roomedic.com Open in urlscan Pro
166.62.77.160 Public Scan

URL:
http://roomedic.com/wp/
Submission: On July 05 via api (July 5th 2020, 7:20:32 am UTC) from TW

Summary HTTP 44 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 13 IPs in 7 countries across 19 domains to perform 44 HTTP transactions. The main IP is 166.62.77.160, located in Scottsdale, United States and belongs to AS-26496-GO-DADDY-COM-LLC, US. The main domain is roomedic.com.

This is the only time roomedic.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
14	166.62.77.160 166.62.77.160	26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC)
3	151.101.112.193 151.101.112.193	54113 (FASTLY) (FASTLY)
13	104.19.135.78 104.19.135.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
1	185.225.208.133 185.225.208.133	13213 (UK2NET-AS) (UK2NET-AS)
3	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:819::2003	15169 (GOOGLE) (GOOGLE)
1	67.202.94.86 67.202.94.86	32748 (STEADFAST) (STEADFAST)
1 2	104.111.230.142 104.111.230.142	16625 (AKAMAI-AS) (AKAMAI-AS)
3 3	188.42.191.196 188.42.191.196	7979 (SERVERS-COM) (SERVERS-COM)
5 5	52.29.180.59 52.29.180.59	16509 (AMAZON-02) (AMAZON-02)
2 2	52.208.216.178 52.208.216.178	16509 (AMAZON-02) (AMAZON-02)
2 2	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
2 2	35.212.212.222 35.212.212.222	19527 (GOOGLE-2) (GOOGLE-2)
1	23.105.245.5 23.105.245.5	7979 (SERVERS-COM) (SERVERS-COM)
1	104.16.221.74 104.16.221.74	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	138.201.86.121 138.201.86.121	24940 (HETZNER-AS) (HETZNER-AS)
1 2	64.202.112.159 64.202.112.159	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
2 2	185.184.8.30 185.184.8.30	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
44	13

14 166.62.77.160 (Scottsdale, United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: ip-166-62-77-160.ip.secureserver.net

roomedic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.112.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 104.19.135.78 (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.225.208.133 (Germany)

ASN13213 (UK2NET-AS, GB)

waust.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:819::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.94.86 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: amung.us

whos.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.230.142 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-230-142.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 188.42.191.196 (Luxembourg) 3 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.29.180.59 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.208.216.178 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.130 (United States) 2 redirects

ASN15169 (GOOGLE, US)

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.212.212.222 (Mountain View, United States) 2 redirects

ASN19527 (GOOGLE-2, US)

rtb-usw.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.105.245.5 (Russian Federation)

ASN7979 (SERVERS-COM, US)

cm.lentainform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.221.74 (United States)

ASN13335 (CLOUDFLARENET, US)

cm.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.201.86.121 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.202.112.159 (United States) 1 redirects

ASN22075 (AS-OUTBRAIN, US)

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.30 (Poland) 2 redirects

ASN204995 (RTB-HOUSE-AMS, NL)

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ams.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	roomedic.com roomedic.com	258 KB
13	mgid.com jsc.mgid.com servicer.mgid.com cm.mgid.com cdn.mgid.com s-img.mgid.com	54 KB
5	bidswitch.net 5 redirects x.bidswitch.net	2 KB
4	googleapis.com ajax.googleapis.com fonts.googleapis.com	36 KB
3	betweendigital.com 3 redirects ads.betweendigital.com	1 KB
3	gstatic.com fonts.gstatic.com	37 KB
3	imgur.com i.imgur.com	76 KB
2	creativecdn.com 2 redirects creativecdn.com ams.creativecdn.com	691 B
2	outbrain.com 1 redirects sync.outbrain.com	820 B
2	mfadsrvr.com 2 redirects rtb-usw.mfadsrvr.com	823 B
2	doubleclick.net 2 redirects cm.g.doubleclick.net	1 KB
2	adsrvr.org 2 redirects match.adsrvr.org	903 B
2	rubiconproject.com 1 redirects secure-assets.rubiconproject.com eus.rubiconproject.com	279 B
1	loopme.me 1 redirects csync.loopme.me	192 B
1	idealmedia.io cm.idealmedia.io	556 B
1	lentainform.com cm.lentainform.com	328 B
1	amung.us whos.amung.us	211 B
1	waust.at waust.at	7 KB
0	mixmarket.biz Failed udata.mixmarket.biz Failed
44	19

	Domain	Requested by
14	roomedic.com	roomedic.com
9	cm.mgid.com	jsc.mgid.com roomedic.com
5	x.bidswitch.net	5 redirects
3	ads.betweendigital.com	3 redirects
3	fonts.gstatic.com	roomedic.com
3	fonts.googleapis.com	roomedic.com jsc.mgid.com
3	i.imgur.com	roomedic.com
2	sync.outbrain.com	1 redirects roomedic.com
2	rtb-usw.mfadsrvr.com	2 redirects
2	cm.g.doubleclick.net	2 redirects
2	match.adsrvr.org	2 redirects
1	ams.creativecdn.com	1 redirects
1	creativecdn.com	1 redirects
1	csync.loopme.me	1 redirects
1	cm.idealmedia.io	roomedic.com
1	cm.lentainform.com	roomedic.com
1	eus.rubiconproject.com	cm.mgid.com
1	secure-assets.rubiconproject.com	1 redirects
1	s-img.mgid.com	roomedic.com
1	cdn.mgid.com	roomedic.com
1	whos.amung.us	waust.at
1	servicer.mgid.com	jsc.mgid.com
1	waust.at	roomedic.com
1	ajax.googleapis.com	roomedic.com
1	jsc.mgid.com	roomedic.com
0	udata.mixmarket.biz Failed	roomedic.com
44	26

This site contains links to these domains. Also see Links.

