46 KB
10 KB 25ms
25ms Script
application/javascript 172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/414645/402.js
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/414645/cSyncRemoteEntry.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7485e9e3647729a9f0db519614d5cb98720c4a69858b8b9f3eb4548879cf6ca3

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 05:36:22 GMT
x-amz-version-id: LGTTxrQ95VHnAU4QKvuaByqpwLWnmBIT
content-encoding: br
cf-cache-status: HIT
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 19 Jan 2024 16:06:33 GMT
server: cloudflare
etag: W/"4c8cbf697442ef4146656466c21d31fe"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age: 86400
cf-ray: 848d32fbda4f4219-EWR
access-control-allow-headers: range
expires: Mon, 20 Jan 2025 05:36:22 GMT

GET
H3

200

sync Show response
capi.connatix.com/core/ Frame 2C39
Redirect Chain

https://capi.connatix.com/core/sync
https://capi.connatix.com/core/sync?final=true&UserScoringType=Enabled&ImplementationType=0

6 KB
2 KB

120ms
119ms

XHR
application/json

172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/core/sync?final=true&UserScoringType=Enabled&ImplementationType=0
Requested by: Host: www.efh.reu.temporary.site
URL: https://www.efh.reu.temporary.site/
Protocol: H3
Server: 172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cdd128c4cc083e7c351c2c410a066ed8e74f609610fd611ab000e4249767e952

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 05:36:22 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.efh.reu.temporary.site
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 848d32fca8fc0f8c-EWR
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Sun, 21 Jan 2024 05:36:22 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-protobuf
location: https://capi.connatix.com:443/core/sync?final=true&UserScoringType=Enabled&ImplementationType=0
access-control-allow-origin: https://www.efh.reu.temporary.site
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 848d32fc1a874219-EWR
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length: 27
alt-svc: h3=":443"; ma=86400

POST
H2 200 story Show response
capi.connatix.com/core/ Frame 2C39 121 KB
23 KB 211ms
210ms XHR
application/x-protobuf 172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/core/story?v=414645&cid=0198ffcd-51a5-4cac-8aa2-dddf686db8f2
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/414645/connatix.playspace.js?cid=0198ffcd-51a5-4cac-8aa2-dddf686db8f2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b870779ece3da4c0f23e1942d3ee8f5ffefd8a2338f21f782336340e5a8b2fd2

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Sun, 21 Jan 2024 05:36:22 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.efh.reu.temporary.site
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 848d32fc2a8d4219-EWR
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc: h3=":443"; ma=86400

POST
H2 200 getGeo Show response
vuukle.com/ 114 B
375 B 697ms
111ms XHR
application/json 104.22.60.168
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vuukle.com/getGeo
Requested by: Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/platform.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.60.168 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ac8a6492de437e3dfb4b0a64fe904c55d9c7fd6245508946ff5a3591002570b

Request headers

Referer: https://www.efh.reu.temporary.site/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 21 Jan 2024 05:36:23 GMT
content-encoding: br
accept-ch: sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-viewport-width
server: cloudflare
vary: Accept-Encoding
access-control-max-age: 86400
access-control-allow-methods: GET,HEAD,POST,OPTIONS
access-control-allow-origin: *
content-type: application/json;charset=UTF-8
cf-ray: 848d32fffd32729e-EWR
alt-svc: h3=":443"; ma=86400

GET
H2 200 PublicConfigs Show response
api.vuukle.com/api/v1/Publishers/ 59 B
551 B 890ms
307ms XHR
application/json 172.67.22.149
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.vuukle.com/api/v1/Publishers/PublicConfigs?apiKey=cd196cb9-3256-4804-bab8-6f2b2b210b37&host=efh.reu.temporary.site

Requested by

Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/platform.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.22.149 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9fab4bfc86d7b7ef5edd66370cba202ffdd73b138b2512b870c72d6893acc6c3

Security Headers

Name	Value
X-Xss-Protection	1

Request headers

Referer: https://www.efh.reu.temporary.site/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 21 Jan 2024 05:36:23 GMT
via: 1.1 varnish (Varnish/6.2)
content-encoding: br
cf-cache-status: DYNAMIC
age: 0
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH, OPTIONS
x-varnish: 391282701
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.efh.reu.temporary.site
cache-control: no-store,no-cache
access-control-allow-credentials: true
access-control-allow-credentiails: true
cf-ray: 848d32ffed830f65-EWR
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2 404 efh.reu.temporary.site.js
cdn.vuukle.com/domain-configs/ 0
0 1040ms
1039ms Script
text/html 104.22.60.168
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vuukle.com/domain-configs/efh.reu.temporary.site.js
Requested by: Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/platform.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.60.168 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.efh.reu.temporary.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H2 200 skeleton.gif
static.adsafeprotected.com/ 43 B
483 B 683ms
120ms Image
image/gif 3.162.163.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif?adslot=aqglya_728x90_
Requested by: Host: www.efh.reu.temporary.site
URL: https://www.efh.reu.temporary.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.163.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-163-24.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.efh.reu.temporary.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 17:29:43 GMT
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via: 1.1 8de228793dc6e07df91d920a84de50c6.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD56-P8
age: 3499601
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: AmazonS3
etag: "45cf913e5d9d3c9b2058033056d3dd23"
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: npQVVX6gGn84ulb7FYCqEXb3LcAzR2zqjiUavVX9CZ6UdsN0y08Tkw==

GET
H2 404 js
www.googletagmanager.com/gtag/ 0
0 35ms
34ms Script
text/html 142.251.41.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.googletagmanager.com/gtag/js?id=G-BZKT0097MT&l=dataLayer&cx=c
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-120226452-1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.41.8 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga34s40-in-f8.1e100.net
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.efh.reu.temporary.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/ 430 KB
135 KB 9ms
5ms Script
text/javascript 172.217.165.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.165.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lax30s03-in-f2.1e100.net

Software

cafe /

Resource Hash

1d13cfeb68d1dd40526d00e29dfa3eaf1c163ad2ac341fe4dc61a3b01c5b1311

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.efh.reu.temporary.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 01:39:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14196
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138162
x-xss-protection: 0
server: cafe
etag: 1666572220375911148
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 20 Jan 2025 01:39:46 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 86 B
612 B 786ms
66ms XHR
application/json 172.217.165.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.efh.reu.temporary.site

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.165.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lax30s03-in-f2.1e100.net

Software

cafe /

Resource Hash

32f26dcc56ef9afabcd944f449a1c0845493a08ecc6a90cf2893ec712abb7af7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.efh.reu.temporary.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 05:36:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70
x-xss-protection: 0
expires: Sun, 21 Jan 2024 05:36:23 GMT

GET
H2 200 hadron.js Show response
cdn.hadronid.net/ 55 KB
10 KB 485ms
118ms Script
application/javascript 104.22.53.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.efh.reu.temporary.site%2F&ref=&_it=freestar&partner_id=474&ha=_hadron
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/pubfig/5.34.5/pubfig.engine.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.53.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2365cc11ef3d43f265b848c7164e5487c7a49d6af06c2938ac9272c8d91fc1a2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.efh.reu.temporary.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 05:36:23 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 29 Nov 2023 15:31:45 GMT
server: cloudflare
x-amz-request-id: 01CADRK6PEVBEZB5
age: 4808
etag: W/"13043c1bbaf21ccc6e8ed474a744d3f2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 848d32fffdf3c3f3-EWR
x-amz-id-2: flKA/w3j/xi2gJ65jogAIT1IJi47Xyyg7sUYQQ2R7nOR/7B5jvPTNgJSLJ3NwqiCDc6W3Pg1WdM=

GET
H2 200 IIQUniversalID.js Show response
a.pub.network/core/intentIQ/20230622/ 55 KB
13 KB 32ms
31ms Script
text/javascript 104.18.21.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.pub.network/core/intentIQ/20230622/IIQUniversalID.js
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/pubfig/5.34.5/pubfig.engine.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.21.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48c76c91f2d42a1668fee310da41b7c1f0d97d7ab0fa55fcf794e2cd3e412242

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.efh.reu.temporary.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 05:36:22 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 109468
x-guploader-uploadid: ABPtcPqfrjkJWcQ4MC_7P95JNkr8sF15r-FMzqtJHuIkUfy55TKy8lNSmUR0rKKBQmOU339eI6Pn44CwYg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
last-modified: Thu, 22 Jun 2023 23:15:14 GMT
server: cloudflare
etag: W/"c45a15a8a50c2a275e14695cf631d08d"
vary: Accept-Encoding
x-goog-hash: crc32c=6m2COg==, md5=xFoVqKUMKideFGlc9jHQjQ==
x-goog-generation: 1687475714790007
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=3600
x-goog-stored-content-length: 56442
cf-ray: 848d32fdaf1b7cac-EWR
expires: Sun, 21 Jan 2024 06:36:22 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 282 KB
70 KB 468ms
128ms Script
application/javascript 52.85.249.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/pubfig/5.34.5/pubfig.engine.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.249.178 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-249-178.ord51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 66db01e9328733a5f6a6bad62ab921f53837d6eb11d81a3a4995c3e747821a50

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.efh.reu.temporary.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 04:41:10 GMT
content-encoding: gzip
via: 1.1 51081841af61b5839c183849bf0d2774.cloudfront.net (CloudFront), 1.1 dc01b6e587f452ad6063c93841e9d51e.cloudfront.net (CloudFront)
last-modified: Thu, 18 Jan 2024 20:22:23 GMT
server: AmazonS3
x-amz-cf-pop: CMH68-P5, ORD51-C4
age: 3314
x-amz-server-side-encryption: AES256
etag: W/"60bfb96bc5dd4ca3429ef2f4df9e17d2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: XjyzOpnrF1O9isdF9uLg5YSWtwiy77Oycl3cyxN9iQw_LBZoQcF1KA==

GET
H2

200

cks Show response
cks.connatix.com/
Redirect Chain

https://ssum.casalemedia.com/usermatchredir?s=190549&cb=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D17%26ev%3D076a9af4d5c64d8284d39497d10e07ed%26pname%3DIndex%26api-tier%3D2%26uid%3D&gdpr=0
https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D17%26ev%3D076a9af4d5c64d8284d39497d10e07ed%26pname%3DIndex%26api-tier%3D2%26uid%3D&gdpr=0&s=190549&C=1
https://cks.connatix.com/cks?pid=17&ev=076a9af4d5c64d8284d39497d10e07ed&pname=Index&api-tier=2&uid=ZaytV7uxp02H0t2A2ZdSFgAA%261458

139 B
157 B

85ms
59ms

Script
application/javascript

172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cks.connatix.com/cks?pid=17&ev=076a9af4d5c64d8284d39497d10e07ed&pname=Index&api-tier=2&uid=ZaytV7uxp02H0t2A2ZdSFgAA%261458
Requested by: Host: blank
URL: about:blank
Protocol: H2
Server: 172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16a1f3065639c7c55d55f3bed97458f596084096c2b64e8d68e5630e09169c00

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.efh.reu.temporary.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 05:36:23 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 848d33014f934219-EWR
alt-svc: h3=":443"; ma=86400

Redirect headers

pragma: no-cache
date: Sun, 21 Jan 2024 05:36:23 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AhNj8bSq2hhGg%2FNVOQzPMmBlW8ZZ0XMs2At4eXH5BDFzePWT53%2F4U0ukUuk9uUGc7LbRwOPVFSZSUalusyPtxUMcMq1419dEj1MIdWHkWj5Stkx8bbsnK7XkM53SIBPhlysmxKbw"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cks.connatix.com/cks?pid=17&ev=076a9af4d5c64d8284d39497d10e07ed&pname=Index&api-tier=2&uid=ZaytV7uxp02H0t2A2ZdSFgAA%261458
cache-control: no-cache
cf-ray: 848d3300bf8d432c-EWR
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2

200

cks Show response
cks.connatix.com/
Redirect Chain

https://match.prod.bidr.io/cookie-sync/connatix?redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D15%26ev%3D076a9af4d5c64d8284d39497d10e07ed%26pname%3DBeeswax%26api-tier%3D2%26uid%3D%7Buserid%7D&g...
https://match.prod.bidr.io/cookie-sync/connatix?redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D15%26ev%3D076a9af4d5c64d8284d39497d10e07ed%26pname%3DBeeswax%26api-tier%3D2%26uid%3D%7Buserid%7D&g...
https://cks.connatix.com/cks?pid=15&ev=076a9af4d5c64d8284d39497d10e07ed&pname=Beeswax&api-tier=2&uid=AADe4E7LWVsAABPMCBggcg&gdpr=0

132 B
151 B

60ms
60ms

Script
application/javascript

172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cks.connatix.com/cks?pid=15&ev=076a9af4d5c64d8284d39497d10e07ed&pname=Beeswax&api-tier=2&uid=AADe4E7LWVsAABPMCBggcg&gdpr=0
Requested by: Host: blank
URL: about:blank
Protocol: H2
Server: 172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70160c74e0c52cf9563c3f1cd5574ca1013a3180095001c4e61463e859b34aed

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.efh.reu.temporary.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 05:36:23 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 848d33014f984219-EWR
alt-svc: h3=":443"; ma=86400

Redirect headers

location: https://cks.connatix.com/cks?pid=15&ev=076a9af4d5c64d8284d39497d10e07ed&pname=Beeswax&api-tier=2&uid=AADe4E7LWVsAABPMCBggcg&gdpr=0
Date: Sun, 21 Jan 2024 05:36:23 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET
H2

200

cks Show response
cks.connatix.com/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=gapzaid&ttd_tpi=1&gdpr=0
https://match.adsrvr.org/track/cmb/generic?ttd_pid=gapzaid&ttd_tpi=1&gdpr=0
https://cks.connatix.com/cks?pid=19&uid=c6a72c1e-46ee-4d72-b599-6544c2deb584&ttl=1708407383

146 B
187 B

87ms
55ms

Script
application/javascript

172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cks.connatix.com/cks?pid=19&uid=c6a72c1e-46ee-4d72-b599-6544c2deb584&ttl=1708407383
Requested by: Host: blank
URL: about:blank
Protocol: H2
Server: 172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 954ae221520f07c4a9f1a3c8584b0f8747efbb2857639922f496cf3afce20761

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.efh.reu.temporary.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 05:36:23 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 848d33014f954219-EWR
alt-svc: h3=":443"; ma=86400

Redirect headers

location: https://cks.connatix.com/cks?pid=19&uid=c6a72c1e-46ee-4d72-b599-6544c2deb584&ttl=1708407383
date: Sun, 21 Jan 2024 05:36:23 GMT
server: Kestrel
content-length: 213

GET
H2

200

cks Show response
cks.connatix.com/
Redirect Chain

https://ad.turn.com/r/cs?pid=67&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D21%26ev%3D076a9af4d5c64d8284d39497d10e07ed%26pname%3DAmobee%26api-tier%3D2%26uid%3D%23USER_ID%23&gdpr=0
https://cks.connatix.com/cks?pid=21&ev=076a9af4d5c64d8284d39497d10e07ed&pname=Amobee&api-tier=2&uid=3914797552953003196

129 B
175 B

24ms
23ms

Script
application/javascript

172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cks.connatix.com/cks?pid=21&ev=076a9af4d5c64d8284d39497d10e07ed&pname=Amobee&api-tier=2&uid=3914797552953003196
Requested by: Host: blank
URL: about:blank
Protocol: H2
Server: 172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74fed6865e37a9ee8cbba5676b042d337f971226b581346cf3f218d70257c892

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.efh.reu.temporary.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 05:36:23 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 848d330318d74219-EWR
alt-svc: h3=":443"; ma=86400

Redirect headers

location: https://cks.connatix.com/cks?pid=21&ev=076a9af4d5c64d8284d39497d10e07ed&pname=Amobee&api-tier=2&uid=3914797552953003196
pragma: no-cache
date: Sun, 21 Jan 2024 05:36:23 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

cks Show response
cks.connatix.com/
Redirect Chain

https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D25%26ev%3D076a9af4d5c64d8284d39497d10e07ed%26pname%3DTripleLift%26api-tier%3D2%26uid%3D%24UID&gdpr=0
https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D25%26ev%3D076a9af4d5c64d8284d39497d10e07ed%26pname%3DTripleLift%26api-tier%3D2%26uid%...
https://cks.connatix.com/cks?pid=25&ev=076a9af4d5c64d8284d39497d10e07ed&pname=TripleLift&api-tier=2&uid=2635925714963174054035

132 B
148 B

88ms
56ms

Script
application/javascript

172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cks.connatix.com/cks?pid=25&ev=076a9af4d5c64d8284d39497d10e07ed&pname=TripleLift&api-tier=2&uid=2635925714963174054035
Requested by: Host: blank
URL: about:blank
Protocol: H2
Server: 172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 353b495fb46c69e794007a68a8a1b0e8939fdc183fa10747acebd746721be633

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.efh.reu.temporary.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 05:36:23 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 848d33014f944219-EWR
alt-svc: h3=":443"; ma=86400

Redirect headers

location: https://cks.connatix.com/cks?pid=25&ev=076a9af4d5c64d8284d39497d10e07ed&pname=TripleLift&api-tier=2&uid=2635925714963174054035
date: Sun, 21 Jan 2024 05:36:23 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

cks Show response
cks.connatix.com/
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D6%26ev%3D076a9af4d5c64d8284d39497d10e07ed%26pname%3DAppNexus%26api-tier%3D2%26uid%3D%24UID=&gdpr=0
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fcks.connatix.com%252Fcks%253Fpid%253D6%2526ev%253D076a9af4d5c64d8284d39497d10e07ed%2526pname%253DAppNexus%2526api-tier%253D2%2526uid%...
https://cks.connatix.com/cks?pid=6&ev=076a9af4d5c64d8284d39497d10e07ed&pname=AppNexus&api-tier=2&uid=8437250575464762438=&gdpr=0

129 B
147 B

101ms
59ms

Script
application/javascript

172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cks.connatix.com/cks?pid=6&ev=076a9af4d5c64d8284d39497d10e07ed&pname=AppNexus&api-tier=2&uid=8437250575464762438=&gdpr=0
Requested by: Host: blank
URL: about:blank
Protocol: H2
Server: 172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff03ca98962e47230f540b33eaa3b64e1d8893caa25ec6eab6e268bb8046a73f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.efh.reu.temporary.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 05:36:23 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 848d33014f974219-EWR
alt-svc: h3=":443"; ma=86400

Redirect headers

pragma: no-cache
date: Sun, 21 Jan 2024 05:36:23 GMT
an-x-request-uuid: c8d98b45-095f-4d2a-ac45-2565c394d477
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cks.connatix.com/cks?pid=6&ev=076a9af4d5c64d8284d39497d10e07ed&pname=AppNexus&api-tier=2&uid=8437250575464762438=&gdpr=0
x-proxy-origin: 5.181.234.134; 5.181.234.134; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel Show response
capi.connatix.com/us/
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=connatix&gdpr=0
https://sync.1rx.io/usersync2/rmpssp?sub=connatix&zcc=1&cb=1705815383479
https://ad.turn.com/r/cs?pid=45&rndcb=119468
https://sync.1rx.io/usersync/turn/3914797552953003196?dspret=1&gdpr=&gdpr_consent=&us_privacy=
https://sync.targeting.unrulymedia.com/csync/RX-f3c3cf43-28fd-49d1-94d9-197f1c9a72c2-005?redir=https%3A%2F%2Fcapi.connatix.com%2Fus%2Fpixel%3Fpuid%3DRX-f3c3cf43-28fd-49d1-94d9-197f1c9a72c2-005%26pI...
https://capi.connatix.com/us/pixel?puid=RX-f3c3cf43-28fd-49d1-94d9-197f1c9a72c2-005&pId=44