Domain
widgets.mgid.com
asiandating
whos.amung.us

Subject Issuer	Validity	Valid
*.imgur.com DigiCert SHA2 Secure Server CA	`2020-01-15` - `2022-03-16`	2 years	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-04-07` - `2020-10-09`	6 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-06-17` - `2020-09-09`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-06-17` - `2020-09-09`	3 months	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-02-13` - `2021-02-17`	2 years	crt.sh
*.lentainform.com Go Daddy Secure Certificate Authority - G2	`2020-01-09` - `2021-01-20`	a year	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2019-10-29` - `2021-11-23`	2 years	crt.sh

This page contains 3 frames:

Primary Page: http://roomedic.com/wp/
Frame ID: B8027BBE59F768755D4D5082FCEE9F99
Requests: 43 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=159393361626689234368
Frame ID: 2F5F61A949B0CA31D478979CE2D40222
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Frame ID: EB8F0BC6F2005C14B478F898B4DE4B03
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

44
Requests

61 %
HTTPS

16 %
IPv6

19
Domains

26
Subdomains

13
IPs

7
Countries

469 kB
Transfer

998 kB
Size

1
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://widgets.mgid.com/?utm_source=roomedic.com&utm_medium=referral&utm_campaign=widgets&utm_content=887203

Search URL Search Domain Scan URL

URL: https://asiandating/Dating_An_Asian_Woman_Might_Be_Easier_Than_You_Think

Search URL Search Domain Scan URL

URL: https://whos.amung.us/stats/roomedic/
Title: 27

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu HTTP 302
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

Request Chain 33

https://ads.betweendigital.com/match?bidder_id=43263&callback_url=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D501036%26c%3D%24%7BUSER_ID%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=43263&callback_url=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D501036%26c%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
https://cm.mgid.com/m?cdsp=501036&c=14b68078-4226-52bb-8fdc-d746d0dda876

Request Chain 34

https://x.bidswitch.net/sync?ssp=mgid HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=mgid HTTP 302
https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dmgid%26expires%3D30 HTTP 302
https://x.bidswitch.net/sync?dsp_id=429&user_id=14b68078-4226-52bb-8fdc-d746d0dda876&ssp=mgid&expires=30 HTTP 302
https://cm.mgid.com/m?cdsp=433145&c=909f501f-c643-412e-9141-e46e2f85023b

Request Chain 35

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://cm.mgid.com/m?cdsp=371158&c=3832d13a-4793-4fe8-828c-1cc0af275904&ttl=1596525616

Request Chain 36

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=azY1ZzYzSkRfcWsw&muidn=k65g63JD_qk0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=azY1ZzYzSkRfcWsw&muidn=k65g63JD_qk0&google_tc= HTTP 302
https://cm.mgid.com/google?muidn=k65g63JD_qk0&google_ula={guid},5&google_gid=CAESEGFM1qr5MrVz7n8DWM1t7Sg&google_cver=1

Request Chain 37

https://rtb-usw.mfadsrvr.com/sync?ssp=mgid HTTP 302
https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid HTTP 302
https://cm.mgid.com/m?cdsp=287839&c=0272cc65-539c-4399-a6a4-f75be016460e

Request Chain 40

https://csync.loopme.me/?redirect=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D433143%26c%3D%7Bdevice_id%7D HTTP 307
https://cm.mgid.com/m?cdsp=433143&c=ac85aefd-cb08-4b5f-913c-48656f60fc70

Request Chain 41

https://x.bidswitch.net/sync?dsp_id=303&user_id=k65g63JD_qk0 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=k65g63JD_qk0 HTTP 302
https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=909f501f-c643-412e-9141-e46e2f85023b HTTP 302
https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=909f501f-c643-412e-9141-e46e2f85023b&rdrctExp=true

Request Chain 42

https://creativecdn.com/cm-notify?pi=mgid HTTP 302
https://ams.creativecdn.com/cm-notify?pi=mgid&tc=1 HTTP 302
https://cm.mgid.com/m?cdsp=501037&c=BJqzi3XGeTcIPbpjMcnL&pi=mgid&tc=1

44 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
roomedic.com/wp/ 14 KB
4 KB 331ms
287ms Document
text/html 166.62.77.160
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://roomedic.com/wp/
Protocol: HTTP/1.1
Server: 166.62.77.160 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-166-62-77-160.ip.secureserver.net
Software: Apache /
Resource Hash: f93dbe9c4bbfcc3411da6a2f5338e892df1410826c75191d35f53dcee79f9854

Request headers

Host: roomedic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 05 Jul 2020 07:20:15 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Mon, 04 May 2020 17:12:25 GMT
ETag: "ade00b9-39e5-5a4d5a2874582-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 3739
Keep-Alive: timeout=5
Content-Type: text/html

GET
H/1.1 200
OK common76cb.css
roomedic.com/wp/bundles/ 2 KB
1 KB 164ms
162ms Stylesheet
text/css 166.62.77.160
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://roomedic.com/wp/bundles/common76cb.css
Requested by: Host: roomedic.com
URL: http://roomedic.com/wp/
Protocol: HTTP/1.1
Server: 166.62.77.160 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-166-62-77-160.ip.secureserver.net
Software: Apache /
Resource Hash: 431ad0ea2d86d6a51521d91210ca33b8edde0d5bd044895bada57d18f1030256

Request headers

Referer: http://roomedic.com/wp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 05 Jul 2020 07:20:15 GMT
Content-Encoding: gzip
Last-Modified: Sun, 24 Mar 2019 22:28:44 GMT
Server: Apache
ETag: "ade0527-72e-584de9c555f00-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 826

GET
H/1.1 200
OK voucher_main_style0cee.css
roomedic.com/wp/bundles/ 102 KB
25 KB 324ms
310ms Stylesheet
text/css 166.62.77.160
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://roomedic.com/wp/bundles/voucher_main_style0cee.css
Requested by: Host: roomedic.com
URL: http://roomedic.com/wp/
Protocol: HTTP/1.1
Server: 166.62.77.160 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-166-62-77-160.ip.secureserver.net
Software: Apache /
Resource Hash: 36c330bf83e53385eead4311b9e8258d9846b522e84ed3efe46dd08ca7a8141f

Request headers

Referer: http://roomedic.com/wp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 05 Jul 2020 07:20:15 GMT
Content-Encoding: gzip
Last-Modified: Sun, 24 Mar 2019 22:28:44 GMT
Server: Apache
ETag: "ade0529-196f0-584de9c555f00-gzip"
Vary: Accept-Encoding,User-Agent
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: text/css
Keep-Alive: timeout=5
Content-Length: 25089

GET
H/1.1 200
OK voucher_layout_layout-products0cee.css
roomedic.com/wp/bundles/ 9 KB
2 KB 323ms
310ms Stylesheet
text/css 166.62.77.160
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://roomedic.com/wp/bundles/voucher_layout_layout-products0cee.css
Requested by: Host: roomedic.com
URL: http://roomedic.com/wp/
Protocol: HTTP/1.1
Server: 166.62.77.160 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-166-62-77-160.ip.secureserver.net
Software: Apache /
Resource Hash: aaeb19323ac9b7b2bf34b56ab09741d7d6380eca58718d99cc2c5f2dce919acd

Request headers

Referer: http://roomedic.com/wp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 05 Jul 2020 07:20:15 GMT
Content-Encoding: gzip
Last-Modified: Sun, 24 Mar 2019 22:28:44 GMT
Server: Apache
ETag: "ade052a-23d9-584de9c555f00-gzip"
Vary: Accept-Encoding,User-Agent
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: text/css
Keep-Alive: timeout=5
Content-Length: 1936

GET
H/1.1 200
OK voucher_color_white7c56.css
roomedic.com/wp/bundles/ 6 KB
2 KB 318ms
305ms Stylesheet
text/css 166.62.77.160
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://roomedic.com/wp/bundles/voucher_color_white7c56.css
Requested by: Host: roomedic.com
URL: http://roomedic.com/wp/
Protocol: HTTP/1.1
Server: 166.62.77.160 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-166-62-77-160.ip.secureserver.net
Software: Apache /
Resource Hash: 8360a2b54e3b384b2cdd6dd730af107e088ad7d535b3914e066a91cfadaa38a7

Request headers

Referer: http://roomedic.com/wp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 05 Jul 2020 07:20:15 GMT
Content-Encoding: gzip
Last-Modified: Sun, 24 Mar 2019 22:28:44 GMT
Server: Apache
ETag: "ade052c-1744-584de9c555f00-gzip"
Vary: Accept-Encoding,User-Agent
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: text/css
Keep-Alive: timeout=5
Content-Length: 1279

GET
H/1.1 200
OK voucher_brand_tesco90a7.css
roomedic.com/wp/bundles/ 6 KB
2 KB 328ms
314ms Stylesheet
text/css 166.62.77.160
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://roomedic.com/wp/bundles/voucher_brand_tesco90a7.css
Requested by: Host: roomedic.com
URL: http://roomedic.com/wp/
Protocol: HTTP/1.1
Server: 166.62.77.160 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-166-62-77-160.ip.secureserver.net
Software: Apache /
Resource Hash: 18d3503620e7540b95f8bd5a4fd64f8513c16aff88912950709a58743b8fe148

Request headers

Referer: http://roomedic.com/wp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 05 Jul 2020 07:20:15 GMT
Content-Encoding: gzip
Last-Modified: Sun, 24 Mar 2019 22:28:44 GMT
Server: Apache
ETag: "ade0528-18a8-584de9c555f00-gzip"
Vary: Accept-Encoding,User-Agent
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: text/css
Keep-Alive: timeout=5
Content-Length: 1305

GET
H/1.1 404
Not Found voucher_extra_empty17c9.css
roomedic.com/wp/bundles/ 0
0 321ms
307ms Stylesheet
text/html 166.62.77.160
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://roomedic.com/wp/bundles/voucher_extra_empty17c9.css
Requested by: Host: roomedic.com
URL: http://roomedic.com/wp/
Protocol: HTTP/1.1
Server: 166.62.77.160 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-166-62-77-160.ip.secureserver.net
Software: Apache /
Resource Hash

Request headers

Referer: http://roomedic.com/wp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 05 Jul 2020 07:20:15 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding,User-Agent
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: text/html
Keep-Alive: timeout=5
Content-Length: 857

GET
H2 200 MVEjD0l.png
i.imgur.com/ 7 KB
7 KB 69ms
21ms Image
image/png 151.101.112.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/MVEjD0l.png

Requested by

Host: roomedic.com
URL: http://roomedic.com/wp/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

cfef7c527fcbf2f870ad7b6ba257789c91ca09f1719ef3407452ccaff0f69514

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://roomedic.com/wp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 05 Jul 2020 07:20:16 GMT
x-content-type-options: nosniff
age: 846610
x-cache: HIT, HIT
status: 200
content-length: 7297
x-served-by: cache-bwi5146-BWI, cache-hhn4038-HHN
last-modified: Wed, 13 Mar 2019 19:09:41 GMT
server: cat factory 1.0
x-timer: S1593933616.077741,VS0,VE1
etag: "863d8d68ee32b61d586971c1605f62d7"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 3SV9RZd.jpg
i.imgur.com/ 63 KB
63 KB 80ms
32ms Image
image/jpeg 151.101.112.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/3SV9RZd.jpg

Requested by

Host: roomedic.com
URL: http://roomedic.com/wp/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

fd3dee601851b73a856cf08fdcf76f261ea5d587be8d517535a5d7f5df594601

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://roomedic.com/wp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 05 Jul 2020 07:20:16 GMT
x-content-type-options: nosniff
age: 3290022
x-cache: HIT, HIT
status: 200
content-length: 64739
x-served-by: cache-bwi5123-BWI, cache-hhn4038-HHN
last-modified: Sun, 24 Mar 2019 21:55:21 GMT
server: cat factory 1.0
x-timer: S1593933616.077764,VS0,VE1
etag: "ebf153e17474696f1bbe7c53e74b9e70"
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 roomedic.com.887203.js Show response
jsc.mgid.com/r/o/ 152 KB
41 KB 61ms
24ms Script
text/javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/r/o/roomedic.com.887203.js
Requested by: Host: roomedic.com
URL: http://roomedic.com/wp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b77680701d97e428af184ebba1f3bd9cb14275569a0b4211f53716dc317adb35

Request headers

Referer: http://roomedic.com/wp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 05 Jul 2020 07:20:16 GMT
content-encoding: br
cf-cache-status: HIT
age: 670
cf-polished: origSize=155587
status: 200
last-modified: Fri, 26 Jun 2020 17:37:24 GMT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: CEE83A158F5B6264
x-amz-id-2: 4uH4Nwfthw7C2AuVfOsFL2ORJTkoKa/NgleJt8fipKw54LZKPtWJz8GzceBGadLCIKh8++Bnd7A=
cf-bgj: minify
server: cloudflare
etag: W/"54f3926476d2141e27e1977ca4a7c7c9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cf-request-id: 03bf71ebc00000c769b2189200000001
cf-ray: 5adf528c6889c769-AMS
expires: Sun, 05 Jul 2020 08:20:16 GMT