82 B
373 B

57ms
57ms

Script
image/gif

172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/us/pixel?puid=RX-f3c3cf43-28fd-49d1-94d9-197f1c9a72c2-005&pId=44
Requested by: Host: blank
URL: about:blank
Protocol: H3
Server: 172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7f28e33d6a65a4269a7f4e327a177ead60fea39cb13129a35c4b24fef84f5af

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.efh.reu.temporary.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 05:36:23 GMT
cf-cache-status: DYNAMIC
server: cloudflare
surrogate-control: no-cache, no-store, must-revalidate, max-age=0
vary: Accept-Encoding
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, max-age=0
cf-ray: 848d3303defd0f8c-EWR
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc: h3=":443"; ma=86400

Redirect headers

location: https://capi.connatix.com/us/pixel?puid=RX-f3c3cf43-28fd-49d1-94d9-197f1c9a72c2-005&pId=44
date: Sun, 21 Jan 2024 05:36:23 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RXf3c3cf4328fd49d194d9197f1c9a72c2005
content-type: text/html

GET
H3

200

pixel Show response
capi.connatix.com/us/
Redirect Chain

https://ssbsync.smartadserver.com/api/sync?callerId=6&gdpr=0&gdpr_consent=null
https://capi.connatix.com/us/pixel?puid=1694439876709839054&pId=40&gdpr=0&gdpr_consent=

82 B
373 B

37ms
37ms

Script
image/gif

172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/us/pixel?puid=1694439876709839054&pId=40&gdpr=0&gdpr_consent=
Requested by: Host: blank
URL: about:blank
Protocol: H3
Server: 172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7f28e33d6a65a4269a7f4e327a177ead60fea39cb13129a35c4b24fef84f5af

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.efh.reu.temporary.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 05:36:23 GMT
cf-cache-status: DYNAMIC
server: cloudflare
surrogate-control: no-cache, no-store, must-revalidate, max-age=0
vary: Accept-Encoding
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, max-age=0
cf-ray: 848d33049f780f8c-EWR
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc: h3=":443"; ma=86400

Redirect headers

location: https://capi.connatix.com/us/pixel?puid=1694439876709839054&pId=40&gdpr=0&gdpr_consent=
date: Sun, 21 Jan 2024 05:36:22 GMT
content-length: 0

GET multi-sync.html
secure-assets.rubiconproject.com/utils/xapi/ Frame C6DC 0
0

GET /
ssc-cms.33across.com/ps/ Frame 797A 0
0

GET user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B25E 0
0

GET
H2

200

cks Show response
cks.connatix.com/
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=561340&daaqp=1&ev=1&rurl=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D13%26ev%3D076a9af4d5c64d8284d39497d10e07ed%26pname%3DPulsePoint%26api-tier%3D2%26uid%3D%...
https://cks.connatix.com/cks?pid=13&ev=076a9af4d5c64d8284d39497d10e07ed&pname=PulsePoint&api-tier=2&uid=JJVBzd3uuKty

122 B
141 B

47ms
46ms

Script
application/javascript

172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cks.connatix.com/cks?pid=13&ev=076a9af4d5c64d8284d39497d10e07ed&pname=PulsePoint&api-tier=2&uid=JJVBzd3uuKty
Requested by: Host: blank
URL: about:blank
Protocol: H2
Server: 172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ac08dc1ba645bc6687b3c3dcfc2d6f9c69ae49f60cdf75b9808448cca027303

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.efh.reu.temporary.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 05:36:23 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 848d3302e8bb4219-EWR
alt-svc: h3=":443"; ma=86400

Redirect headers

strict-transport-security: max-age=15768000
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server: Jetty(10.0.14)
content-language: en-US
location: https://cks.connatix.com/cks?pid=13&ev=076a9af4d5c64d8284d39497d10e07ed&pname=PulsePoint&api-tier=2&uid=JJVBzd3uuKty
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-6658dc8946-9m6tl
expires: -1

GET
H2

200

cks Show response
cks.connatix.com/
Redirect Chain

https://i.ctnsnet.com/int/cm?exc=24&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D28%26ev%3D076a9af4d5c64d8284d39497d10e07ed%26pname%3DCrimtan%26api-tier%3D2%26uid%3D%5Buser_id%5D&gdpr=0
https://cks.connatix.com/cks?pid=28&ev=076a9af4d5c64d8284d39497d10e07ed&pname=Crimtan&api-tier=2&uid=cceebc444dac43a19bb99c38d8420634

142 B
155 B

24ms
23ms

Script
application/javascript

172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cks.connatix.com/cks?pid=28&ev=076a9af4d5c64d8284d39497d10e07ed&pname=Crimtan&api-tier=2&uid=cceebc444dac43a19bb99c38d8420634
Requested by: Host: blank
URL: about:blank
Protocol: H2
Server: 172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fcb3f6c07ed9dbe147fadf2c4978f60d99e4dcae71add4a45ff0ea214149de21

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.efh.reu.temporary.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 05:36:23 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 848d330318da4219-EWR
alt-svc: h3=":443"; ma=86400

Redirect headers

pragma: no-cache
date: Sun, 21 Jan 2024 05:36:22 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cks.connatix.com/cks?pid=28&ev=076a9af4d5c64d8284d39497d10e07ed&pname=Crimtan&api-tier=2&uid=cceebc444dac43a19bb99c38d8420634
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

cks Show response
cks.connatix.com/
Redirect Chain

https://csync.loopme.me/?redirect=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D18%26ev%3D076a9af4d5c64d8284d39497d10e07ed%26pname%3DLoopMe%26api-tier%3D2%26uid%3D%7Bdevice_id%7D%26pubid%3D11186&gdpr=0
https://cks.connatix.com/cks?pid=18&ev=076a9af4d5c64d8284d39497d10e07ed&pname=LoopMe&api-tier=2&uid=bb2f8f15-c7d4-42a6-84f4-cdd710dc0493&pubid=11186&gdpr=0

146 B
253 B

11ms
11ms

Script
application/javascript

172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cks.connatix.com/cks?pid=18&ev=076a9af4d5c64d8284d39497d10e07ed&pname=LoopMe&api-tier=2&uid=bb2f8f15-c7d4-42a6-84f4-cdd710dc0493&pubid=11186&gdpr=0
Requested by: Host: blank
URL: about:blank
Protocol: H3
Server: 172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb04b1f125e195455178a92371c0779910c4ab04b40e492a5b29ab501e0df3eb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.efh.reu.temporary.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 05:36:23 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 848d33039bed8c45-EWR
alt-svc: h3=":443"; ma=86400

Redirect headers

location: https://cks.connatix.com/cks?pid=18&ev=076a9af4d5c64d8284d39497d10e07ed&pname=LoopMe&api-tier=2&uid=bb2f8f15-c7d4-42a6-84f4-cdd710dc0493&pubid=11186&gdpr=0
date: Sun, 21 Jan 2024 05:36:23 GMT
server: _
content-length: 0

GET
H3

200

cks Show response
cks.connatix.com/
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=105&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D9%26ev%3D076a9af4d5c64d8284d39497d10e07ed%26pname%3DCentro%26api-tier%3D2%26uid%3D%7BuserId...
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=105&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D9%26ev%3D076a9af4d5c64d8284d39497d10e07ed%26pname%3DCentro%26api-tier%3D2%26uid%3...
https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=33839b8c-40c5-4e18-9383-3a9561269120-65acad57-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=33839b8c-40c5-4e18-9383-3a9561269120-65acad57-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=33839b8c-40c5-4e18-9383-3a9561269120-65acad57-5553&partner_url=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D9%26ev%3D076a9af...
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=33839b8c-40c5-4e18-9383-3a9561269120-65acad57-5553&partner_url=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D9%26ev%3D0...
https://cks.connatix.com/cks?pid=9&ev=076a9af4d5c64d8284d39497d10e07ed&pname=Centro&api-tier=2&uid=33839b8c-40c5-4e18-9383-3a9561269120-65acad57-5553&gdpr=0

159 B
263 B

12ms
11ms

Script
application/javascript

172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cks.connatix.com/cks?pid=9&ev=076a9af4d5c64d8284d39497d10e07ed&pname=Centro&api-tier=2&uid=33839b8c-40c5-4e18-9383-3a9561269120-65acad57-5553&gdpr=0
Requested by: Host: blank
URL: about:blank
Protocol: H3
Server: 172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aefee47e525b0e6713f1028617874d620474cbe1de8c1f89b2231b7b9b13b275

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.efh.reu.temporary.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 05:36:23 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 848d3304bcda8c45-EWR
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Sun, 21 Jan 2024 05:36:23 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://cks.connatix.com/cks?pid=9&ev=076a9af4d5c64d8284d39497d10e07ed&pname=Centro&api-tier=2&uid=33839b8c-40c5-4e18-9383-3a9561269120-65acad57-5553&gdpr=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

cks Show response
cks.connatix.com/
Redirect Chain

https://ads.yieldmo.com/pbsync?is=smartnews&redirectUri=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D39%26ev%3D076a9af4d5c64d8284d39497d10e07ed%26pname%3DYieldMo%26api-tier%3D2%26uid%3D%24UID&gdpr=0
https://cks.connatix.com/cks?pid=39&ev=076a9af4d5c64d8284d39497d10e07ed&pname=YieldMo&api-tier=2&uid=VErAKZZCCAZKm670w8ZL&gdpr=0

130 B
152 B

36ms
35ms

Script
application/javascript

172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cks.connatix.com/cks?pid=39&ev=076a9af4d5c64d8284d39497d10e07ed&pname=YieldMo&api-tier=2&uid=VErAKZZCCAZKm670w8ZL&gdpr=0
Requested by: Host: blank
URL: about:blank
Protocol: H2
Server: 172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53bca36df322fb50c0ab0f0ecb8aa1b51cb9758d4782f7db156a37068377832b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.efh.reu.temporary.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 05:36:23 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 848d3302f8c64219-EWR
alt-svc: h3=":443"; ma=86400