GET
H2 200 7mgbEX1.png
i.imgur.com/ 5 KB
5 KB 68ms
20ms Image
image/png 151.101.112.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/7mgbEX1.png

Requested by

Host: roomedic.com
URL: http://roomedic.com/wp/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

cd66b3888373bc233e552c8ebb25817f670596175b970b2807e423df91807c6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://roomedic.com/wp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 05 Jul 2020 07:20:16 GMT
x-content-type-options: nosniff
age: 1472559
x-cache: HIT, HIT
status: 200
content-length: 4798
x-served-by: cache-bwi5142-BWI, cache-hhn4038-HHN
last-modified: Wed, 13 Mar 2019 19:34:41 GMT
server: cat factory 1.0
x-timer: S1593933616.077711,VS0,VE0
etag: "5bc5bf5cb7828c0d57b3e8a1896e0cc1"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 4

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ 94 KB
33 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js

Requested by

Host: roomedic.com
URL: http://roomedic.com/wp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://roomedic.com/wp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 17:47:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2122363
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33507
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Jun 2021 17:47:32 GMT

GET
H/1.1 200
OK custom.min.js Show response
roomedic.com/wp/js/ 3 KB
1 KB 165ms
164ms Script
application/javascript 166.62.77.160
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://roomedic.com/wp/js/custom.min.js
Requested by: Host: roomedic.com
URL: http://roomedic.com/wp/
Protocol: HTTP/1.1
Server: 166.62.77.160 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-166-62-77-160.ip.secureserver.net
Software: Apache /
Resource Hash: d163bd6abae55d6c9c54a87ad21240edb528c62a6f292a786a95f4642d09ea45

Request headers

Referer: http://roomedic.com/wp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 05 Jul 2020 07:20:15 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 Apr 2019 09:12:53 GMT
Server: Apache
ETag: "ade052d-a7e-5859ca89170f3-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 1009

GET
H/1.1 404
Not Found 3ruqw.js
roomedic.com/wp/js/ 0
0 160ms
159ms Script
text/html 166.62.77.160
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://roomedic.com/wp/js/3ruqw.js
Requested by: Host: roomedic.com
URL: http://roomedic.com/wp/
Protocol: HTTP/1.1
Server: 166.62.77.160 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-166-62-77-160.ip.secureserver.net
Software: Apache /
Resource Hash

Request headers

Referer: http://roomedic.com/wp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 05 Jul 2020 07:20:16 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/html
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 857

GET
H/1.1 200
OK voucherf0c9.js Show response
roomedic.com/wp/bundles/ 1 KB
859 B 162ms
161ms Script
application/javascript 166.62.77.160
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://roomedic.com/wp/bundles/voucherf0c9.js
Requested by: Host: roomedic.com
URL: http://roomedic.com/wp/
Protocol: HTTP/1.1
Server: 166.62.77.160 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-166-62-77-160.ip.secureserver.net
Software: Apache /
Resource Hash: a13aebf084843821a7e48cae56494746d9c8cfc7598e67122bc8fe29607d23a0

Request headers

Referer: http://roomedic.com/wp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 05 Jul 2020 07:20:16 GMT
Content-Encoding: gzip
Last-Modified: Sun, 24 Mar 2019 22:28:44 GMT
Server: Apache
ETag: "ade052b-492-584de9c555f00-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 515

GET
H/1.1 200
OK d.js Show response
waust.at/ 13 KB
7 KB 45ms
30ms Script
application/x-javascript 185.225.208.133
UK2NET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://waust.at/d.js
Requested by: Host: roomedic.com
URL: http://roomedic.com/wp/
Protocol: HTTP/1.1
Server: 185.225.208.133 , Germany, ASN13213 (UK2NET-AS, GB),
Reverse DNS
Software: /
Resource Hash: 21092efadab949c3ad748e1c67c0e5f14eaab93275d2f1ba142464ef02a3735a

Request headers

Referer: http://roomedic.com/wp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 05 Jul 2020 07:20:16 GMT
Content-Encoding: gzip
Last-Modified: Sun, 14 Jun 2020 19:57:35 GMT
ETag: W/"5ee6812f-32f2"
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400, private
Connection: keep-alive
Expires: Mon, 06 Jul 2020 07:20:16 GMT

GET
H2 200 css
fonts.googleapis.com/ 35 KB
1 KB 15ms
15ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i

Requested by

Host: roomedic.com
URL: http://roomedic.com/wp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ba6a04fe8e549687a74fe53d14f44185cf1a62b2e7da4a16a573c367d89819ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://roomedic.com/wp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 05 Jul 2020 07:12:45 GMT
server: ESF
date: Sun, 05 Jul 2020 07:20:16 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 05 Jul 2020 07:20:16 GMT

GET
H/1.1 200
OK ProximaNovaBlack.woff
roomedic.com/wp/bundles/9eeec628/fonts/ProximaNovaBlack/ 73 KB
74 KB 181ms
180ms Font
font/woff 166.62.77.160
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://roomedic.com/wp/bundles/9eeec628/fonts/ProximaNovaBlack/ProximaNovaBlack.woff
Requested by: Host: roomedic.com
URL: http://roomedic.com/wp/
Protocol: HTTP/1.1
Server: 166.62.77.160 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-166-62-77-160.ip.secureserver.net
Software: Apache /
Resource Hash: 9792b461aa580c367d843488154f6aec8f4c706d7696c8408d718fb8ee348c2a

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://roomedic.com/wp/bundles/voucher_brand_tesco90a7.css
Origin: http://roomedic.com

Response headers

Date: Sun, 05 Jul 2020 07:20:16 GMT
Content-Encoding: gzip
Last-Modified: Thu, 25 Jul 2019 01:58:37 GMT
Server: Apache
ETag: "ae20348-125bc-58e77c397fce1-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: font/woff
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5

GET
H/1.1 200
OK ProximaNovaRegular.ttf
roomedic.com/wp/bundles/9eeec628/fonts/ProximaNovaRegular/ 181 KB
78 KB 184ms
183ms Font
font/ttf 166.62.77.160
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://roomedic.com/wp/bundles/9eeec628/fonts/ProximaNovaRegular/ProximaNovaRegular.ttf
Requested by: Host: roomedic.com
URL: http://roomedic.com/wp/
Protocol: HTTP/1.1
Server: 166.62.77.160 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-166-62-77-160.ip.secureserver.net
Software: Apache /
Resource Hash: e9a809715bfd7ca139515f13c1c121e7f18cf43dca83407459353c3843fd159b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://roomedic.com/wp/bundles/voucher_brand_tesco90a7.css
Origin: http://roomedic.com

Response headers

Date: Sun, 05 Jul 2020 07:20:16 GMT
Content-Encoding: gzip
Last-Modified: Thu, 25 Jul 2019 01:58:37 GMT
Server: Apache
ETag: "ae2034a-2d398-58e77c39800c9-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: font/ttf
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5

GET
H/1.1 404
Not Found ProximaNovaBold.woff
roomedic.com/wp/bundles/9eeec628/fonts/ProximaNovaBold/ 0
0 148ms
147ms Font
text/html 166.62.77.160
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://roomedic.com/wp/bundles/9eeec628/fonts/ProximaNovaBold/ProximaNovaBold.woff
Requested by: Host: roomedic.com
URL: http://roomedic.com/wp/
Protocol: HTTP/1.1
Server: 166.62.77.160 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-166-62-77-160.ip.secureserver.net
Software: Apache /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://roomedic.com/wp/bundles/voucher_brand_tesco90a7.css
Origin: http://roomedic.com

Response headers

Date: Sun, 05 Jul 2020 07:20:16 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/html
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 857

GET
H2 200 JTURjIg1_i6t8kCHKm45_bZF3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v14/ 13 KB
13 KB 7ms
5ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_bZF3gnD_vx3rCs.woff2

Requested by

Host: roomedic.com
URL: http://roomedic.com/wp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6de304c233a1b4d07424cb88ba16dc46fb015b3f659cdb2b2357e96af161082

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Montserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i
Origin: http://roomedic.com

Response headers

date: Thu, 11 Jun 2020 20:56:42 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:46:50 GMT
server: sffe
age: 2024614
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13464
x-xss-protection: 0
expires: Fri, 11 Jun 2021 20:56:42 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v14/ 13 KB
13 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2

Requested by

Host: roomedic.com
URL: http://roomedic.com/wp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Montserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i
Origin: http://roomedic.com

Response headers

date: Fri, 12 Jun 2020 00:31:20 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:47:06 GMT
server: sffe
age: 2011736
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13612
x-xss-protection: 0
expires: Sat, 12 Jun 2021 00:31:20 GMT

GET
H2 200 css
fonts.googleapis.com/ 25 KB
1 KB 15ms
14ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/r/o/roomedic.com.887203.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a20070fc475f7befb15e531f7212f19fa7502ee9a53fcabf36d42a09ac9260b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://roomedic.com/wp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 05 Jul 2020 06:54:14 GMT
server: ESF
date: Sun, 05 Jul 2020 07:20:16 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 05 Jul 2020 07:20:16 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
649 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/r/o/roomedic.com.887203.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a8252492db56de6a43a1e52010746aa4b09c216f522dfaa82a62169a811e3405

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://roomedic.com/wp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 05 Jul 2020 05:26:02 GMT
server: ESF
date: Sun, 05 Jul 2020 07:20:16 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 05 Jul 2020 07:20:16 GMT

GET
DATA 200
OK truncated
/ 632 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b31062abec9d4536524232f02801803517829af29b44c85b59696d52bc7107cc

Request headers

Referer: http://roomedic.com/wp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: roomedic.com
URL: http://roomedic.com/wp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese
Origin: http://roomedic.com

Response headers

date: Wed, 10 Jun 2020 14:25:07 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 2134509
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11020
x-xss-protection: 0
expires: Thu, 10 Jun 2021 14:25:07 GMT

GET
H/1.1 200
OK ProximaNovaBold.ttf
roomedic.com/wp/bundles/9eeec628/fonts/ProximaNovaBold/ 152 KB
68 KB 160ms
160ms Font
font/ttf 166.62.77.160
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://roomedic.com/wp/bundles/9eeec628/fonts/ProximaNovaBold/ProximaNovaBold.ttf
Requested by: Host: roomedic.com
URL: http://roomedic.com/wp/
Protocol: HTTP/1.1
Server: 166.62.77.160 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-166-62-77-160.ip.secureserver.net
Software: Apache /
Resource Hash: 051ba0d98fec3d3c568092083961be8255dcf5338e1c05017cc0e25a5f8d5762

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://roomedic.com/wp/bundles/voucher_brand_tesco90a7.css
Origin: http://roomedic.com

Response headers

Date: Sun, 05 Jul 2020 07:20:16 GMT
Content-Encoding: gzip
Last-Modified: Thu, 25 Jul 2019 01:58:37 GMT
Server: Apache
ETag: "ae2033c-25ed8-58e77c397ed41-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: font/ttf
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5

GET
H2 200 1 Show response
servicer.mgid.com/887203/ 907 B
966 B 68ms
65ms Script
application/x-javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/887203/1?w=340&h=311&cols=1&pv=5&cbuster=1593933616186203432017&uniqId=067c2&niet=4g&nisd=false&ref=&lu=http%3A%2F%2Froomedic.com%2Fwp%2F%23&pageView=1&pvid=1731dd8d43b806411e0&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/r/o/roomedic.com.887203.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9348e911568d75cd7a2f577303ba41cb7627baa749a811681bcbb92eb82bb600

Request headers

Referer: http://roomedic.com/wp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Jul 2020 07:20:16 GMT
content-encoding: br
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5adf528d39c9c769-AMS
content-type: application/x-javascript; charset=utf-8
cf-request-id: 03bf71ec450000c769b2193200000001

GET
H/1.1 200
OK / Show response
whos.amung.us/pingjs/ 27 B
211 B 229ms
214ms Script
text/javascript 67.202.94.86
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: http://whos.amung.us/pingjs/?k=roomedic&t=Whatsapp%20Offers%201000GB%20Free%20Internet!&c=d&y=&a=0&r=5159
Requested by: Host: waust.at
URL: http://waust.at/d.js
Protocol: HTTP/1.1
Server: 67.202.94.86 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS: amung.us
Software: /
Resource Hash: 870a9f9aef573b3df91ee22e994465fe298c3ca69998fa17e43fe02ed1d9fba2