Redirect headers

pragma: no-cache
date: Sun, 21 Jan 2024 05:36:23 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json;charset=utf-8
location: https://cks.connatix.com/cks?pid=39&ev=076a9af4d5c64d8284d39497d10e07ed&pname=YieldMo&api-tier=2&uid=VErAKZZCCAZKm670w8ZL&gdpr=0
access-control-allow-origin: *
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 0

GET
H3

200

cks Show response
cks.connatix.com/
Redirect Chain

https://connatix-supply-partners.tremorhub.com/sync?UISCX=076a9af4d5c64d8284d39497d10e07ed&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D5%26ev%3D076a9af4d5c64d8284d39497d10e07ed%26pname%3DTel...
https://cks.connatix.com/cks?pid=5&ev=076a9af4d5c64d8284d39497d10e07ed&pname=Telaria&api-tier=2&uid=980a1963d3c14313b5432302c2529d4c

141 B
250 B

37ms
37ms

Script
application/javascript

172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cks.connatix.com/cks?pid=5&ev=076a9af4d5c64d8284d39497d10e07ed&pname=Telaria&api-tier=2&uid=980a1963d3c14313b5432302c2529d4c
Requested by: Host: blank
URL: about:blank
Protocol: H3
Server: 172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c9f5f072cd1e15188ef46c4cf068e91824e6d2c94ad1cee0d2f8cf3c24a37d8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.efh.reu.temporary.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 05:36:23 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 848d33041c5d8c45-EWR
alt-svc: h3=":443"; ma=86400

Redirect headers

location: https://cks.connatix.com/cks?pid=5&ev=076a9af4d5c64d8284d39497d10e07ed&pname=Telaria&api-tier=2&uid=980a1963d3c14313b5432302c2529d4c
date: Sun, 21 Jan 2024 05:36:23 GMT
server: nginx
content-length: 0
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'

GET
H3

200

us Show response
capi.connatix.com/core/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=3672&_fw_gdpr=0&_fw_gdpr_consent=null&gdpr=0
https://capi.connatix.com/core/us?DemandPartner=33&DemandPartnerName=FreeWheel&DemandPartnerUserId=13b49702be374658f2e74e0e56371d&_fw_gdpr=0&_fw_gdpr_consent=null&gdpr=0

0
231 B

35ms
35ms

Script
application/json

172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/core/us?DemandPartner=33&DemandPartnerName=FreeWheel&DemandPartnerUserId=13b49702be374658f2e74e0e56371d&_fw_gdpr=0&_fw_gdpr_consent=null&gdpr=0
Requested by: Host: blank
URL: about:blank
Protocol: H3
Server: 172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.efh.reu.temporary.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 05:36:24 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/json
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 848d330698cb0f8c-EWR
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length: 0
alt-svc: h3=":443"; ma=86400

Redirect headers

Pragma: no-cache
Date: Sun, 21 Jan 2024 05:36:24 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://capi.connatix.com/core/us?DemandPartner=33&DemandPartnerName=FreeWheel&DemandPartnerUserId=13b49702be374658f2e74e0e56371d&_fw_gdpr=0&_fw_gdpr_consent=null&gdpr=0
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1705815384011032-273

GET sync-iframe
cs-server-s2s.yellowblue.io/ Frame 201D 0
0

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/17331/ 39 KB
12 KB 120ms
24ms Script
text/javascript 108.156.91.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/17331/sync.min.js?gdpr=0
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/414645/402.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.91.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-91-19.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 60cafa05c97da06116c9164ae946addfe8812d8b104b0d4260cfd5e3884eeab7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.efh.reu.temporary.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 08:29:35 GMT
content-encoding: gzip
via: 1.1 f4931915c262d78fa3e94b48faa4f55a.cloudfront.net (CloudFront)
last-modified: Mon, 08 Jan 2024 10:55:10 GMT
server: AmazonS3
x-amz-cf-pop: ORD56-P1
age: 76008
x-amz-server-side-encryption: AES256
etag: W/"24dc2bbea0cff17e96e133440043ddb8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: 6BylCOmlnHlELougYtYDVzgQ26tailD4J_qcW6mQ7cJnxnQYxV-ZUw==

GET
H3

200

cks Show response
cks.connatix.com/
Redirect Chain

https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D1%26ev%3D076a9af4d5c64d8284d39497d10e07ed%26pname%3DSundaySky%26api-tier%3D2%26uid%3D%24%7Bssky_uuid%7D&gdpr=0
https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D1%26ev%3D076a9af4d5c64d8284d39497d10e07ed%26pname%3DSundaySky%26api-tier%3D2%26uid%3D%24%7Bssky_uuid%7D&gdpr...
https://cks.connatix.com/cks?pid=1&ev=076a9af4d5c64d8284d39497d10e07ed&pname=SundaySky&api-tier=2&uid=d6.47b7bf0308204c7b9842e564cadaa469

144 B
252 B

13ms
12ms

Script
application/javascript

172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cks.connatix.com/cks?pid=1&ev=076a9af4d5c64d8284d39497d10e07ed&pname=SundaySky&api-tier=2&uid=d6.47b7bf0308204c7b9842e564cadaa469
Requested by: Host: blank
URL: about:blank
Protocol: H3
Server: 172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 013bf2955a450bd88ba12b37b28803de858bb890efe31dfcd26f5f78fe9dee42

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.efh.reu.temporary.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 05:36:23 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 848d3303ac028c45-EWR
alt-svc: h3=":443"; ma=86400

Redirect headers

location: https://cks.connatix.com/cks?pid=1&ev=076a9af4d5c64d8284d39497d10e07ed&pname=SundaySky&api-tier=2&uid=d6.47b7bf0308204c7b9842e564cadaa469
date: Sun, 21 Jan 2024 05:36:23 GMT
x-content-type-options: nosniff
content-length: 0
x-frame-options: DENY

GET
H3

200

cks Show response
cks.connatix.com/
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?partner=connatix&cspid=25&append=0&cb=%24%7BADELPHIC_CACHE_BUSTER%7D&redirect=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D29%26ev%3D076a9af4d5c64...
https://cks.connatix.com/cks?pid=29&ev=076a9af4d5c64d8284d39497d10e07ed&pname=Adelphic&api-tier=2&uid=fb3ba5e4-b380-470d-b8b0-1ef547834b21

146 B
254 B

10ms
9ms

Script
application/javascript

172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cks.connatix.com/cks?pid=29&ev=076a9af4d5c64d8284d39497d10e07ed&pname=Adelphic&api-tier=2&uid=fb3ba5e4-b380-470d-b8b0-1ef547834b21
Requested by: Host: blank
URL: about:blank
Protocol: H3
Server: 172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c52c52962a52892572968513ad79c85f798dc98412557038b55e90b2d84c8fd4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.efh.reu.temporary.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 05:36:23 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 848d3303ac008c45-EWR
alt-svc: h3=":443"; ma=86400

Redirect headers

Location: https://cks.connatix.com/cks?pid=29&ev=076a9af4d5c64d8284d39497d10e07ed&pname=Adelphic&api-tier=2&uid=fb3ba5e4-b380-470d-b8b0-1ef547834b21
Date: Sun, 21 Jan 2024 05:36:23 GMT
Connection: keep-alive
X-CI-RTID: 31ac9b67-1901-42d9-9ff6-064c7a7b7ccd
Content-Length: 177
Content-Type: text/html; charset=utf-8

GET
H3

200

cks Show response
cks.connatix.com/
Redirect Chain

https://sync.resetdigital.co/csync?pid=connatix&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D35%26ev%3D076a9af4d5c64d8284d39497d10e07ed%26pname%3DResetDigital%26api-tier%3D2%26uid%3D%24USER_I...
https://cks.connatix.com/cks?pid=35&ev=076a9af4d5c64d8284d39497d10e07ed&pname=ResetDigital&api-tier=2&uid=00000129FB08FFE4

126 B
276 B

13ms
12ms

Script
application/javascript

172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cks.connatix.com/cks?pid=35&ev=076a9af4d5c64d8284d39497d10e07ed&pname=ResetDigital&api-tier=2&uid=00000129FB08FFE4
Requested by: Host: blank
URL: about:blank
Protocol: H3
Server: 172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b4d301e9cbbb78e53fa36500fe278fd6d12386ac54d95f3c62c155fbd9e0c61

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.efh.reu.temporary.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 05:36:23 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 848d33037bc58c45-EWR
alt-svc: h3=":443"; ma=86400

Redirect headers

location: https://cks.connatix.com/cks?pid=35&ev=076a9af4d5c64d8284d39497d10e07ed&pname=ResetDigital&api-tier=2&uid=00000129FB08FFE4
date: Sun, 21 Jan 2024 05:36:23 GMT
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
content-length: 0
content-type: text/html

GET
H3

200

cks Show response
cks.connatix.com/
Redirect Chain

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D43%26ev%3D076a9af4d5c64d8284d39497d10e07ed%26pname%3DSonobi%26api-tier%3D2%26uid%3D%5BUID%5D&gdpr=0
https://cks.connatix.com/cks?pid=43&ev=076a9af4d5c64d8284d39497d10e07ed&pname=Sonobi&api-tier=2&uid=8e63b9a4-3de5-45a7-a4b0-a38aa6084b8d

146 B
254 B

17ms
17ms

Script
application/javascript

172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cks.connatix.com/cks?pid=43&ev=076a9af4d5c64d8284d39497d10e07ed&pname=Sonobi&api-tier=2&uid=8e63b9a4-3de5-45a7-a4b0-a38aa6084b8d
Requested by: Host: blank
URL: about:blank
Protocol: H3
Server: 172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41ac283d876f6bbb5f523993efb18709710c602fd2ad2c9bd3a99011f354e73a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.efh.reu.temporary.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 05:36:23 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 848d3305adb08c45-EWR
alt-svc: h3=":443"; ma=86400