Request headers

Referer: http://roomedic.com/wp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 05 Jul 2020 07:20:16 GMT
content-encoding: gzip
transfer-encoding: chunked
content-type: text/javascript;charset=UTF-8

GET
H2 200 i.js Show response
cm.mgid.com/ 2 KB
776 B 64ms
62ms Script
application/javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i.js?cbuster=1593933616261700180795
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/r/o/roomedic.com.887203.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ce4ab9f107e5bf3b85e11c8f9806c41bba513706ada3cba946bbc655da9eb9d

Request headers

Referer: http://roomedic.com/wp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Jul 2020 07:20:16 GMT
content-encoding: br
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5adf528dbaa2c769-AMS
content-type: application/javascript
cf-request-id: 03bf71ec8e0000c769b2199200000001

GET
H2 200 i-noref.js Show response
cm.mgid.com/ Frame 2F5F 186 B
373 B 70ms
69ms Script
application/javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i-noref.js?cbuster=159393361626689234368
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/r/o/roomedic.com.887203.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e83fc3dc542e7be4f58dea74a3d729956bf590acec4c8521de9dc8a74b276c6

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Jul 2020 07:20:16 GMT
content-encoding: br
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5adf528dbaa7c769-AMS
content-type: application/javascript
cf-request-id: 03bf71ec920000c769b219a200000001

GET
H2 200 ByMGID.svg
cdn.mgid.com/images/logos/ 2 KB
1 KB 21ms
19ms Image
image/svg+xml 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/ByMGID.svg
Requested by: Host: roomedic.com
URL: http://roomedic.com/wp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aae80a8125affd8e33409d76e77ae2918d62c2028ee68e0d9fd6093d41ca0aad

Request headers

Referer: http://roomedic.com/wp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 05 Jul 2020 07:20:16 GMT
content-encoding: br
cf-cache-status: HIT
age: 142
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: EDD0957952C83C96
x-amz-id-2: 5KTvy9umK7Q9q7ayYfRhARbIRy2XVYo4Q/XpLliaGD20EGMrNCeynM9vzhfKBPhTvzrfw18tEFk=
last-modified: Thu, 07 May 2020 09:36:25 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1588844166/ctime:1588844166/gid:0/gname:root/md5:17534e4d893e6f9d5f70f8483530ae6e/mode:33206/mtime:1588844166/uid:0/uname:root
etag: W/"17534e4d893e6f9d5f70f8483530ae6e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cf-request-id: 03bf71ec990000c769b219c200000001
cf-ray: 5adf528dcaaec769-AMS

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDMvMTk5MTU3Lzk0YzRiZGE3NTFiM2FiYjM2MDYwN2ZlMWIyNjhkMDkwLmpwZw**.webp
s-img.mgid.com/g/5395040/492x328/0x0x587x391/ 8 KB
8 KB 21ms
20ms Image
image/webp 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/5395040/492x328/0x0x587x391/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDMvMTk5MTU3Lzk0YzRiZGE3NTFiM2FiYjM2MDYwN2ZlMWIyNjhkMDkwLmpwZw**.webp
Requested by: Host: roomedic.com
URL: http://roomedic.com/wp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1714dbc88846ee7da32f4d72710ab9e512743acf2b8b3d7bcf0f6b0d4543f723

Request headers

Referer: http://roomedic.com/wp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 05 Jul 2020 07:20:16 GMT
cf-cache-status: HIT
age: 3714878
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8140
cf-request-id: 03bf71ec990000c769b219d200000001
last-modified: Wed, 22 Apr 2020 07:13:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5adf528dcaafc769-AMS
cf-bgj: h2pri

GET
H/1.1

200
OK

usync.html
eus.rubiconproject.com/ Frame EB8F
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

0
0

66ms
22ms

Document
text/html

104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Requested by: Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?cbuster=1593933616261700180795
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.230.142 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://roomedic.com/wp/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://roomedic.com/wp/

Response headers

Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Fri, 29 May 2020 23:03:21 GMT
Content-Encoding: gzip
Content-Length: 9233
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=82444
Expires: Mon, 06 Jul 2020 06:14:20 GMT
Date: Sun, 05 Jul 2020 07:20:16 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Date: Sun, 05 Jul 2020 07:20:16 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=43263&callback_url=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D501036%26c%3D%24%7BUSER_ID%7D
https://ads.betweendigital.com/match?bidder_id=43263&callback_url=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D501036%26c%3D%24%7BUSER_ID%7D&crf=1
https://cm.mgid.com/m?cdsp=501036&c=14b68078-4226-52bb-8fdc-d746d0dda876

43 B
316 B

69ms
69ms

Image
image/gif

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=501036&c=14b68078-4226-52bb-8fdc-d746d0dda876
Requested by: Host: roomedic.com
URL: http://roomedic.com/wp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: http://roomedic.com/wp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Jul 2020 07:20:16 GMT
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5adf528ebc24c769-AMS
content-type: image/gif
cf-request-id: 03bf71ed360000c769b21a8200000001

Redirect headers

status: 302
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
location: https://cm.mgid.com/m?cdsp=501036&c=14b68078-4226-52bb-8fdc-d746d0dda876

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://x.bidswitch.net/sync?ssp=mgid
https://x.bidswitch.net/ul_cb/sync?ssp=mgid
https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dmgid%26expires%3D30
https://x.bidswitch.net/sync?dsp_id=429&user_id=14b68078-4226-52bb-8fdc-d746d0dda876&ssp=mgid&expires=30
https://cm.mgid.com/m?cdsp=433145&c=909f501f-c643-412e-9141-e46e2f85023b

43 B
300 B

65ms
65ms

Image
image/gif

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=433145&c=909f501f-c643-412e-9141-e46e2f85023b
Requested by: Host: roomedic.com
URL: http://roomedic.com/wp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: http://roomedic.com/wp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Jul 2020 07:20:16 GMT
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5adf528f0cb3c769-AMS
content-type: image/gif
cf-request-id: 03bf71ed630000c769b21b9200000001