Redirect headers

pragma: no-cache
date: Sun, 21 Jan 2024 05:36:23 GMT
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-5-185
content-type: text/plain; charset=utf8
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cks.connatix.com/cks?pid=43&ev=076a9af4d5c64d8284d39497d10e07ed&pname=Sonobi&api-tier=2&uid=8e63b9a4-3de5-45a7-a4b0-a38aa6084b8d
cache-control: no-cache, no-store, private
tcn: Choice
content-length: 0
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 400 v1
match.sharethrough.com/universal/ 0
0 64ms
9ms Script
text/plain 3.91.113.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://match.sharethrough.com/universal/v1?supply_id=WIMKYDH0&gdpr=0&gdpr_consent=null&redirectUri=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d45%26ev%3d076a9af4d5c64d8284d39497d10e07ed%26pname%3dSharethrough%26api-tier%3d2%26uid%3d%7BUSER_ID%7D
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/414645/402.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.113.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-113-229.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.efh.reu.temporary.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 05:36:23 GMT
content-length: 0

GET
H/1.1 200
OK psync Show response
xsync.iqzone.com/ 42 B
748 B 134ms
86ms Script
image/gif 142.234.204.77
LEASEWEB-USA-NYC

General

Check archive.org

Show headers Download Go to

Full URL: https://xsync.iqzone.com/psync?t=s&e=376&cb=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D42%26ev%3D076a9af4d5c64d8284d39497d10e07ed%26pname%3DIqZone%26api-tier%3D2%26uid%3D%25USER_ID%25&gdpr=0
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/414645/402.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 142.234.204.77 Edison, United States, ASN396362 (LEASEWEB-USA-NYC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.efh.reu.temporary.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 05:36:23 GMT
Server: nginx
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET,POST,PUT,HEAD,DELETE,OPTIONS, GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true, true
Connection: keep-alive
Access-Control-Allow-Headers: content-Type,x-requested-with, DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET cm
us-u.openx.net/w/1.0/ Frame 2C39 0
0

GET cksync
cs.media.net/ Frame 2C39 0
0

GET 712202.gif
id.rlcdn.com/ Frame 2C39 0
0

GET

pixel
cm.g.doubleclick.net/ Frame 2C39
Redirect Chain

https://capi.connatix.com/us/google/pixel?tier=2&gdpr=0
https://cm.g.doubleclick.net/pixel?google_nid=connatix&google_hm=MDc2YTlhZjRkNWM2NGQ4Mjg0ZDM5NDk3ZDEwZTA3ZWQ&extra1=076a9af4d5c64d8284d39497d10e07ed&gdpr=0&google_redir=https%3a%2f%2fcapi.connatix....

0
0

GET 1a1c07e870d45c05896c3f9e9973d4b4.gif
sync.colossusssp.com/ Frame 2C39 0
0

GET ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 2C39 0
0

GET 81549
i.liadm.com/s/ Frame 2C39 0
0

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 97 KB
29 KB 94ms
94ms Script
text/javascript 172.217.165.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cds.connatix.com
URL: https://cds.connatix.com/p/414645/connatix.playspace.js?cid=0198ffcd-51a5-4cac-8aa2-dddf686db8f2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.165.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lax30s03-in-f2.1e100.net

Software

cafe /

Resource Hash

dfd786b6a7a3b241dfaa8fa6312de70124a65a222bf5adf43252e2b01a74e85c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.efh.reu.temporary.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 05:36:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29366
x-xss-protection: 0
server: cafe
etag: 968 / 19743 / m202401160101 / config-hash: 15866861927224639442
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 21 Jan 2024 05:36:22 GMT

GET ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 2C39 0
0

GET 653999a7-3276-482a-b8a4-f56e45d1a648.bin
vid.connatix.com/pid-97b20ebe-d667-486d-9ec2-c89bf5471831/6976b8e2-04d0-4665-b434-387622f21003/ Frame 2C39 0
0

GET
H2 200 hadron.json Show response
id.hadron.ad.gt/v1/ 94 B
283 B 15ms
13ms XHR
application/json 104.22.5.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=freestar&partner_id=474&sync=0&domain=&url=https://www.efh.reu.temporary.site/
Requested by: Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.efh.reu.temporary.site%2F&ref=&_it=freestar&partner_id=474&ha=_hadron
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.5.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5247b523d51393a9d94ef9e169156c5d782a7009fc3db61195ee5a8d780f10d

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 21 Jan 2024 05:36:23 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: private,max-age=30
access-control-allow-credentials: true
debug: NON-OPTIONS
access-control-allow-headers: authorization
cf-ray: 848d33037db55e71-EWR

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 222ms
126ms XHR
application/javascript 52.85.249.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.249.178 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-249-178.ord51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 05:36:24 GMT
x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 6713d1da0c4ef6b06c1b7602b567d76a.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD51-C4
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: Zu9XnRKXO9Wn9NqReMm5tMPPzCTIc9Uvf08Ev4vxAvfXkSuiYnZSvA==

OPTIONS
H2 200 hadron.json
id.hadron.ad.gt/v1/ Frame 0
0 384ms
33ms Preflight
application/json 104.22.5.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=freestar&partner_id=474&sync=0&domain=&url=https://www.efh.reu.temporary.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.5.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.efh.reu.temporary.site
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin: *
allow: POST, OPTIONS, GET
cache-control: max-age=31536000 public, no-transform
cf-cache-status: DYNAMIC
cf-ray: 848d33034d845e71-EWR
content-length: 0
content-type: application/json
date: Sun, 21 Jan 2024 05:36:23 GMT
debug: OPTIONS block
expires: Mon, 20 Jan 2025 05:36:23 GMT
server: cloudflare

GET
H2 204 state Show response
api.btloader.com/mw/ 0
101 B 77ms
45ms Fetch 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/mw/state?bt_env=prod
Requested by: Host: freestar-io.videoplayerhub.com
URL: https://freestar-io.videoplayerhub.com/gallery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 21 Jan 2024 05:36:23 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

GET
H2 200 px.gif
ad-delivery.net/ 43 B
903 B 401ms
35ms Image
image/gif 104.26.2.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: blank
URL: about:blank
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.2.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 05:36:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1717056
x-guploader-uploadid: ABPtcPpNNajJRSFwM_0C3hYzCNCujkAURVj2eJaHaN1pvAL62OV4Db0k-n6McK_DMWi8P7kNfg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1WyFji1izL663%2Fh5D7HvGRoW8bqt%2FkODzg5vabtwhLR84xujJGJ5DROPNmrH%2FqydY038xxpRz6xS%2BPR7lT08VDDOYCLHjgTLFFwvggFi%2BQoQcDiIj8XW138a4H3UpR8wfw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 848d33060a625e7c-EWR
expires: Mon, 01 Jan 2024 09:22:06 GMT

GET
H2 200 favicon.ico
ad.doubleclick.net/ 1 KB
571 B 96ms
41ms Image
image/x-icon 142.251.40.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: blank
URL: about:blank

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 20:06:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34221
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 21 Jan 2024 20:06:02 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
326 B 351ms
36ms Image
image/gif 104.26.2.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.36057945939040437
Requested by: Host: blank
URL: about:blank
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.2.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 05:36:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1717056
x-guploader-uploadid: ABPtcPpNNajJRSFwM_0C3hYzCNCujkAURVj2eJaHaN1pvAL62OV4Db0k-n6McK_DMWi8P7kNfg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fqzEzBwLjXuxPANAtzBuGVEwLTFibhZ64vxEU5hCVVwBdkNikV4r%2BEYIangTmKP51yV9pygJF5ifjf76PEehHTy%2BF7e%2FC8Z7rPFGVThAq236csJgbSUx120J5yx1T7zdaA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 848d33060a645e7c-EWR
expires: Mon, 01 Jan 2024 09:22:06 GMT

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 235 B
619 B 77ms
64ms XHR
application/json 52.21.39.178
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/17331/sync.min.js?gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.39.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-39-178.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: a8fe5e6d907761f7ba03cb9bb26b2e6ded8eb4e7f818e8b0a95a0652c06aa52c

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 05:36:23 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.efh.reu.temporary.site
cache-control: no-cache
x-server: 10.40.9.196
access-control-allow-credentials: true
content-length: 235
expires: 0

GET
H2 200 px.gif
merequartz.com/aadetect/ 42 B
99 B 99ms
25ms Image
image/gif 2600:1901:0:2b56::1
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://merequartz.com/aadetect/px.gif?ch=2&rn=85429

Requested by

Host: blank
URL: about:blank

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:2b56::1 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
date: Sun, 21 Jan 2024 05:36:27 GMT
via: 1.1 google
last-modified: Wed, 03 Jan 2024 04:51:36 GMT
x-datacenter: gce-us-east1
x-buildname: hoothoot
vary: Accept-Encoding
x-hostname: fen-hoothoot-us-east1-hv4z
content-type: image/gif
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-buildnumber: 1072352451

GET
H2 200 px.gif
merequartz.com/aadetect/ 42 B
322 B 97ms
23ms Image
image/gif 2600:1901:0:2b56::1
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://merequartz.com/aadetect/px.gif?ch=1&rn=85429

Requested by

Host: blank
URL: about:blank

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:2b56::1 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
date: Sun, 21 Jan 2024 05:36:27 GMT
via: 1.1 google
last-modified: Wed, 03 Jan 2024 04:51:36 GMT
x-datacenter: gce-us-east1
x-buildname: hoothoot
vary: Accept-Encoding
x-hostname: fen-hoothoot-us-east1-hv4z
content-type: image/gif
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-buildnumber: 1072352451

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: 839247932432.com
URL: https://839247932432.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2

Domain: 839247932432.com
URL: https://839247932432.com/wp-content/themes/thoughtnova/style.css?ver=6.4.2

Domain: 839247932432.com
URL: https://839247932432.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Domain: 839247932432.com
URL: https://839247932432.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Domain: 839247932432.com
URL: https://839247932432.com/wp-content/uploads/2023/05/Thoughtnova-Logo.svg