Redirect headers

status: 302
date: Sun, 05 Jul 2020 07:20:16 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
location: //cm.mgid.com/m?cdsp=433145&c=909f501f-c643-412e-9141-e46e2f85023b
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1
https://cm.mgid.com/m?cdsp=371158&c=3832d13a-4793-4fe8-828c-1cc0af275904&ttl=1596525616

43 B
182 B

74ms
74ms

Image
image/gif

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=371158&c=3832d13a-4793-4fe8-828c-1cc0af275904&ttl=1596525616
Requested by: Host: roomedic.com
URL: http://roomedic.com/wp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: http://roomedic.com/wp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Jul 2020 07:20:16 GMT
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5adf528efc81c769-AMS
content-type: image/gif
cf-request-id: 03bf71ed560000c769b21b7200000001

Redirect headers

pragma: no-cache
date: Sun, 05 Jul 2020 07:20:16 GMT
x-aspnet-version: 4.0.30319
status: 302
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.mgid.com/m?cdsp=371158&c=3832d13a-4793-4fe8-828c-1cc0af275904&ttl=1596525616
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 205

GET
H2

200

google
cm.mgid.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=azY1ZzYzSkRfcWsw&muidn=k65g63JD_qk0
https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=azY1ZzYzSkRfcWsw&muidn=k65g63JD_qk0&google_tc=
https://cm.mgid.com/google?muidn=k65g63JD_qk0&google_ula={guid},5&google_gid=CAESEGFM1qr5MrVz7n8DWM1t7Sg&google_cver=1

0
240 B

63ms
63ms

Image
text/plain

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/google?muidn=k65g63JD_qk0&google_ula={guid},5&google_gid=CAESEGFM1qr5MrVz7n8DWM1t7Sg&google_cver=1
Requested by: Host: roomedic.com
URL: http://roomedic.com/wp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://roomedic.com/wp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Jul 2020 07:20:16 GMT
content-encoding: br
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5adf528ecc38c769-AMS
content-type: text/plain
cf-request-id: 03bf71ed3f0000c769b21aa200000001

Redirect headers

pragma: no-cache
date: Sun, 05 Jul 2020 07:20:16 GMT
server: HTTP server (unknown)
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.mgid.com/google?muidn=k65g63JD_qk0&google_ula={guid},5&google_gid=CAESEGFM1qr5MrVz7n8DWM1t7Sg&google_cver=1
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 327
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://rtb-usw.mfadsrvr.com/sync?ssp=mgid
https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid
https://cm.mgid.com/m?cdsp=287839&c=0272cc65-539c-4399-a6a4-f75be016460e

43 B
324 B

63ms
62ms

Image
image/gif

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=287839&c=0272cc65-539c-4399-a6a4-f75be016460e
Requested by: Host: roomedic.com
URL: http://roomedic.com/wp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: http://roomedic.com/wp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Jul 2020 07:20:17 GMT
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5adf529289dec769-AMS
content-type: image/gif
cf-request-id: 03bf71ef950000c769b21e3200000001

Redirect headers

date: Sun, 05 Jul 2020 07:20:16 GMT
via: 1.1 google
status: 302
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: //cm.mgid.com/m?cdsp=287839&c=0272cc65-539c-4399-a6a4-f75be016460e
cache-control: no-cache, no-store, must-revalidate
alt-svc: clear
content-length: 0

GET
H2 200 /
cm.lentainform.com/setmuidn/ 0
328 B 184ms
58ms Image
image/gif 23.105.245.5
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.lentainform.com/setmuidn/?muidf=k65g63JD_qk0
Requested by: Host: roomedic.com
URL: http://roomedic.com/wp/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.105.245.5 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.19.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://roomedic.com/wp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Jul 2020 07:20:16 GMT
server: nginx/1.19.0
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif

GET
H2 200 /
cm.idealmedia.io/setmuidn/ 0
556 B 102ms
64ms Image
image/gif 104.16.221.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.idealmedia.io/setmuidn/?muidf=k65g63JD_qk0
Requested by: Host: roomedic.com
URL: http://roomedic.com/wp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.221.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://roomedic.com/wp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Jul 2020 07:20:16 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5adf528e5801d8d5-AMS
content-type: image/gif
cf-request-id: 03bf71ecf80000d8d5fc9c0200000001

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://csync.loopme.me/?redirect=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D433143%26c%3D%7Bdevice_id%7D
https://cm.mgid.com/m?cdsp=433143&c=ac85aefd-cb08-4b5f-913c-48656f60fc70

43 B
182 B

62ms
61ms

Image
image/gif

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=433143&c=ac85aefd-cb08-4b5f-913c-48656f60fc70
Requested by: Host: roomedic.com
URL: http://roomedic.com/wp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: http://roomedic.com/wp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Jul 2020 07:20:16 GMT
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5adf528ecc35c769-AMS
content-type: image/gif
cf-request-id: 03bf71ed3f0000c769b21a9200000001

Redirect headers

status: 307
date: Sun, 05 Jul 2020 07:20:16 GMT
content-length: 0
location: https://cm.mgid.com/m?cdsp=433143&c=ac85aefd-cb08-4b5f-913c-48656f60fc70

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=303&user_id=k65g63JD_qk0
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=k65g63JD_qk0
https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=909f501f-c643-412e-9141-e46e2f85023b
https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=909f501f-c643-412e-9141-e46e2f85023b&rdrctExp=true

0
470 B

94ms
94ms

Image
text/plain

64.202.112.159
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=909f501f-c643-412e-9141-e46e2f85023b&rdrctExp=true
Requested by: Host: roomedic.com
URL: http://roomedic.com/wp/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://roomedic.com/wp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 05 Jul 2020 07:20:16 GMT
Cache-Control: no-cache
X-TraceId: c9e906b73f4a2b6723996b339d62ab3b
Content-Length: 0

Redirect headers

Location: https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=909f501f-c643-412e-9141-e46e2f85023b&rdrctExp=true
Date: Sun, 05 Jul 2020 07:20:16 GMT
X-TraceId: a1d8f27390af064580218f55e9581a40
Content-Length: 0

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://creativecdn.com/cm-notify?pi=mgid
https://ams.creativecdn.com/cm-notify?pi=mgid&tc=1
https://cm.mgid.com/m?cdsp=501037&c=BJqzi3XGeTcIPbpjMcnL&pi=mgid&tc=1