Domain: 839247932432.com
URL: https://839247932432.com/wp-content/uploads/2022/09/245189507-159050509758482-5314915735549354309-n-e1648625640851.jpg

Domain: 839247932432.com
URL: https://839247932432.com/wp-content/uploads/2022/09/Copy-of-THOUGHTNOVA-2000x1300-10-1-2-1536x998-1.jpg

Domain: 839247932432.com
URL: https://839247932432.com/wp-content/uploads/2022/09/29d1f8596f924156b1d298a1276d2dfe-2048x1152-1.jpg

Domain: 839247932432.com
URL: https://839247932432.com/wp-content/uploads/2022/09/Screenshot-2022-09-27-at-21.26.50.png

Domain: 839247932432.com
URL: https://839247932432.com/wp-content/uploads/2022/09/E0C409C5-9F6F-459E-B0C7-17E81C3D167B-1.png

Domain: 839247932432.com
URL: https://839247932432.com/wp-content/uploads/2022/05/Pirates-of-the-Caribbean-2.jpg

Domain: 839247932432.com
URL: https://839247932432.com/wp-content/uploads/2022/03/oarfish-1-2019-07-01.jpg

Domain: 839247932432.com
URL: https://839247932432.com/wp-content/uploads/2022/03/1232.jpeg

Domain: 839247932432.com
URL: https://839247932432.com/wp-content/uploads/2022/03/Copy-of-THOUGHTNOVA-2000x1300-2-1-11-1500x975-1-1.jpeg

Domain: 839247932432.com
URL: https://839247932432.com/wp-content/uploads/2022/03/Crystal-skull-british-museum-random9834672-1.jpeg

Domain: 839247932432.com
URL: https://839247932432.com/wp-content/uploads/2022/03/longo.jpeg

Domain: 839247932432.com
URL: https://839247932432.com/wp-content/uploads/2022/03/Steve_Paul_Jobs_and_his_Apple_iphone4_1920x1440.jpg

Domain: 839247932432.com
URL: https://839247932432.com/wp-content/uploads/2022/03/11.jpeg

Domain: 839247932432.com
URL: https://839247932432.com/wp-content/uploads/2022/03/D-TdzDqjsOEsfCmh7VkMeUEogvGfzawSRYqA3Cq-wH0.jpg

Domain: 839247932432.com
URL: https://839247932432.com/wp-content/uploads/2022/03/Baker-FightClub.jpg

Domain: 839247932432.com
URL: https://839247932432.com/wp-content/uploads/2022/03/DfB4P55W4AArtJ5.jpg

Domain: 839247932432.com
URL: https://839247932432.com/wp-content/uploads/2022/03/xlarge-3.jpeg

Domain: 839247932432.com
URL: https://839247932432.com/wp-content/uploads/2022/03/travel-worms-pinching-bot-flies-and-joys-of-travel.jpg

Domain: 839247932432.com
URL: https://839247932432.com/wp-content/uploads/2022/03/324234-1500x996-1.jpg

Domain: 839247932432.com
URL: https://839247932432.com/wp-content/uploads/2022/03/82a6f94dd236b43255e5d4ca3833cfea.jpg

Domain: 839247932432.com
URL: https://839247932432.com/wp-content/uploads/2022/03/E4BMaWBVUAI9Pg-.jpg

Domain: 839247932432.com
URL: https://839247932432.com/wp-content/uploads/2022/03/NINTCHDBPICT000507887285-1.jpg

Domain: 839247932432.com
URL: https://839247932432.com/wp-content/uploads/2022/03/f1280x720-18976-150651-5050.jpg

Domain: 839247932432.com
URL: https://839247932432.com/wp-content/uploads/2022/03/hannibal-2001-03-g.jpg

Domain: 839247932432.com
URL: https://839247932432.com/wp-content/uploads/2022/03/dunyanin-en-guzel-kizi-thylane-blondeau-buyudu-12405265_7065_amp.jpg

Domain: 839247932432.com
URL: https://839247932432.com/wp-content/uploads/2022/03/ap22055857029205-wide-734eb7be5357c6d8600e84f43508c867310701c4.jpg

Domain: 839247932432.com
URL: https://839247932432.com/wp-content/uploads/2022/03/257349831_431408061907565_6726309771390300185_n.jpg

Domain: 839247932432.com
URL: https://839247932432.com/wp-content/uploads/2022/03/f.elconfidencial.com_original_7e3_488_aad_7e3488aad26e671622f7f830eafb5ef5.jpg

Domain: 839247932432.com
URL: https://839247932432.com/wp-content/uploads/2022/03/resize.jpg

Domain: 839247932432.com
URL: https://839247932432.com/wp-content/themes/thoughtnova/index.min.js?ver=1705815381

Domain: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/N2Y3kAfxwVJnx/www.efh.reu.temporary.site/choice.js

Domain: 839247932432.com
URL: https://839247932432.com/wp-content/uploads/2023/05/Thoughtnova-Logo.svg

Domain: 839247932432.com
URL: https://839247932432.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2

Domain: secure-assets.rubiconproject.com
URL: https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=19564_2&endpoint=us-east&gdpr=0

Domain: ssc-cms.33across.com
URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00002y7TWTAA2&ru=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D37%26UserId%3D076a9af4d5c64d8284d39497d10e07ed%26DemandPartnerName%3D_33Across%26tier%3D2%26DemandPartnerUserId%3D33XUSERID33X&gdpr=0

Domain: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156592&predirect=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3D076a9af4d5c64d8284d39497d10e07ed%26DemandPartnerName%3DPubmatic%26tier%3D2%26DemandPartnerUserId%3D&gdpr=0

Domain: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr={gdpr}&gdpr_consent={gdpr_consent}&redirect=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d24%26ev%3d076a9af4d5c64d8284d39497d10e07ed%26pname%3dIronSource%26api-tier%3d2%26uid%3d{partnerId}%26direct%3D1

Domain: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=7cf4c6c4-b915-4cbd-83cc-28c0f662a829&ph=51e220cb-8c97-4a65-b047-91c933b79b78&r=https%3a%2f%2fcapi.connatix.com%2fcore%2fus%3fDemandPartner%3d8%26UserId%3d076a9af4d5c64d8284d39497d10e07ed%26DemandPartnerName%3dOpenX%26tier%3d2%26DemandPartnerUserId%3d

Domain: cs.media.net
URL: https://cs.media.net/cksync?cs=37&type=cn&redirect=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D31%26UserId%3D076a9af4d5c64d8284d39497d10e07ed%26DemandPartnerName%3DMediaNet%26tier%3D2%26DemandPartnerUserId%3D%3Cvsid%3E&gdpr=0

Domain: id.rlcdn.com
URL: https://id.rlcdn.com/712202.gif?cparams=076a9af4d5c64d8284d39497d10e07ed&gdpr=0

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=connatix&google_hm=MDc2YTlhZjRkNWM2NGQ4Mjg0ZDM5NDk3ZDEwZTA3ZWQ&extra1=076a9af4d5c64d8284d39497d10e07ed&gdpr=0&google_redir=https%3a%2f%2fcapi.connatix.com%2fus%2fgoogle%2freport

Domain: sync.colossusssp.com
URL: https://sync.colossusssp.com/1a1c07e870d45c05896c3f9e9973d4b4.gif?puid=076a9af4d5c64d8284d39497d10e07ed&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D34%26ev%3D076a9af4d5c64d8284d39497d10e07ed%26pname%3DColossus%26api-tier%3D2%26uid%3D%5BUID%5D&gdpr=0

Domain: sync.intentiq.com
URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=372401555&pcid=076a9af4d5c64d8284d39497d10e07ed

Domain: i.liadm.com
URL: https://i.liadm.com/s/81549?bidder_id=246480&bidder_uuid=076a9af4d5c64d8284d39497d10e07ed

Domain: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Domain: vid.connatix.com
URL: https://vid.connatix.com/pid-97b20ebe-d667-486d-9ec2-c89bf5471831/6976b8e2-04d0-4665-b434-387622f21003/653999a7-3276-482a-b8a4-f56e45d1a648.bin