43 B
229 B

64ms
63ms

Image
image/gif

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=501037&c=BJqzi3XGeTcIPbpjMcnL&pi=mgid&tc=1
Requested by: Host: roomedic.com
URL: http://roomedic.com/wp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: http://roomedic.com/wp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Jul 2020 07:20:16 GMT
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5adf528f2cdfc769-AMS
content-type: image/gif
cf-request-id: 03bf71ed750000c769b21bb200000001

Redirect headers

status: 302
pragma: no-cache
date: Sun, 05 Jul 2020 07:20:16 GMT, Sun, 05 Jul 2020 07:20:16 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
location: https://cm.mgid.com/m?cdsp=501037&c=BJqzi3XGeTcIPbpjMcnL&pi=mgid&tc=1
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET tr.php
udata.mixmarket.biz/ Frame 2F5F 0
0

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6f4587fb64cd2e7ce26ba21941c80f3ab8d28c257b73d04a87c949b32e4cde2d

Request headers

Referer: http://roomedic.com/wp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: udata.mixmarket.biz
URL: https://udata.mixmarket.biz/tr.php?syncnet=28&cb=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D311971%26mode%3Dinverse%26c%3D%24UID

Verdicts & Comments Add Verdict or Comment

78 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			roomedic.com/	1969-12-31 23:59:59	Name: MarketGidStorage Value: %7B%220%22%3A%7B%7D%2C%22C887203%22%3A%7B%22page%22%3A1%2C%22time%22%3A1593933616259%7D%7D

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://jsc.mgid.com/r/o/roomedic.com.887203.js(Line 9) Message: [object HTMLImageElement]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.betweendigital.com
ajax.googleapis.com
ams.creativecdn.com
cdn.mgid.com
cm.g.doubleclick.net
cm.idealmedia.io
cm.lentainform.com
cm.mgid.com
creativecdn.com
csync.loopme.me
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
i.imgur.com
jsc.mgid.com
match.adsrvr.org
roomedic.com
rtb-usw.mfadsrvr.com
s-img.mgid.com
secure-assets.rubiconproject.com
servicer.mgid.com
sync.outbrain.com
udata.mixmarket.biz
waust.at
whos.amung.us
x.bidswitch.net
udata.mixmarket.biz
104.111.230.142
104.16.221.74
104.19.135.78
138.201.86.121
151.101.112.193
166.62.77.160
172.217.16.130
185.184.8.30
185.225.208.133
188.42.191.196
23.105.245.5
2a00:1450:4001:801::200a
2a00:1450:4001:809::200a
2a00:1450:4001:819::2003
35.212.212.222
52.208.216.178
52.29.180.59
64.202.112.159
67.202.94.86
051ba0d98fec3d3c568092083961be8255dcf5338e1c05017cc0e25a5f8d5762
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
1714dbc88846ee7da32f4d72710ab9e512743acf2b8b3d7bcf0f6b0d4543f723
18d3503620e7540b95f8bd5a4fd64f8513c16aff88912950709a58743b8fe148
21092efadab949c3ad748e1c67c0e5f14eaab93275d2f1ba142464ef02a3735a
36c330bf83e53385eead4311b9e8258d9846b522e84ed3efe46dd08ca7a8141f
431ad0ea2d86d6a51521d91210ca33b8edde0d5bd044895bada57d18f1030256
4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8
6f4587fb64cd2e7ce26ba21941c80f3ab8d28c257b73d04a87c949b32e4cde2d
7ce4ab9f107e5bf3b85e11c8f9806c41bba513706ada3cba946bbc655da9eb9d
7e83fc3dc542e7be4f58dea74a3d729956bf590acec4c8521de9dc8a74b276c6
8360a2b54e3b384b2cdd6dd730af107e088ad7d535b3914e066a91cfadaa38a7
870a9f9aef573b3df91ee22e994465fe298c3ca69998fa17e43fe02ed1d9fba2
9348e911568d75cd7a2f577303ba41cb7627baa749a811681bcbb92eb82bb600
9792b461aa580c367d843488154f6aec8f4c706d7696c8408d718fb8ee348c2a
a13aebf084843821a7e48cae56494746d9c8cfc7598e67122bc8fe29607d23a0
a20070fc475f7befb15e531f7212f19fa7502ee9a53fcabf36d42a09ac9260b2
a6de304c233a1b4d07424cb88ba16dc46fb015b3f659cdb2b2357e96af161082
a8252492db56de6a43a1e52010746aa4b09c216f522dfaa82a62169a811e3405
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aae80a8125affd8e33409d76e77ae2918d62c2028ee68e0d9fd6093d41ca0aad
aaeb19323ac9b7b2bf34b56ab09741d7d6380eca58718d99cc2c5f2dce919acd
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
b31062abec9d4536524232f02801803517829af29b44c85b59696d52bc7107cc
b77680701d97e428af184ebba1f3bd9cb14275569a0b4211f53716dc317adb35
ba6a04fe8e549687a74fe53d14f44185cf1a62b2e7da4a16a573c367d89819ea
cd66b3888373bc233e552c8ebb25817f670596175b970b2807e423df91807c6b
cfef7c527fcbf2f870ad7b6ba257789c91ca09f1719ef3407452ccaff0f69514
d163bd6abae55d6c9c54a87ad21240edb528c62a6f292a786a95f4642d09ea45
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9a809715bfd7ca139515f13c1c121e7f18cf43dca83407459353c3843fd159b
f93dbe9c4bbfcc3411da6a2f5338e892df1410826c75191d35f53dcee79f9854
fd3dee601851b73a856cf08fdcf76f261ea5d587be8d517535a5d7f5df594601

roomedic.com Open in urlscan Pro 166.62.77.160 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

44 Requests

61 %HTTPS

16 %IPv6

19 Domains

26 Subdomains

13 IPs

7 Countries

469 kBTransfer

998 kBSize

1 Cookies

3 Outgoing links

Redirected requests

44 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

roomedic.com Open in urlscan Pro
166.62.77.160 Public Scan

Screenshot
Live screenshot

Full Image

44
Requests

61 %
HTTPS

16 %
IPv6

19
Domains

26
Subdomains

13
IPs

7
Countries

469 kB
Transfer

998 kB
Size

1
Cookies

44 HTTP transactions
2 data transactions