Verdicts & Comments Add Verdict or Comment

185 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

50 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.pub.network/	1970-01-21 03:26:15	Name: _fsuid Value: c5d31564-d6a4-4e64-9252-df949255f6e9
.connatix.com/	1970-01-20 18:33:27	Name: cnx_userId Value: 076a9af4d5c64d8284d39497d10e07ed
.nitropay.com/	1970-01-20 17:50:17	Name: __cf_bm Value: hgRQtWdsw82rkle.7qs62ZKUZ0lsFj1S1M.rHvEyLLw-1705815382-1-ATXZw6tIyvICpcMY34gLf+/qfUzWDgw5AyqIUWWG+4xOauJ66PeemBtIzdfPXrnt6OUVxKZClM6/tgt7pxVxEtA=
www.efh.reu.temporary.site/	1970-01-20 18:33:27	Name: cnx_userId Value: 076a9af4d5c64d8284d39497d10e07ed
.adnxs.com/	1970-01-20 19:59:51	Name: uuid2 Value: 8437250575464762438
.adsrvr.org/	1970-01-21 02:37:17	Name: TDID Value: c6a72c1e-46ee-4d72-b599-6544c2deb584
.3lift.com/	1970-01-20 19:59:51	Name: tluid Value: 2635925714963174054035
www.efh.reu.temporary.site/	1970-01-21 02:35:51	Name: uid-s Value: 1c633b9-b25b-4a6c-a473-d00cf804ea97
www.efh.reu.temporary.site/	1970-01-20 18:00:20	Name: vuukle_geo_region Value: {%22country_code%22:%22US%22%2C%22region%22:%22New%20York%22%2C%22os%22:%22Windows%22%2C%22device%22:%22Desktop%22%2C%22browser%22:%22Chrome%22}
.casalemedia.com/	1970-01-21 02:35:51	Name: CMID Value: ZaytV7uxp02H0t2A2ZdSFgAA
.casalemedia.com/	1970-01-20 19:59:51	Name: CMPS Value: 1458
.casalemedia.com/	1970-01-20 19:59:51	Name: CMPRO Value: 1458
.adnxs.com/	1970-01-21 03:26:15	Name: XANDR_PANID Value: XfpdQD5wwu7c3kjEzs5iJ6XeXd_UHlaXwO2PAO6VjydgEfhxYVOddAOUQ_4U2ypBTXnv0wJbeJ5sY3Hvzxheoq7YmDrimT9RPhLpYrZrzQg.
.adsrvr.org/	1970-01-21 02:37:17	Name: TDCPM Value: CAEYBSABKAIyCwjWoaamtJPNPBAFOAE.
.bidr.io/	1970-01-21 03:18:45	Name: bito Value: AADe4E7LWVsAABPMCBggcg
.bidr.io/	1970-01-21 03:18:45	Name: bitoIsSecure Value: ok
.contextweb.com/	1970-01-21 02:28:39	Name: V Value: JJVBzd3uuKty
.contextweb.com/	1970-01-21 02:35:51	Name: pb_rtb_ev Value: 3-1p8o\|7Xz.0.1
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: e2cd981e6cac0acd
.sitescout.com/	1970-01-21 02:35:51	Name: ssi Value: 33839b8c-40c5-4e18-9383-3a9561269120#1705815383483
.yieldmo.com/	1970-01-21 02:35:51	Name: yieldmo_id Value: VErAKZZCCAZKm670w8ZL%7C1705795200000%7C0
.turn.com/	1970-01-20 22:09:27	Name: uid Value: 3914797552953003196
.ctnsnet.com/	1970-01-21 02:35:51	Name: cid_cceebc444dac43a19bb99c38d8420634 Value: 1
.sitescout.com/	1970-01-20 18:33:27	Name: _ssuma Value: eyIzOSI6MTcwNTgxNTM4MzUxNiwiNyI6MTcwNTgxNTM4MzUxNiwiNjEiOjE3MDU4MTUzODM1MTZ9
.resetdigital.co/	1970-01-20 19:59:51	Name: ckbk Value: 00000129FB08FFE4
.1rx.io/	1970-01-21 02:35:51	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-f3c3cf43-28fd-49d1-94d9-197f1c9a72c2-005%22%2C%22nxtrdr%22%3Afalse%7D
.sundaysky.com/	1970-01-21 03:26:15	Name: sskyu Value: d6.47b7bf0308204c7b9842e564cadaa469
.sundaysky.com/	1970-01-21 03:26:15	Name: sskyCreationTime Value: 1705815383603
.csync.loopme.me/	1970-01-20 20:01:17	Name: viewer_token Value: bb2f8f15-c7d4-42a6-84f4-cdd710dc0493
.ipredictive.com/	1970-01-21 02:35:51	Name: cu Value: fb3ba5e4-b380-470d-b8b0-1ef547834b21\|1705815383610
.sundaysky.com/	1970-01-20 18:00:20	Name: sskya Value: "e2N4Ont0czoiNDdja3duIix0OiJuaSJ9fQ=="
.targeting.unrulymedia.com/	1970-01-21 02:35:51	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-f3c3cf43-28fd-49d1-94d9-197f1c9a72c2-005%22%7D
.crwdcntrl.net/	1970-01-21 00:19:01	Name: _cc_dc Value: 0
.crwdcntrl.net/	1970-01-21 00:19:01	Name: _cc_id Value: 3ef2de61cf90cda308d81083fddb655d
.crwdcntrl.net/	1970-01-21 00:19:03	Name: _cc_cc Value: "ACZ4XmNQME5NM0pJNTNMTrM0SE5JNDawSLEwNLAwTktJSTIzNU1hAILUNWvDQTQUAABwEwuH"
.crwdcntrl.net/	1970-01-21 00:19:03	Name: _cc_aud Value: "ABR4XmNgYGBIXbM2HEhBAQAaLQIW"
.tremorhub.com/	1970-01-21 02:36:12	Name: tvid Value: 980a1963d3c14313b5432302c2529d4c
.tremorhub.com/	1970-01-21 03:26:15	Name: tv_UISCX Value: 076a9af4d5c64d8284d39497d10e07ed
.tapad.com/	1970-01-20 19:16:39	Name: TapAd_TS Value: 1705815383693
.tapad.com/	1970-01-20 19:16:39	Name: TapAd_DID Value: 815d6d53-0cb4-4079-a474-3d53698121af
.iqzone.com/	1970-01-21 02:35:51	Name: xuid Value: 9f267dfe-1201-4ce0-b9b3-92187a7bfae0
.smartadserver.com/	1970-01-21 03:20:29	Name: pid Value: 1694439876709839054
.temporary.site/	1970-01-21 00:19:03	Name: _cc_id Value: 3ef2de61cf90cda308d81083fddb655d
.temporary.site/	1970-01-20 17:51:41	Name: panoramaId_expiry Value: 1705901783708
.temporary.site/	1970-01-20 17:51:41	Name: panoramaId Value: 57a5ee74b533eb37e91ac04bcc88a9fb927ada1c7075e42ef2cdf4ce4b4ab56f
.temporary.site/	1970-01-20 17:51:41	Name: panoramaIdType Value: panoDevice
.tapad.com/	1970-01-20 19:16:39	Name: TapAd_3WAY_SYNCS Value:
.go.sonobi.com/	1970-01-20 18:33:27	Name: __uis Value: 8e63b9a4-3de5-45a7-a4b0-a38aa6084b8d
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8G Value: s85185\|ZaytW
.ads.stickyadstv.com/	1970-01-20 18:33:27	Name: UID Value: 13b49702be374658f2e74e0e56371d

45 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://839247932432.com/wp-content/themes/thoughtnova/style.css?ver=6.4.2 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://839247932432.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://839247932432.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://839247932432.com/wp-content/uploads/2023/05/Thoughtnova-Logo.svg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://839247932432.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://839247932432.com/wp-content/uploads/2022/09/245189507-159050509758482-5314915735549354309-n-e1648625640851.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://839247932432.com/wp-content/uploads/2022/09/29d1f8596f924156b1d298a1276d2dfe-2048x1152-1.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://839247932432.com/wp-content/uploads/2022/09/Copy-of-THOUGHTNOVA-2000x1300-10-1-2-1536x998-1.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://839247932432.com/wp-content/themes/thoughtnova/index.min.js?ver=1705815381 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://839247932432.com/wp-content/uploads/2022/09/Screenshot-2022-09-27-at-21.26.50.png Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://839247932432.com/wp-content/uploads/2022/09/E0C409C5-9F6F-459E-B0C7-17E81C3D167B-1.png Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://839247932432.com/wp-content/uploads/2022/03/oarfish-1-2019-07-01.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://839247932432.com/wp-content/uploads/2022/05/Pirates-of-the-Caribbean-2.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://839247932432.com/wp-content/uploads/2022/03/1232.jpeg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://839247932432.com/wp-content/uploads/2022/03/Copy-of-THOUGHTNOVA-2000x1300-2-1-11-1500x975-1-1.jpeg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://839247932432.com/wp-content/uploads/2022/03/Crystal-skull-british-museum-random9834672-1.jpeg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://839247932432.com/wp-content/uploads/2022/03/longo.jpeg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://839247932432.com/wp-content/uploads/2022/03/Steve_Paul_Jobs_and_his_Apple_iphone4_1920x1440.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://839247932432.com/wp-content/uploads/2022/03/11.jpeg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://839247932432.com/wp-content/uploads/2022/03/D-TdzDqjsOEsfCmh7VkMeUEogvGfzawSRYqA3Cq-wH0.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://839247932432.com/wp-content/uploads/2022/03/Baker-FightClub.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://839247932432.com/wp-content/uploads/2022/03/xlarge-3.jpeg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://839247932432.com/wp-content/uploads/2022/03/DfB4P55W4AArtJ5.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://839247932432.com/wp-content/uploads/2022/03/travel-worms-pinching-bot-flies-and-joys-of-travel.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://839247932432.com/wp-content/uploads/2022/03/324234-1500x996-1.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://839247932432.com/wp-content/uploads/2022/03/82a6f94dd236b43255e5d4ca3833cfea.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://839247932432.com/wp-content/uploads/2022/03/E4BMaWBVUAI9Pg-.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://839247932432.com/wp-content/uploads/2022/03/NINTCHDBPICT000507887285-1.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://839247932432.com/wp-content/uploads/2022/03/f1280x720-18976-150651-5050.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://839247932432.com/wp-content/uploads/2022/03/257349831_431408061907565_6726309771390300185_n.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://839247932432.com/wp-content/uploads/2022/03/ap22055857029205-wide-734eb7be5357c6d8600e84f43508c867310701c4.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://839247932432.com/wp-content/uploads/2022/03/hannibal-2001-03-g.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://839247932432.com/wp-content/uploads/2022/03/dunyanin-en-guzel-kizi-thylane-blondeau-buyudu-12405265_7065_amp.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://839247932432.com/wp-content/uploads/2022/03/resize.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://839247932432.com/wp-content/uploads/2022/03/f.elconfidencial.com_original_7e3_488_aad_7e3488aad26e671622f7f830eafb5ef5.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://839247932432.com/wp-content/uploads/2023/05/Thoughtnova-Logo.svg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://quantcast.mgr.consensu.org/choice/N2Y3kAfxwVJnx/www.efh.reu.temporary.site/choice.js Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://839247932432.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://www.googletagmanager.com/gtag/js?id=G-BZKT0097MT&l=dataLayer&cx=c Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://s.nitropay.com/ads-1228.js Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://cdn.vuukle.com/domain-configs/efh.reu.temporary.site.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://match.sharethrough.com/universal/v1?supply_id=WIMKYDH0&gdpr=0&gdpr_consent=null&redirectUri=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d45%26ev%3d076a9af4d5c64d8284d39497d10e07ed%26pname%3dSharethrough%26api-tier%3d2%26uid%3d%7BUSER_ID%7D Message: Failed to load resource: the server responded with a status of 400 ()
security	error	URL: about:blank Message: Refused to execute script from 'https://capi.connatix.com/us/pixel?puid=RX-f3c3cf43-28fd-49d1-94d9-197f1c9a72c2-005&pId=44' because its MIME type ('image/gif') is not executable.
security	error	URL: about:blank Message: Refused to execute script from 'https://xsync.iqzone.com/psync?t=s&e=376&cb=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D42%26ev%3D076a9af4d5c64d8284d39497d10e07ed%26pname%3DIqZone%26api-tier%3D2%26uid%3D%25USER_ID%25&gdpr=0' because its MIME type ('image/gif') is not executable.
security	error	URL: about:blank Message: Refused to execute script from 'https://capi.connatix.com/us/pixel?puid=1694439876709839054&pId=40&gdpr=0&gdpr_consent=' because its MIME type ('image/gif') is not executable.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

839247932432.com
a.pub.network
ad-delivery.net
ad.doubleclick.net
ad.turn.com
ads.pubmatic.com
ads.stickyadstv.com
ads.yieldmo.com
ajax.googleapis.com
api.btloader.com
api.vuukle.com
bcp.crwdcntrl.net
bh.contextweb.com
btloader.com
c.amazon-adsystem.com
capi.connatix.com
cd.connatix.com
cdn.confiant-integrations.net
cdn.hadronid.net
cdn.vuukle.com
cds.connatix.com
cks.connatix.com
cm.g.doubleclick.net
connatix-supply-partners.tremorhub.com
cs-server-s2s.yellowblue.io
cs.media.net
csync.loopme.me
d.pub.network
eb2.3lift.com
freestar-io.videoplayerhub.com
functionalfeather.com
i.ctnsnet.com
i.liadm.com
id.hadron.ad.gt
id.rlcdn.com
imasdk.googleapis.com
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
merequartz.com
optimise.net
pixel-sync.sitescout.com
pixel.tapad.com
quantcast.mgr.consensu.org
s.nitropay.com
sb.scorecardresearch.com
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
ssc-cms.33across.com
ssum.casalemedia.com
static.adsafeprotected.com
sync.1rx.io
sync.colossusssp.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.intentiq.com
sync.ipredictive.com
sync.resetdigital.co
sync.targeting.unrulymedia.com
tags.crwdcntrl.net
us-u.openx.net
vid.connatix.com
vop.sundaysky.com
vuukle.com
www.efh.reu.temporary.site
www.googletagmanager.com
xsync.iqzone.com
839247932432.com
ads.pubmatic.com
cm.g.doubleclick.net
cs-server-s2s.yellowblue.io
cs.media.net
i.liadm.com
id.rlcdn.com
imasdk.googleapis.com
quantcast.mgr.consensu.org
secure-assets.rubiconproject.com
ssc-cms.33across.com
sync.colossusssp.com
sync.intentiq.com
us-u.openx.net
vid.connatix.com
104.18.21.206
104.18.3.78
104.18.36.155
104.22.5.69
104.22.53.173
104.22.60.168
104.26.2.70
108.156.91.129
108.156.91.19
130.211.23.194
142.234.204.77
142.250.64.106
142.251.40.198
142.251.41.8
15.197.193.217
159.89.252.170
172.217.165.130
172.64.144.166
172.64.146.152
172.67.22.149
172.67.41.60
172.67.74.207
192.254.190.111
198.148.27.131
207.198.113.88
216.22.16.37
2600:1901:0:2b56::1
3.162.163.24
3.222.184.97
3.91.113.229
3.94.2.72
34.110.189.112
34.111.113.62
34.111.152.239
34.160.152.31
35.186.193.173
35.214.184.99
50.116.194.21
52.21.39.178
52.223.22.214
52.85.249.178
52.86.139.62
54.157.70.26
54.85.142.143
63.251.28.234
68.67.160.132
69.166.1.66
69.194.240.13
013bf2955a450bd88ba12b37b28803de858bb890efe31dfcd26f5f78fe9dee42
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0f5cea81bb63d0214976da19bc823736066909b01efa7bf8cdb4d5de805eea93
16a1f3065639c7c55d55f3bed97458f596084096c2b64e8d68e5630e09169c00
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1d13cfeb68d1dd40526d00e29dfa3eaf1c163ad2ac341fe4dc61a3b01c5b1311
22899131dfbb5d6bab4663435711f6ab797127a8574ce301297de972f7d839da
2365cc11ef3d43f265b848c7164e5487c7a49d6af06c2938ac9272c8d91fc1a2
2b4d301e9cbbb78e53fa36500fe278fd6d12386ac54d95f3c62c155fbd9e0c61
32f26dcc56ef9afabcd944f449a1c0845493a08ecc6a90cf2893ec712abb7af7
351a3ff96b0e7de1ebf2ae5df2510e826c81d9056866e410ed37e4fb5a60c830
353b495fb46c69e794007a68a8a1b0e8939fdc183fa10747acebd746721be633
36367e0c3f5a8b490bebc5bfc526b10c7d4e4c371eb2b73d438f80f167fb9ca4
3ad4ad444ea134cce5fbadf849a968b9560551401fb570f7bfc821b43db28f1d
41ac283d876f6bbb5f523993efb18709710c602fd2ad2c9bd3a99011f354e73a
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
482f94a6b226a1ec1e468e5477b35eea7f4f271147373151c37802df2c0643e2
48c76c91f2d42a1668fee310da41b7c1f0d97d7ab0fa55fcf794e2cd3e412242
5241f0728079864ee5553634ca3a7b18fdd2cffb9bbdf1697ad083d04e31fb48
53bca36df322fb50c0ab0f0ecb8aa1b51cb9758d4782f7db156a37068377832b
57bd03de9ed940ed072b1fc5bf85a7785415c883099ea4026c791ac8ae1ab3d7
5ac8a6492de437e3dfb4b0a64fe904c55d9c7fd6245508946ff5a3591002570b
60cafa05c97da06116c9164ae946addfe8812d8b104b0d4260cfd5e3884eeab7
66db01e9328733a5f6a6bad62ab921f53837d6eb11d81a3a4995c3e747821a50
6b1e3d5de2c85985171fe6b36817b4a4bfba66c3237febb2237a5a040046dd80
6c9f5f072cd1e15188ef46c4cf068e91824e6d2c94ad1cee0d2f8cf3c24a37d8
6cc5851758ac9f463cdc2fc3f76298fe17e16d607788e6e2bf486f19288413eb
70160c74e0c52cf9563c3f1cd5574ca1013a3180095001c4e61463e859b34aed
7485e9e3647729a9f0db519614d5cb98720c4a69858b8b9f3eb4548879cf6ca3
74fed6865e37a9ee8cbba5676b042d337f971226b581346cf3f218d70257c892
75ab079e1921679417e296669209b7a773467fb4be05170cef9cc3e85fbaa52d
80c1255cfa765097014653b202ae917bddad12fef4c3f4dc58b61a345aecb770
82cc29b4ae86c6cb446ca64068bb4f6544b0997abe67d5971ef8d59e27324253
954ae221520f07c4a9f1a3c8584b0f8747efbb2857639922f496cf3afce20761
9ac08dc1ba645bc6687b3c3dcfc2d6f9c69ae49f60cdf75b9808448cca027303
9df0500fe1ceb1e22ca99448f1e8ce8731bbf3136445d1237a9545b472157bd9
9fab4bfc86d7b7ef5edd66370cba202ffdd73b138b2512b870c72d6893acc6c3
a032373dbe792beb63db5704ac86f8f6376d7210bbaa325c777bbda1e34b99df
a7f28e33d6a65a4269a7f4e327a177ead60fea39cb13129a35c4b24fef84f5af
a8fe5e6d907761f7ba03cb9bb26b2e6ded8eb4e7f818e8b0a95a0652c06aa52c
aefee47e525b0e6713f1028617874d620474cbe1de8c1f89b2231b7b9b13b275
b870779ece3da4c0f23e1942d3ee8f5ffefd8a2338f21f782336340e5a8b2fd2
c52c52962a52892572968513ad79c85f798dc98412557038b55e90b2d84c8fd4
cdd128c4cc083e7c351c2c410a066ed8e74f609610fd611ab000e4249767e952
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
dcc9deddadf835f38e3f7ef4abd99651ed6751a56b6063eeecf6416de08d0ef0
dfd786b6a7a3b241dfaa8fa6312de70124a65a222bf5adf43252e2b01a74e85c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb04b1f125e195455178a92371c0779910c4ab04b40e492a5b29ab501e0df3eb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0c1a9c4a2298fdce4e31747bcb4c2833815eb61ac645c64792cc41b11682dd0
f5247b523d51393a9d94ef9e169156c5d782a7009fc3db61195ee5a8d780f10d
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fcb3f6c07ed9dbe147fadf2c4978f60d99e4dcae71add4a45ff0ea214149de21
fe917cd13fd4d9f376fd1cfa6ee6d31d6c7a89a5e7129dc8511b6e2aec860fa1
ff03ca98962e47230f540b33eaa3b64e1d8893caa25ec6eab6e268bb8046a73f

www.efh.reu.temporary.site Open in urlscan Pro 192.254.190.111 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

121 Requests

40 %HTTPS

2 %IPv6

56 Domains

69 Subdomains

28 IPs

3 Countries

1357 kBTransfer

4941 kBSize

50 Cookies

0 Outgoing links

Redirected requests

121 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.efh.reu.temporary.site Open in urlscan Pro
192.254.190.111 Public Scan

Screenshot
Live screenshot

Full Image

121
Requests

40 %
HTTPS

2 %
IPv6

56
Domains

69
Subdomains

28
IPs

3
Countries

1357 kB
Transfer

4941 kB
Size

50
Cookies

121 HTTP transactions
0 data transactions